-
Notifications
You must be signed in to change notification settings - Fork 33
98 lines (98 loc) · 3.27 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
on: push
name: CI
jobs:
checks:
name: Run Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.22.2'
- name: Generate manifests
shell: bash
run: |
make manifests
if [[ -n $(git status -s) ]] ; then
echo "Generating manifests leaves tracked files in a modified state."
echo "Ensure to include updated manifests in this PR."
echo "This is usually done by running 'make manifests' and running 'git add ...' for the files that was modified by generating manifests."
git status -s
git diff
exit 1
fi
- name: Generate API docs
shell: bash
run: |
make apidocs
if [[ -n $(git status -s) ]] ; then
echo "Generating API docs leaves tracked files in a modified state."
echo "Ensure to include updated API docs in this PR."
echo "This is usually done by running 'make apidocs' and running 'git add ...' for the files that was modified by generating manifests."
git status -s
git diff
exit 1
fi
test:
name: Run Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.22.2'
- shell: bash
run: |
make test
- name: Publish Test Report
uses: mikepenz/action-junit-report@v4
if: always() # always run even if the previous step fails
with:
report_paths: '*-results-junit.xml'
build:
needs: checks
name: Run Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.22.2'
- name: Run Gosec Security Scanner
run: |
export PATH=$PATH:$(go env GOPATH)/bin
go install github.com/securego/gosec/v2/cmd/gosec@latest
gosec -exclude-dir images/logscale-dummy -exclude-generated ./...
- name: Run Staticcheck
uses: dominikh/[email protected]
with:
version: "2024.1.1"
install-go: false
- name: operator image
run: make docker-build-operator IMG=humio/humio-operator:${{ github.sha }}
- name: helper image
run: make docker-build-helper IMG=humio/humio-operator-helper:${{ github.sha }}
- name: Set up Python
uses: actions/setup-python@v5
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install six
python -m pip install --upgrade retry
pip install retry
- name: CrowdStrike Container Image Scan Operator
uses: crowdstrike/container-image-scan-action@v1
with:
falcon_client_id: 1cd30708cb31442f85a6eec83279fe7b
container_repository: humio/humio-operator
container_tag: ${{ github.sha }}
env:
FALCON_CLIENT_SECRET: "${{ secrets.FALCON_CLIENT_SECRET }}"
- name: CrowdStrike Container Image Scan Operator Helper
uses: crowdstrike/container-image-scan-action@v1
with:
falcon_client_id: 1cd30708cb31442f85a6eec83279fe7b
container_repository: humio/humio-operator-helper
container_tag: ${{ github.sha }}
env:
FALCON_CLIENT_SECRET: "${{ secrets.FALCON_CLIENT_SECRET }}"