fix: update on-pull and on-push pipelines #1846
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Validate PRs | |
on: | |
pull_request: | |
branches: [ main ] | |
jobs: | |
go: | |
name: Check sources | |
runs-on: ubuntu-20.04 | |
env: | |
OPERATOR_SDK_VERSION: v1.14.0 | |
PR_CHECK: true | |
steps: | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v2 | |
with: | |
go-version: 1.21 | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Cache Operator SDK ${{ env.OPERATOR_SDK_VERSION }} | |
uses: actions/cache@v2 | |
id: cache-operator-sdk | |
with: | |
path: ~/cache | |
key: operator-sdk-${{ env.OPERATOR_SDK_VERSION }} | |
- name: Download Operator SDK ${{ env.OPERATOR_SDK_VERSION }} | |
if: steps.cache-operator-sdk.outputs.cache-hit != 'true' | |
run: | | |
mkdir -p ~/cache | |
wget https://github.com/operator-framework/operator-sdk/releases/download/${OPERATOR_SDK_VERSION}/operator-sdk_linux_amd64 -O ~/cache/operator-sdk-${OPERATOR_SDK_VERSION} > /dev/null -O ~/cache/operator-sdk-${OPERATOR_SDK_VERSION} > /dev/null | |
chmod +x ~/cache/operator-sdk-${OPERATOR_SDK_VERSION} | |
- name: Install Operator SDK ${{ env.OPERATOR_SDK_VERSION }} | |
run: | | |
mkdir -p ~/bin | |
cp ~/cache/operator-sdk-${OPERATOR_SDK_VERSION} ~/bin/operator-sdk | |
echo "$HOME/bin" >> $GITHUB_PATH | |
- name: Cache go modules | |
id: cache-mod | |
uses: actions/cache@v2 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Download dependencies | |
run: go mod download | |
if: steps.cache-mod.outputs.cache-hit != 'true' | |
- name: Check go mod status | |
run: | | |
go mod tidy | |
if [[ ! -z $(git status -s) ]] | |
then | |
echo "Go mod state is not clean:" | |
git --no-pager diff | |
exit 1 | |
fi | |
- name: Check format | |
run: | | |
go install github.com/google/addlicense@latest | |
go install golang.org/x/tools/cmd/[email protected] | |
git reset HEAD --hard | |
make check_fmt | |
if [[ $? != 0 ]] | |
then | |
echo "not well formatted sources are found:" | |
git --no-pager diff | |
exit 1 | |
fi | |
- uses: dominikh/[email protected] | |
with: | |
#version: "2022.1.3" | |
version: "latest" | |
install-go: false | |
- name: Check manifests | |
run: | | |
# Note: fmt is necessary after generate since generated sources will | |
# fail format check by default. | |
make generate fmt manifests | |
if [[ ! -z $(git status -s) ]] | |
then | |
echo "generated sources are not up to date:" | |
git --no-pager diff | |
exit 1 | |
fi | |
- name: Run Go Tests | |
run: | | |
# Temporarily adding a pact-go installation. | |
# It should be gone once https://issues.redhat.com/browse/HAC-4879 is solved | |
go get github.com/pact-foundation/pact-go/[email protected] | |
go install github.com/pact-foundation/pact-go/[email protected] | |
sudo /home/runner/go/bin/pact-go -l DEBUG install | |
make test | |
- name: Check if Manager Kustomize has the right image | |
run: | | |
./check-manager-kustomize.sh | |
exit $? | |
- name: Upload coverage to Codecov | |
uses: codecov/[email protected] | |
- name: Run Gosec Security Scanner | |
run: | | |
go install github.com/securego/gosec/v2/cmd/[email protected] | |
make gosec | |
if [[ $? != 0 ]] | |
then | |
echo "gosec scanner failed to run " | |
exit 1 | |
fi | |
- name: Upload SARIF file | |
uses: github/codeql-action/upload-sarif@v2 | |
with: | |
# Path to SARIF file relative to the root of the repository | |
sarif_file: gosec.sarif | |
- name: Upload coverage to Codecov | |
uses: codecov/[email protected] | |
docker: | |
name: Check docker build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Check if dockerimage build is working | |
run: docker build -f ./Dockerfile . | |
kube-linter: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Create ./.kube-linter/ for deployment files | |
shell: bash | |
run: mkdir -p ./.kube-linter/ && touch .kube-linter/manifests.yaml | |
- name: Generate manifests for scan | |
shell: bash | |
run: kustomize build config/default > ./.kube-linter/manifests.yaml | |
- name: Scan yaml files with kube-linter | |
uses: stackrox/kube-linter-action@v1 | |
id: kube-linter-action-scan | |
with: | |
# Adjust this directory to the location where your kubernetes resources and helm charts are located. | |
directory: ./.kube-linter/ |