Skip to content

fix: Truncate cname to a max of 63 chars #4574

fix: Truncate cname to a max of 63 chars

fix: Truncate cname to a max of 63 chars #4574

Workflow file for this run

---
name: Build
on:
push:
branches:
- main
paths-ignore:
- .github/ISSUE_TEMPLATE/*.md
- "*.md"
- docs/**
- mkdocs.yml
- LICENSE
- NOTICE
pull_request:
branches:
- main
paths-ignore:
- .github/ISSUE_TEMPLATE/*.md
- "*.md"
- docs/**
- mkdocs.yml
- LICENSE
- NOTICE
env:
KIND_VERSION: v0.17.0
KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6
GO_VERSION: '1.22'
permissions: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
verify-code:
name: Verify code
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/[email protected]
with:
aqua_version: v1.25.0
- name: Verify Go code
uses: golangci/[email protected]
with:
args: --verbose
version: v1.57.2
skip-pkg-cache: true
skip-build-cache: true
- name: Verify YAML code
uses: ibiqlik/action-yamllint@v3
- name: Vendor Go modules
run: go mod tidy
- name: Verify all generated
run: mage generate:verify
- name: Verify Generated Helm docs
run: mage generate:verifydocs
tests:
name: Run tests
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/[email protected]
with:
aqua_version: v1.25.0
- name: Run unit tests
run: mage test:unit
- name: Upload code coverage
uses: codecov/codecov-action@v4
with:
files: ./coverage.txt
operator-envtest:
name: Run Operator envtest
needs:
- tests
- verify-code
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/[email protected]
with:
aqua_version: v1.25.0
- name: Run envtest
run: mage test:envtest
- name: Upload code coverage
uses: codecov/codecov-action@v4
with:
files: ./coverage.txt
itest-trivy-operator:
name: Run integration tests
needs:
- operator-envtest
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/[email protected]
with:
aqua_version: v1.25.0
- name: Setup Kubernetes cluster (KIND)
uses: engineerd/[email protected]
with:
version: ${{ env.KIND_VERSION }}
image: ${{ env.KIND_IMAGE }}
- name: Test connection to Kubernetes cluster
run: |
kubectl cluster-info
kubectl wait --for=condition=Ready nodes --all --timeout=300s
kubectl describe node
- name: Run integration tests
run: |
kubectl create -k deploy/static
mage test:integration
env:
KUBECONFIG: /home/runner/.kube/config
OPERATOR_NAMESPACE: trivy-system
OPERATOR_TARGET_NAMESPACES: default
- name: Upload code coverage
uses: codecov/codecov-action@v4
with:
files: ./itest/trivy-operator/coverage.txt
e2e-testing:
name: Run end to end testing
needs:
- itest-trivy-operator
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: enabled
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
- name: Install kind and create cluster
run: >
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION
}}/kind-linux-amd64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
kind create cluster
curl -LO https://dl.k8s.io/release/v1.26.0/bin/linux/amd64/kubectl
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
- name: Test connection to Kubernetes cluster
run: |
kubectl cluster-info
kubectl wait --for=condition=Ready nodes --all --timeout=300s
kubectl describe node
- name: Load operator image to cluster
run: >
docker tag ghcr.io/aquasecurity/trivy-operator:${{ github.sha }}-amd64
ghcr.io/aquasecurity/trivy-operator:e2e
docker save -o trivy-operator.tar ghcr.io/aquasecurity/trivy-operator:e2e
kind load image-archive trivy-operator.tar
- name: Init E2E tests (Install kuttl & helm)
run: >
mkdir -p ./bin
curl -L https://github.com/kudobuilder/kuttl/releases/download/v0.15.0/kubectl-kuttl_0.15.0_linux_x86_64 -o ./bin/kuttl;
chmod +x ./bin/kuttl;
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
- name: Image scan mode producing vulnerability,misconfig and exposedsecrets
reports tests
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/image-mode.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Files System scan mode producing vulnerability,misconfig and exposedsecrets reports tests
run: |
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/fs-mode.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Client/server mode producing vulnerability,misconfig and exposedsecrets
reports tests
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/client-server.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Standalon mode with Sbom scanning
reports tests
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/sbom-standalone.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Client/Server with Sbom scanning
reports tests
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/client-server-sbom.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: file system with Sbom scanning
reports tests
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/fs-sbom.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Node scan producing cluster infraassessment report
run: >
kubectl create namespace e2e-test
./bin/kuttl test --start-kind=false --namespace e2e-test --config tests/e2e/config/node-collector.yaml
./tests/resources-cleanup.sh > /dev/null 2>&1
- name: Cluster vulnerabilities report
run: >
./bin/kuttl test --start-kind=false --config tests/e2e/config/cluster-scan.yaml
- name: Delete kind cluster
run: |
kind delete cluster