Skip to content

Bump aquasecurity/trivy-action from 0.18.0 to 0.22.0 #643

Bump aquasecurity/trivy-action from 0.18.0 to 0.22.0

Bump aquasecurity/trivy-action from 0.18.0 to 0.22.0 #643

Workflow file for this run

name: CI
on:
workflow_dispatch:
push:
branches: [ master ]
pull_request:
branches: [ master ]
env:
GO_VERSION: '1.19.4'
permissions:
contents: read
jobs:
lint:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Linter
uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
with:
version: latest
# the default timeout is 1 minute - this is too short and results in frequent timeout errors so we increase it here
args: --timeout 3m0s
build:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Download modules
run: go mod download
- name: Build project
run: go build ./cmd/aks-periscope
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 2
- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Go tests
run: go test -v -race -coverprofile=coverage.out -covermode=atomic ./...
- name: Upload coverage to Codecov
run: bash <(curl -s https://codecov.io/bash) -C $(Build.SourceVersion)