chore(deps): bump github.com/aquasecurity/trivy-checks from 1.2.2 to 1.4.0 #1028
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# This workflow is triggered on push or pull request for the main branch. | |
# It runs tests and various checks to validate that the proposed changes | |
# will not introduce any regression after merging the code to the main branch. | |
name: Build | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- '.github/ISSUE_TEMPLATE/*.md' | |
- '*.md' | |
- 'docs/**' | |
- 'mkdocs.yml' | |
- 'LICENSE' | |
- 'NOTICE' | |
pull_request: | |
branches: | |
- main | |
paths-ignore: | |
- '.github/ISSUE_TEMPLATE/*.md' | |
- '*.md' | |
- 'docs/**' | |
- 'mkdocs.yml' | |
- 'LICENSE' | |
- 'NOTICE' | |
env: | |
GO_VERSION: 1.22.3 | |
KIND_VERSION: v0.11.1 | |
# Disable permissions granted to the GITHUB_TOKEN for all the available scopes. | |
permissions: {} | |
# Cancel any in-flight jobs for the same PR branch, | |
# so there's only one active at a time. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
verify-code: | |
name: Verify code | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Cached Go dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Verify Go code | |
uses: golangci/[email protected] | |
with: | |
args: --verbose --deadline=5m | |
version: v1.55.2 | |
skip-pkg-cache: true | |
skip-build-cache: true | |
- name: Verify YAML code | |
uses: ibiqlik/action-yamllint@v3 | |
- name: Vendor Go modules | |
run: go mod vendor | |
unit-tests: | |
name: Run unit tests | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: actions/cache@v4 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Run unit tests | |
run: make unit-tests | |
- name: Upload code coverage | |
uses: codecov/codecov-action@v5 | |
with: | |
files: ./coverage.txt | |
integrations-testing: | |
name: Run end to end testing | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install kind and create cluster | |
run: > | |
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION | |
}}/kind-linux-amd64 | |
chmod +x ./kind | |
sudo mv ./kind /usr/local/bin/kind | |
kind create cluster | |
curl -LO https://dl.k8s.io/release/v1.26.0/bin/linux/amd64/kubectl | |
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl | |
- name: Test connection to Kubernetes cluster | |
run: | | |
kubectl cluster-info | |
kubectl wait --for=condition=Ready nodes --all --timeout=300s | |
kubectl describe node | |
- name: Run end to end tests | |
run: make integrations-tests |