Skip to content

Commit

Permalink
Merge branch 'main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@afdesk
afdesk authored Jan 10, 2025
2 parents ca46a0a + 35e0c4d commit 98ae45f
Show file tree
Hide file tree
Showing 71 changed files with 1,299 additions and 915 deletions.
37 changes: 21 additions & 16 deletions .github/workflows/build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ on:
- LICENSE
- NOTICE
env:
KIND_VERSION: v0.17.0
KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6
KIND_VERSION: v0.24.0
KIND_IMAGE: kindest/node:v1.31.2
GO_VERSION: '1.22'
permissions: {}
concurrency:
Expand All @@ -41,11 +41,11 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Verify Go code
uses: golangci/golangci-lint-action@v6.1.0
uses: golangci/golangci-lint-action@v6.1.1
with:
args: --verbose
version: v1.57.2
Expand All @@ -70,13 +70,13 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Run unit tests
run: mage test:unit
- name: Upload code coverage
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@v5
with:
files: ./coverage.txt
operator-envtest:
Expand All @@ -93,13 +93,13 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Run envtest
run: mage test:envtest
- name: Upload code coverage
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@v5
with:
files: ./coverage.txt
itest-trivy-operator:
Expand All @@ -116,11 +116,11 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Setup Kubernetes cluster (KIND)
uses: engineerd/setup-kind@v0.5.0
uses: engineerd/setup-kind@v0.6.2
with:
version: ${{ env.KIND_VERSION }}
image: ${{ env.KIND_IMAGE }}
Expand All @@ -138,7 +138,7 @@ jobs:
OPERATOR_NAMESPACE: trivy-system
OPERATOR_TARGET_NAMESPACES: default
- name: Upload code coverage
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@v5
with:
files: ./itest/trivy-operator/coverage.txt
e2e-testing:
Expand All @@ -165,8 +165,8 @@ jobs:
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
version: v2.4.8
args: release -f=goreleaser-e2e.yaml --snapshot --skip=publish --clean
- name: Install kind and create cluster
run: >
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION
Expand All @@ -188,10 +188,10 @@ jobs:
kubectl describe node
- name: Load operator image to cluster
run: >
docker tag ghcr.io/aquasecurity/trivy-operator:${{ github.sha }}-amd64
ghcr.io/aquasecurity/trivy-operator:e2e
docker tag mirror.gcr.io/aquasec/trivy-operator:${{ github.sha }}-amd64
mirror.gcr.io/aquasec/trivy-operator:e2e
docker save -o trivy-operator.tar ghcr.io/aquasecurity/trivy-operator:e2e
docker save -o trivy-operator.tar mirror.gcr.io/aquasec/trivy-operator:e2e
kind load image-archive trivy-operator.tar
- name: Init E2E tests (Install kuttl & helm)
Expand Down Expand Up @@ -265,6 +265,11 @@ jobs:
run: >
./bin/kuttl test --start-kind=false --config tests/e2e/config/cluster-scan.yaml
- name: The job has failed - print the logs
if: ${{ failure() }}
run: >
kubectl logs -n trivy-system deployment/trivy-operator
- name: Delete kind cluster
run: |
kind delete cluster
17 changes: 10 additions & 7 deletions .github/workflows/chart-testing.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ concurrency:
jobs:
chart-testing:
name: Run chart testing
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
env:
DOCKER_CLI_EXPERIMENTAL: enabled
steps:
Expand All @@ -42,8 +42,9 @@ jobs:
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
version: v2.4.8
args: release -f=goreleaser-e2e.yaml --snapshot --skip=publish --clean

- name: Install kind and create cluster
run: |
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION }}/kind-linux-amd64
Expand All @@ -69,19 +70,21 @@ jobs:
cmd: yq -i '.appVersion = "ct"' ./deploy/helm/Chart.yaml
- name: Load operator image to cluster
run: >
docker tag ghcr.io/aquasecurity/trivy-operator:${{ github.sha }}-amd64
ghcr.io/aquasecurity/trivy-operator:ct
docker tag mirror.gcr.io/aquasec/trivy-operator:${{ github.sha }}-amd64
mirror.gcr.io/aquasec/trivy-operator:ct
docker save -o trivy-operator.tar ghcr.io/aquasecurity/trivy-operator:ct
docker save -o trivy-operator.tar mirror.gcr.io/aquasec/trivy-operator:ct
kind load image-archive trivy-operator.tar
- name: Set up python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b
with:
python-version: 3.7
- name: Setup chart-testing
id: lint
uses: helm/chart-testing-action@v2.6.1
- name: Install yamllint
run: pip install yamllint
- name: Run chart-testing
run: ct lint-and-install --validate-maintainers=false --charts deploy/helm
- name: Delete kind cluster
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/private-registries.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ concurrency:
jobs:
private-registry-testing:
name: private registry testing
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
env:
DOCKER_CLI_EXPERIMENTAL: enabled
steps:
Expand All @@ -52,8 +52,8 @@ jobs:
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
version: v2.4.8
args: release -f=goreleaser-e2e.yaml --snapshot --skip=publish --clean
- name: Install kind and create cluster
run: >
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION
Expand Down Expand Up @@ -83,10 +83,10 @@ jobs:
-n private
- name: Load operator image to cluster
run: >
docker tag ghcr.io/aquasecurity/trivy-operator:${{ github.sha }}-amd64
ghcr.io/aquasecurity/trivy-operator:e2e
docker tag mirror.gcr.io/aquasec/trivy-operator:${{ github.sha }}-amd64
mirror.gcr.io/aquasec/trivy-operator:e2e
docker save -o trivy-operator.tar ghcr.io/aquasecurity/trivy-operator:e2e
docker save -o trivy-operator.tar mirror.gcr.io/aquasec/trivy-operator:e2e
kind load image-archive trivy-operator.tar
- name: Init E2E tests (Install kuttl & helm)
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-docs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
fetch-depth: 0
ref: ${{ github.event.inputs.ref }}
persist-credentials: true
- uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b
with:
python-version: 3.x
- run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/publish-helm-chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,14 @@ jobs:
with:
version: v3.14.2
- name: Set up python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: 3.7
- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@v2.6.1
- name: Setup Kubernetes cluster (KIND)
uses: helm/kind-action@v1.10.0 # v1.5.0
uses: helm/kind-action@v1.12.0 # v1.5.0
with:
version: ${{ env.KIND_VERSION }}
node_image: ${{ env.KIND_IMAGE }}
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/release-snapshot.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,19 +36,19 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install cosign
uses: sigstore/cosign-installer@v3.6.0
uses: sigstore/cosign-installer@v3.7.0
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
version: v2.4.8
args: release -f=goreleaser-e2e.yaml --snapshot --skip=publish --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_EXPERIMENTAL: 1
- name: Scan Trivy Operator image for vulnerabilities
uses: aquasecurity/trivy-action@master
with:
image-ref: 'ghcr.io/aquasecurity/trivy-operator:${{ github.sha }}-amd64'
image-ref: 'mirror.gcr.io/aquasec/trivy-operator:${{ github.sha }}-amd64'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Run unit tests
Expand All @@ -46,11 +46,11 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install tools
uses: aquaproj/aqua-installer@v3.0.1
uses: aquaproj/aqua-installer@v3.1.0
with:
aqua_version: v1.25.0
- name: Setup Kubernetes cluster (KIND)
uses: engineerd/setup-kind@v0.5.0
uses: engineerd/setup-kind@v0.6.2
with:
version: ${{ env.KIND_VERSION }}
image: ${{ env.KIND_IMAGE }}
Expand Down Expand Up @@ -95,7 +95,7 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}
- name: Install cosign
uses: sigstore/cosign-installer@v3.6.0
uses: sigstore/cosign-installer@v3.7.0
- name: Login to docker.io registry
uses: docker/login-action@v3.3.0
with:
Expand All @@ -116,8 +116,8 @@ jobs:
- name: Release
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release --rm-dist
version: v2.4.8
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_EXPERIMENTAL: 1
Expand Down
Loading

0 comments on commit 98ae45f

Please sign in to comment.