Skip to content

chore: bump the k8s group with 4 updates #1969

chore: bump the k8s group with 4 updates

chore: bump the k8s group with 4 updates #1969

Workflow file for this run

name: PR Code Checks
on:
pull_request:
branches:
- "main"
- "release-*"
workflow_dispatch:
env:
GITLEAKS_VERSION: 8.18.2
jobs:
# This is a workaround to bypass the limitations of the workflow path filter:
# https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/troubleshooting-required-status-checks#handling-skipped-but-required-checks
check-changed-files:
outputs:
check: ${{ steps.changed-files.outputs.any_modified }}
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.draft == false }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Get changed files
uses: tj-actions/changed-files@6b2903bdce6310cfbddd87c418f253cf29b2dec9
id: changed-files
with:
files_ignore: |
docs/**
**/*.md
OWNERS
CODEOWNERS
- name: List changed files
run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY
unit-tests:
runs-on: ubuntu-latest
needs:
- check-changed-files
if: ${{ needs.check-changed-files.outputs.check == 'true' }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Setup Golang
uses: "./.github/template/setup-golang"
- name: Run tests
run: make test
lint:
runs-on: ubuntu-latest
needs:
- check-changed-files
if: ${{ needs.check-changed-files.outputs.check == 'true' }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Setup Golang
uses: "./.github/template/setup-golang"
- name: Run lint
run: make lint
coverage:
runs-on: ubuntu-latest
needs:
- check-changed-files
if: ${{ needs.check-changed-files.outputs.check == 'true' }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Setup Golang
uses: "./.github/template/setup-golang"
- name: Run coverage check
run: make check-coverage
gitleaks:
runs-on: ubuntu-latest
needs:
- check-changed-files
if: ${{ needs.check-changed-files.outputs.check == 'true' }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch gitleaks ${{ env.GITLEAKS_VERSION }}
run: curl -Lso gitleaks.tar.gz https://github.com/gitleaks/gitleaks/releases/download/v${{ env.GITLEAKS_VERSION }}/gitleaks_${{ env.GITLEAKS_VERSION }}_linux_x64.tar.gz && tar -xvzf ./gitleaks.tar.gz
- name: Run gitleaks
# Scan commits between base and head of the pull request
run: ./gitleaks detect --log-opts=${PULL_BASE_SHA}...${PULL_HEAD_SHA} --verbose --redact
env:
PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }}
PULL_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
PR-Code-Checks-Success:
needs:
- unit-tests
- lint
- coverage
- gitleaks
runs-on: ubuntu-latest
steps:
- name: Success
run: |
echo "PR Code Checks completed successfully"