mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-15 17:51:20 +00:00
ed58e78302
* fix package vulnerabilities Signed-off-by: Jim Bugwadia <jim@nirmata.com> * force update Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update workflows Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update workflows Signed-off-by: Jim Bugwadia <jim@nirmata.com> * update Go version Signed-off-by: Jim Bugwadia <jim@nirmata.com> * disable FOSSA check Signed-off-by: Jim Bugwadia <jim@nirmata.com>
187 lines
4.3 KiB
YAML
187 lines
4.3 KiB
YAML
name: build
|
|
on:
|
|
push:
|
|
branches:
|
|
- 'main'
|
|
- 'release*'
|
|
pull_request:
|
|
branches:
|
|
- 'main'
|
|
- 'release*'
|
|
|
|
jobs:
|
|
pre-checks:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Unshallow
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.16
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v1
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: gofmt check
|
|
run: |
|
|
if [ "$(gofmt -s -l . | wc -l)" -ne 0 ]
|
|
then
|
|
echo "The following files were found to be not go formatted:"
|
|
gofmt -s -l .
|
|
echo "Please run 'make fmt' to go format the above files."
|
|
exit 1
|
|
fi
|
|
|
|
- name: golangci-lint
|
|
uses: reviewdog/action-golangci-lint@v1
|
|
|
|
- name: Checking unused pkgs using go mod tidy
|
|
run: |
|
|
make unused-package-check
|
|
|
|
build-init-kyverno:
|
|
runs-on: ubuntu-latest
|
|
needs: pre-checks
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Unshallow
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.16
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v1
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
id: buildx
|
|
with:
|
|
install: true
|
|
|
|
- name: docker images build
|
|
run: |
|
|
make docker-build-initContainer
|
|
|
|
build-kyverno:
|
|
runs-on: ubuntu-latest
|
|
needs: pre-checks
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Unshallow
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.16
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v1
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
id: buildx
|
|
with:
|
|
install: true
|
|
|
|
- name: docker images build
|
|
run: |
|
|
make docker-build-kyverno
|
|
|
|
- name: Trivy Scan Image
|
|
uses: aquasecurity/trivy-action@master
|
|
with:
|
|
image-ref: 'ghcr.io/kyverno/kyverno:latest'
|
|
format: 'table'
|
|
exit-code: '1'
|
|
ignore-unfixed: true
|
|
vuln-type: 'os,library'
|
|
severity: 'CRITICAL,HIGH'
|
|
|
|
build-kyverno-cli:
|
|
runs-on: ubuntu-latest
|
|
needs: pre-checks
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Unshallow
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.16
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v1
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
id: buildx
|
|
with:
|
|
install: true
|
|
|
|
- name: docker images build
|
|
run: |
|
|
make docker-build-cli
|
|
|
|
tests:
|
|
runs-on: ubuntu-latest
|
|
needs: pre-checks
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Unshallow
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.16
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v1
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Kyverno unit test
|
|
run: |
|
|
export PROJECT_PATH=$(pwd)
|
|
make test-unit
|