-
Notifications
You must be signed in to change notification settings - Fork 9
139 lines (139 loc) · 5.61 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
---
name: CI
on:
pull_request: {}
push:
branches:
- main
concurrency:
group: ci-${{ github.head_ref || github.ref }}
cancel-in-progress: true
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
golangci-lint:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: go.mod
- uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
with:
# renovate: datasource=go depName=github.com/golangci/golangci-lint
version: v1.53.3
args: --timeout 5m
only-new-issues: true
yaml-lint:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1
markdown-lint:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: nosborn/github-action-markdown-cli@9b5e871c11cc0649c5ac2526af22e23525fa344d # v3.3.0
with:
files: .
verify-generated:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: go.mod
- name: Generate all
run: |
make generate-all
- name: Verify changed files
uses: tj-actions/verify-changed-files@9ed3155b72ba709881c967f75611fc5852f773b9 # v13.1
id: verify-changed-files
with:
files: |
**/*
- name: Fail job is any changed files
if: steps.verify-changed-files.outputs.files_changed == 'true'
run: |
errorMsg="::error::\
Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}\
\nPlease run 'make generate-all' locally and commit the changes"
echo -e "$errorMsg" && exit 1
test:
needs: verify-generated
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: go.mod
- run: make test
env:
KUBEBUILDER_ATTACH_CONTROL_PLANE_OUTPUT: true
e2e-test:
needs: verify-generated
runs-on: ubuntu-latest-4-cores
env:
IMG: registry.dummy-domain.com/image-scanner/controller:dev
IMG_FILE: operator-image.tar
K3D_CLUSTER: image-scanner
# renovate: datasource=github-tags depName=k3d-io/k3d
K3D_VERSION: v5.5.2
steps:
- name: Harden Runner
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
- uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1
- uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
with:
context: .
outputs: type=docker,dest=${{ env.IMG_FILE }}
tags: ${{ env.IMG }}
cache-from: type=gha
cache-to: type=gha,mode=max
- uses: AbsaOSS/k3d-action@4e8b3239042be1dc0aed6c5eb80c13b18200fc79 # v2.4.0
with:
cluster-name: ${{ env.K3D_CLUSTER }}
k3d-version: ${{ env.K3D_VERSION }}
args: >-
--config=test/e2e-config/k3d-config.yml
- run: |
kubectl cluster-info
kubectl version --output=yaml
- run: |
k3d image import ${{ env.IMG_FILE }} --cluster ${{ env.K3D_CLUSTER }}
make deploy-dependencies deploy
- uses: jaxxstorm/action-install-gh-release@c5ead9a448b4660cf1e7866ee22e4dc56538031a # v1.10.0
with:
repo: kudobuilder/kuttl
# renovate: datasource=github-tags depName=kudobuilder/kuttl
tag: v0.15.0
cache: enable
- run: |
make e2e-test