chore(deps): update kyverno/action-install-chainsaw action to v0.2.11 #4230
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- '**.md' | |
pull_request: | |
paths-ignore: | |
- '**.md' | |
env: | |
# Default minimum version of Go to support. | |
DEFAULT_GO_VERSION: "~1.21" | |
permissions: | |
contents: read | |
jobs: | |
unit-test: | |
name: Unit Tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.DEFAULT_GO_VERSION }} | |
- name: Setup Environment | |
run: | | |
echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV | |
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH | |
- name: Module cache | |
uses: actions/cache@v4 | |
env: | |
cache-name: go-mod-cache | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/go.sum') }} | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Workspace Init | |
run: make workspace-init | |
- name: Unit Test | |
run: make unit-test | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
flags: unit-tests | |
docker-local: | |
permissions: | |
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@master | |
with: | |
platforms: all | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@master | |
- name: Build | |
uses: docker/build-push-action@v4 | |
with: | |
builder: ${{ steps.buildx.outputs.name }} | |
context: . | |
outputs: type=docker,dest=${{ github.workspace }}/open-feature-operator-local.tar | |
tags: open-feature-operator-local:${{ github.sha }} | |
cache-from: type=gha,scope=${{ github.ref_name }}-ofo | |
cache-to: type=gha,scope=${{ github.ref_name }}-ofo | |
- name: Run Trivy vulnerability scanner | |
uses: aquasecurity/trivy-action@master | |
with: | |
input: /github/workspace/open-feature-operator-local.tar | |
format: "template" | |
template: "@/contrib/sarif.tpl" | |
output: "trivy-results.sarif" | |
severity: "CRITICAL,HIGH" | |
- name: Upload Trivy scan results to GitHub Security tab | |
uses: github/codeql-action/upload-sarif@v2 | |
with: | |
sarif_file: "trivy-results.sarif" | |
- name: Upload image as artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: open-feature-operator-local-${{ github.sha }} | |
path: ${{ github.workspace }}/open-feature-operator-local.tar | |
e2e_tests: | |
name: E2E Tests | |
needs: | |
- docker-local | |
strategy: | |
matrix: | |
kind_tag: [ v1.22.17, v1.23.17, v1.24.15, v1.25.11, v1.26.3, v1.27.3, v1.28.0 ] | |
with: | |
kind_tag: ${{ matrix.kind_tag }} | |
uses: ./.github/workflows/e2e.yml |