Merge pull request #29 from percona/EVEREST-107-update-main-catalog-1.0 #69
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| check: | |
| name: Checks | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Check default main state - dev version | |
| run: | | |
| if ! grep -q "docker.io/perconalab/everest-operator-bundle:0.0.0" veneer/everest-operator.yaml; then | |
| echo "veneer/everest-operator.yaml should have the 0.0.0 image in the Stable channel images list" | |
| exit 1 | |
| fi | |
| - name: Check default main state - generated files | |
| run: | | |
| echo "Download opm tool" | |
| curl -Lo /tmp/opm https://github.com/operator-framework/operator-registry/releases/latest/download/linux-amd64-opm | |
| chmod +x /tmp/opm | |
| echo "Render catalog" | |
| /tmp/opm alpha render-template basic -o yaml ./veneer/everest-operator.yaml > ./catalog/everest-operator/catalog.yaml | |
| echo "Checking there is no source code changes" | |
| git diff --exit-code | |
| - name: Build image to check it for vulnerabilities | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| push: false | |
| tags: "perconalab/everest-catalog:0.0.0" | |
| file: everest-catalog.Dockerfile | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/[email protected] | |
| with: | |
| image-ref: "perconalab/everest-catalog:0.0.0" | |
| format: 'table' | |
| severity: 'CRITICAL,HIGH' | |
| - name: Run debug commands on failure | |
| if: ${{ failure() }} | |
| run: | | |
| env | |
| pwd | |
| git status |