chore(node-analyzer): toggle volumes used by runtimeScanner and imageAnalyzer #3622
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint and Test Charts | |
on: | |
pull_request: | |
repository_dispatch: | |
types: [approve-test-run-command] | |
jobs: | |
lint-test-branch: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/[email protected] | |
with: | |
version: v3.10.3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: "^1.18" | |
check-latest: true | |
- name: Install pre-commit | |
run: pip install pre-commit | |
- name: Check pre-commit | |
run: | | |
pre-commit run -a --show-diff-on-failure | |
git clean -df . | |
- name: Set up chart-testing | |
uses: helm/[email protected] | |
- name: Expand templates for CI | |
run: | | |
find -path ".*/ci/*.yaml.template" | xargs -L1 -- bash -c 'envsubst < $0 > ${0%.template}' | |
shell: bash | |
env: | |
SECURE_AGENT_TOKEN: ${{ secrets.KUBELAB_AGENT_KEY }} | |
SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }} | |
SYSDIG_JFROG_SAAS_QA_URL: ${{ secrets.SYSDIG_JFROG_SAAS_QA_URL }} | |
SYSDIG_JFROG_SAAS_QA_API_URL: ${{ secrets.SYSDIG_JFROG_SAAS_QA_API_URL }} | |
SYSDIG_JFROG_SAAS_QA_USER: ${{ secrets.SYSDIG_JFROG_SAAS_QA_USER }} | |
SYSDIG_JFROG_SAAS_QA_TOKEN: ${{ secrets.SYSDIG_JFROG_SAAS_QA_TOKEN }} | |
SYSDIG_AWS_QA_CNT_ACCOUNT_ACCESS_KEY_ID: ${{secrets.SYSDIG_AWS_QA_CNT_ACCOUNT_ACCESS_KEY_ID}} | |
SYSDIG_AWS_QA_CNT_ACCOUNT_SECRET_ACCESS_KEY: ${{secrets.SYSDIG_AWS_QA_CNT_ACCOUNT_SECRET_ACCESS_KEY}} | |
SYSDIG_AWS_QA_REG_MANAGEMENT_ROLE_ARN: ${{secrets.SYSDIG_AWS_QA_REG_MANAGEMENT_ROLE_ARN}} | |
SYSDIG_AWS_QA_TARGET_ACCOUNT_ID: ${{secrets.SYSDIG_AWS_QA_TARGET_ACCOUNT_ID}} # cnt QA account | |
SHOW_USAGE: false | |
- name: Run chart-testing (lint) | |
run: ct lint | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed) | |
if [[ -n "$changed" ]]; then | |
echo "::set-output name=changed::true" | |
fi | |
- name: Create testing cluster | |
uses: jupyterhub/action-k3s-helm@v3 | |
with: | |
k3s-version: v1.23.9+k3s1 | |
- name: Run chart-testing (install) | |
run: ct install --upgrade --excluded-charts common,sysdig-stackdriver-bridge,sysdig-mcm-navmenu | |
lint-test-fork: | |
runs-on: ubuntu-latest | |
permissions: | |
checks: write | |
if: github.event_name == 'repository_dispatch' && | |
github.event.client_payload.slash_command.args.named.sha != '' && | |
contains(github.event.client_payload.pull_request.head.sha, github.event.client_payload.slash_command.args.named.sha) | |
steps: | |
- name: Fork based /approve-test-run checkout | |
uses: actions/checkout@v3 | |
with: | |
ref: "refs/pull/${{ github.event.client_payload.pull_request.number }}/merge" | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/[email protected] | |
with: | |
version: v3.10.3 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: "^1.18" | |
check-latest: true | |
- name: Install pre-commit | |
run: pip install pre-commit | |
- name: Check pre-commit | |
run: | | |
pre-commit run -a --show-diff-on-failure | |
git clean -df . | |
- name: Set up chart-testing | |
uses: helm/[email protected] | |
- name: Expand templates for CI | |
run: | | |
find -iname "*.yaml.template" | xargs -L1 -- bash -c 'envsubst < $0 > ${0%.template}' | |
shell: bash | |
env: | |
SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }} | |
SECURE_AGENT_TOKEN: ${{ secrets.KUBELAB_AGENT_KEY }} | |
- name: Run chart-testing (lint) | |
run: ct lint | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed) | |
if [[ -n "$changed" ]]; then | |
echo "::set-output name=changed::true" | |
fi | |
- name: Create testing cluster | |
uses: jupyterhub/action-k3s-helm@v3 | |
with: | |
k3s-version: v1.23.9+k3s1 | |
- name: Run chart-testing (install) | |
run: ct install --upgrade --excluded-charts common,sysdig-stackdriver-bridge,sysdig-mcm-navmenu | |
- uses: actions/github-script@v6 | |
id: update-check-run | |
if: ${{ always() }} | |
env: | |
number: ${{ github.event.client_payload.pull_request.number }} | |
job: ${{ github.job }} | |
conclusion: ${{ job.status }} | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
script: | | |
const { data: pull } = await github.rest.pulls.get({ | |
...context.repo, | |
pull_number: process.env.number | |
}); | |
const ref = pull.head.sha; | |
const { data: checks } = await github.rest.checks.listForRef({ | |
...context.repo, | |
ref | |
}); | |
const check = checks.check_runs.filter(c => c.name === process.env.job); | |
const { data: result } = await github.rest.checks.update({ | |
...context.repo, | |
check_run_id: check[0].id, | |
status: 'completed', | |
conclusion: process.env.conclusion | |
}); | |
return result; |