-
Notifications
You must be signed in to change notification settings - Fork 22
133 lines (119 loc) · 3.96 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#
# Copyright Red Hat
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Validate PRs
on:
pull_request:
branches: [ main ]
jobs:
go:
name: Check go sources
runs-on: ubuntu-latest
steps:
-
name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
-
name: Set up Go 1.x
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: 'go.mod'
-
name: Cache go modules
id: cache-mod
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
-
name: Download dependencies
run: go mod download
if: steps.cache-mod.outputs.cache-hit != 'true'
-
name: Check go mod status
run: |
go mod tidy
if [[ ! -z $(git status -s) ]]
then
echo "Go mod state is not clean: $(git status -s)"
exit 1
fi
-
name: Check format
run: |
go get -u github.com/google/addlicense
go install github.com/google/addlicense
go get -u golang.org/x/tools/cmd/goimports
go install golang.org/x/tools/cmd/goimports
git reset HEAD --hard
make fmt
if [[ ! -z $(git status -s) ]]
then
echo "not well formatted sources found during make fmt: $(git --no-pager diff)"
exit 1
fi
make fmt_license
if [[ ! -z $(git status -s) ]]
then
echo "not well formatted sources found during make fmt_license: $(git status -s)"
exit 1
fi
-
name: Check code generation
run: make generate
-
name: Check CRD manifest generation
run: make manifests
-
name: Run unit tests
run: make test
-
name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
- name: Run Gosec Security Scanner
run: |
go install github.com/securego/gosec/v2/cmd/[email protected]
make gosec
if [[ $? != 0 ]]
then
echo "gosec scanner failed to run "
exit 1
fi
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # 2.22.5
with:
# Path to SARIF file relative to the root of the repository
sarif_file: gosec.sarif
operator-build:
name: Check operator container image build
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up QEMU # Enables arm64 image building
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
- name: Check if operator docker build is working
run: make docker-buildx-build
operator-bundle-build:
name: Check operator bundle build
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up QEMU # Enables arm64 image building
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
- name: Build the operator's bundle image
run: make docker-bundle-buildx-build