Skip to content

Commit

Permalink
chore: prepare images for chainsaw tests (kyverno#156)
Browse files Browse the repository at this point in the history
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
  • Loading branch information
eddycharly authored Oct 27, 2024
1 parent c591306 commit 19d3da1
Show file tree
Hide file tree
Showing 7 changed files with 64 additions and 15 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/codeql.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Run Trivy vulnerability scanner in repo mode
- name: Run trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
with:
scan-type: fs
Expand All @@ -39,7 +39,7 @@ jobs:
vuln-type: os,library
env:
TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
- name: Upload Trivy scan results to GitHub Security tab
- name: Upload trivy scan results
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
sarif_file: trivy-results.sarif
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ko-publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -40,18 +40,18 @@ jobs:
run: |
set -e
git fetch --force --tags
- name: Setup Go
- name: Setup go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
cache-dependency-path: go.sum
- name: Install Cosign
- name: Install cosign
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Install Syft
- name: Install syft
uses: anchore/sbom-action/download-syft@8d0a6505bf28ced3e85154d13dc6af83299e13f1 # v0.17.4
- name: Install Ko
- name: Install ko
uses: ko-build/setup-ko@3aebd0597dc1e9d1a26bcfdb7cbeb19c131d3037 # v0.7
- name: Run GoReleaser
- name: Run goreleaser
id: goreleaser
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/semantics-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
semantics-pr:
runs-on: ubuntu-latest
steps:
- name: Validate Pull Request
- name: Validate pull request
uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down
46 changes: 42 additions & 4 deletions .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
Expand Down Expand Up @@ -59,26 +59,64 @@ jobs:
# env:
# CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

prepare-images:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
cache-dependency-path: go.sum
- name: Save image archive
shell: bash
run: |
set -e
make ko-build
make docker-save-image
- name: Upload image archive
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: image.tar
path: image.tar
retention-days: 1
if-no-files-found: error

e2e-tests-chainsaw:
runs-on: ubuntu-latest
needs: [ prepare-images ]
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: go.mod
cache-dependency-path: go.sum
- name: Install Cosign
- name: Install helm
id: helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
- name: Install cosign
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Install chainsaw
uses: kyverno/action-install-chainsaw@d311eacde764f806c9658574ff64c9c3b21f8397 # v0.2.11
with:
verify: true
- name: Download image archive
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: image.tar
- name: Create kind cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
node_image: kindest/node:v1.29.2
cluster_name: kind
- name: Setup test environment
run: |
set -e
make kind-create-cluster
export HELM=${{ steps.helm.outputs.helm-path }}
make docker-load-image
make install-cert-manager
make install-cluster-issuer
make install-kyverno-sidecar-injector
Expand Down
13 changes: 12 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,18 @@ ko-publish: $(KO)
@echo "Publish Docker image with ko..." >&2
@LD_FLAGS=$(LD_FLAGS) KO_DOCKER_REPO=$(REGISTRY)/$(REPO)/$(IMAGE) $(KO) build . --bare --tags=$(KO_TAGS) --platform=$(KO_PLATFORMS)

##########
# DOCKER #
##########

.PHONY: docker-save-image
docker-save-image: ## Save docker image in archive
@docker save $(KO_REGISTRY)/$(PACKAGE):$(GIT_SHA) > image.tar

.PHONY: docker-load-image
docker-load-image: ## Load docker image in archive
@docker load --input image.tar

########
# TEST #
########
Expand Down Expand Up @@ -184,7 +196,6 @@ kind-create-cluster: $(KIND)
.PHONY: kind-load-image
kind-load-image: ## Build image and load it in kind cluster
kind-load-image: $(KIND)
kind-load-image: ko-build
@echo Load image in kind... >&2
@$(KIND) load docker-image $(KO_REGISTRY)/$(PACKAGE):$(GIT_SHA)

Expand Down

0 comments on commit 19d3da1

Please sign in to comment.