Skip to content

chore(node-analyzer): toggle volumes used by runtimeScanner and imageAnalyzer #3622

chore(node-analyzer): toggle volumes used by runtimeScanner and imageAnalyzer

chore(node-analyzer): toggle volumes used by runtimeScanner and imageAnalyzer #3622

Workflow file for this run

name: Lint and Test Charts
on:
pull_request:
repository_dispatch:
types: [approve-test-run-command]
jobs:
lint-test-branch:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/[email protected]
with:
version: v3.10.3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- uses: actions/setup-go@v3
with:
go-version: "^1.18"
check-latest: true
- name: Install pre-commit
run: pip install pre-commit
- name: Check pre-commit
run: |
pre-commit run -a --show-diff-on-failure
git clean -df .
- name: Set up chart-testing
uses: helm/[email protected]
- name: Expand templates for CI
run: |
find -path ".*/ci/*.yaml.template" | xargs -L1 -- bash -c 'envsubst < $0 > ${0%.template}'
shell: bash
env:
SECURE_AGENT_TOKEN: ${{ secrets.KUBELAB_AGENT_KEY }}
SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }}
SYSDIG_JFROG_SAAS_QA_URL: ${{ secrets.SYSDIG_JFROG_SAAS_QA_URL }}
SYSDIG_JFROG_SAAS_QA_API_URL: ${{ secrets.SYSDIG_JFROG_SAAS_QA_API_URL }}
SYSDIG_JFROG_SAAS_QA_USER: ${{ secrets.SYSDIG_JFROG_SAAS_QA_USER }}
SYSDIG_JFROG_SAAS_QA_TOKEN: ${{ secrets.SYSDIG_JFROG_SAAS_QA_TOKEN }}
SYSDIG_AWS_QA_CNT_ACCOUNT_ACCESS_KEY_ID: ${{secrets.SYSDIG_AWS_QA_CNT_ACCOUNT_ACCESS_KEY_ID}}
SYSDIG_AWS_QA_CNT_ACCOUNT_SECRET_ACCESS_KEY: ${{secrets.SYSDIG_AWS_QA_CNT_ACCOUNT_SECRET_ACCESS_KEY}}
SYSDIG_AWS_QA_REG_MANAGEMENT_ROLE_ARN: ${{secrets.SYSDIG_AWS_QA_REG_MANAGEMENT_ROLE_ARN}}
SYSDIG_AWS_QA_TARGET_ACCOUNT_ID: ${{secrets.SYSDIG_AWS_QA_TARGET_ACCOUNT_ID}} # cnt QA account
SHOW_USAGE: false
- name: Run chart-testing (lint)
run: ct lint
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
fi
- name: Create testing cluster
uses: jupyterhub/action-k3s-helm@v3
with:
k3s-version: v1.23.9+k3s1
- name: Run chart-testing (install)
run: ct install --upgrade --excluded-charts common,sysdig-stackdriver-bridge,sysdig-mcm-navmenu
lint-test-fork:
runs-on: ubuntu-latest
permissions:
checks: write
if: github.event_name == 'repository_dispatch' &&
github.event.client_payload.slash_command.args.named.sha != '' &&
contains(github.event.client_payload.pull_request.head.sha, github.event.client_payload.slash_command.args.named.sha)
steps:
- name: Fork based /approve-test-run checkout
uses: actions/checkout@v3
with:
ref: "refs/pull/${{ github.event.client_payload.pull_request.number }}/merge"
fetch-depth: 0
- name: Set up Helm
uses: azure/[email protected]
with:
version: v3.10.3
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- uses: actions/setup-go@v3
with:
go-version: "^1.18"
check-latest: true
- name: Install pre-commit
run: pip install pre-commit
- name: Check pre-commit
run: |
pre-commit run -a --show-diff-on-failure
git clean -df .
- name: Set up chart-testing
uses: helm/[email protected]
- name: Expand templates for CI
run: |
find -iname "*.yaml.template" | xargs -L1 -- bash -c 'envsubst < $0 > ${0%.template}'
shell: bash
env:
SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }}
SECURE_AGENT_TOKEN: ${{ secrets.KUBELAB_AGENT_KEY }}
- name: Run chart-testing (lint)
run: ct lint
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
fi
- name: Create testing cluster
uses: jupyterhub/action-k3s-helm@v3
with:
k3s-version: v1.23.9+k3s1
- name: Run chart-testing (install)
run: ct install --upgrade --excluded-charts common,sysdig-stackdriver-bridge,sysdig-mcm-navmenu
- uses: actions/github-script@v6
id: update-check-run
if: ${{ always() }}
env:
number: ${{ github.event.client_payload.pull_request.number }}
job: ${{ github.job }}
conclusion: ${{ job.status }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const { data: pull } = await github.rest.pulls.get({
...context.repo,
pull_number: process.env.number
});
const ref = pull.head.sha;
const { data: checks } = await github.rest.checks.listForRef({
...context.repo,
ref
});
const check = checks.check_runs.filter(c => c.name === process.env.job);
const { data: result } = await github.rest.checks.update({
...context.repo,
check_run_id: check[0].id,
status: 'completed',
conclusion: process.env.conclusion
});
return result;