From d43cd88aa2deaa9b1a48cfa58d2cffebd59477a3 Mon Sep 17 00:00:00 2001 From: Mirah Gary Date: Wed, 7 Sep 2022 14:16:21 +0200 Subject: [PATCH 1/2] Add govulncheck to makefile. --- Makefile | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index f7409185a..e2a87e9d3 100644 --- a/Makefile +++ b/Makefile @@ -24,11 +24,11 @@ $(KUBEBUILDER_ASSETS): kubebuilder-assets: $(KUBEBUILDER_ASSETS) .PHONY: unit-tests -unit-tests: install-tools $(KUBEBUILDER_ASSETS) generate fmt vet manifests ## Run unit tests +unit-tests: install-tools $(KUBEBUILDER_ASSETS) generate fmt vet vuln manifests ## Run unit tests ginkgo -r --randomize-all api/ internal/ pkg/ .PHONY: integration-tests -integration-tests: install-tools $(KUBEBUILDER_ASSETS) generate fmt vet manifests ## Run integration tests +integration-tests: install-tools $(KUBEBUILDER_ASSETS) generate fmt vet vuln manifests ## Run integration tests ginkgo -r controllers/ manifests: install-tools ## Generate manifests e.g. CRD, RBAC etc. @@ -53,13 +53,17 @@ fmt: vet: go vet ./... +# Run govulncheck against code +vuln: + govulncheck ./... + # Generate code & docs generate: install-tools api-reference controller-gen object:headerFile=./hack/NOTICE.go.txt paths=./api/... controller-gen object:headerFile=./hack/NOTICE.go.txt paths=./internal/status/... # Build manager binary -manager: generate fmt vet +manager: generate fmt vet vuln go mod download go build -o bin/manager main.go @@ -80,7 +84,7 @@ destroy: ## Cleanup all controller artefacts kustomize build config/rbac/ | kubectl delete --ignore-not-found=true -f - kustomize build config/namespace/base/ | kubectl delete --ignore-not-found=true -f - -run: generate manifests fmt vet install deploy-namespace-rbac just-run ## Run operator binary locally against the configured Kubernetes cluster in ~/.kube/config +run: generate manifests fmt vet vuln install deploy-namespace-rbac just-run ## Run operator binary locally against the configured Kubernetes cluster in ~/.kube/config just-run: ## Just runs 'go run main.go' without regenerating any manifests or deploying RBACs KUBECONFIG=${HOME}/.kube/config OPERATOR_NAMESPACE=$(K8S_OPERATOR_NAMESPACE) go run ./main.go -metrics-bind-address 127.0.0.1:9782 --zap-devel $(OPERATOR_ARGS) @@ -182,6 +186,7 @@ docker-registry-secret: check-env-docker-credentials install-tools: go mod download grep _ tools/tools.go | awk -F '"' '{print $$2}' | xargs -t go install + go install "golang.org/x/vuln/cmd/govulncheck@latest" check-env-docker-repo: check-env-registry-server ifndef OPERATOR_IMAGE From df7738fe403ac43399aaa82e2ba4a99618d1f3f8 Mon Sep 17 00:00:00 2001 From: Mirah Gary Date: Wed, 7 Sep 2022 15:22:20 +0200 Subject: [PATCH 2/2] Bump go to 1.19 in github actions unit/integration tests. --- .github/workflows/pr.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 773e9dde5..8f6bf4aca 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -15,6 +15,10 @@ jobs: runs-on: ubuntu-latest container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci steps: + - name: Install Go + uses: actions/setup-go@v2 + with: + go-version: ${{ env.GO_VERSION }} - name: Check out code into the Go module directory uses: actions/checkout@v2 - name: Unit tests