Skip to content

SECREV-2969: pin the action version using a full length SHA #589

SECREV-2969: pin the action version using a full length SHA

SECREV-2969: pin the action version using a full length SHA #589

Workflow file for this run

name: Lint, Build, E2E Test
on:
push:
branches:
- main
- master
- renovate/**
pull_request:
jobs:
build:
name: Build integration for
runs-on: ubuntu-latest
strategy:
matrix:
goos: [ linux ]
goarch: [ amd64, arm64, arm ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- name: Build integration
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
run: |
make compile
chart-lint:
name: Helm chart Lint
runs-on: ubuntu-20.04
timeout-minutes: 10
strategy:
matrix:
kubernetes-version: [ "v1.16.15", "v1.22.0", "v1.25.3" ]
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: helm/[email protected]
- name: Lint charts
run: ct --config .github/ct.yaml lint --debug
- name: Check for changed installable charts
id: list-changed
run: |
changed=$(ct --config .github/ct.yaml list-changed)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
fi
- name: Run helm unit tests
if: steps.list-changed.outputs.changed == 'true'
run: |
helm plugin install https://github.com/helm-unittest/helm-unittest
for chart in $(ct --config .github/ct.yaml list-changed); do
if [ -d "$chart/tests/" ]; then
helm unittest $chart
else
echo "No unit tests found for $chart"
fi
done
- name: Setup Minikube
uses: manusa/[email protected]
if: steps.list-changed.outputs.changed == 'true'
with:
minikube version: v1.27.1
kubernetes version: ${{ matrix.kubernetes-version }}
github token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-go@v4
if: steps.list-changed.outputs.changed == 'true'
with:
go-version-file: 'go.mod'
- name: Create image for chart testing
if: steps.list-changed.outputs.changed == 'true'
run: |
GOOS=linux GOARCH=amd64 make compile # Set GOOS and GOARCH explicitly since Dockerfile expects them in the binary name
DOCKER_BUILDKIT=1 docker build -t e2e/metadata-injection:test .
minikube image load e2e/metadata-injection:test
kubectl create ns ct
- name: Test install charts
if: steps.list-changed.outputs.changed == 'true'
run: ct install --namespace ct --config .github/ct.yaml --debug
- name: Test upgrade charts
if: steps.list-changed.outputs.changed == 'true'
run: ct install --namespace ct --config .github/ct.yaml --debug --upgrade
test:
name: Unit tests
needs: [ build ]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- name: Run unit tests
run: make test
static-analysis:
name: Static analysis and linting
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- uses: newrelic/newrelic-infra-checkers@v1
- name: Semgrep
uses: returntocorp/semgrep-action@v1
with:
auditOn: push
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
continue-on-error: ${{ github.event_name != 'pull_request' }}
with:
only-new-issues: true
e2e-kubernetes:
name: Kubernetes E2E tests
needs: [ test ]
runs-on: ubuntu-20.04
env:
E2E_KUBERNETES_VERSION: ${{ matrix.k8s-version }}
DOCKER_BUILDKIT: '1' # Setting DOCKER_BUILDKIT=1 ensures TARGETOS and TARGETARCH are populated
strategy:
fail-fast: false
max-parallel: 5
matrix:
k8s-version: [ "v1.16.15", "v1.22.0", "v1.25.3" ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- run: make e2e-test