DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ingress-nginx-helm/.github/workflows/ci.yaml
Manuel Alejandro de Brito Fontes d781d99797 Fixes for gosec
2020-12-04 20:29:07 -03:00

207 lines
4.9 KiB
YAML
Raw Blame History

name: CI
on:
pull_request:
branches:
- "*"
push:
branches:
- master
jobs:
changes:
runs-on: ubuntu-latest
outputs:
go: ${{ steps.filter.outputs.go }}
charts: ${{ steps.filter.outputs.charts }}
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: dorny/paths-filter@v2.2.0
id: filter
with:
token: ${{ secrets.GITHUB_TOKEN }}
filters: |
go:
- '**/*.go'
- 'go.mod'
- 'go.sum'
- 'rootfs/**/*'
- 'TAG'
- 'test/e2e/**/*'
charts:
- 'charts/ingress-nginx/Chart.yaml'
- 'charts/ingress-nginx/**/*'
security:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
# G601 for zz_generated.deepcopy.go
# G306 TODO: Expect WriteFile permissions to be 0600 or less
# G307 TODO: Deferring unsafe method "Close"
args: -exclude=G601,G104,G204,G304,G306,G307 -tests=false -exclude-dir=test -exclude-dir=images/ -exclude-dir=docs/ ./...
build:
name: Build
runs-on: ubuntu-latest
needs: changes
if: |
(needs.changes.outputs.go == 'true')
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Go 1.15
id: go
uses: actions/setup-go@v2
with:
go-version: 1.15
- name: Set up Docker Buildx
id: buildx
uses: crazy-max/ghaction-docker-buildx@v1
with:
buildx-version: latest
qemu-version: latest
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Prepare Host
run: |
sudo apt-get -qq update || true
sudo apt-get install -y pigz
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.0/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
- name: Build images
env:
TAG: 1.0.0-dev
ARCH: amd64
REGISTRY: ingress-controller
run: |
echo "building images..."
make clean-image build image
make -C test/e2e-image image
echo "creating images cache..."
docker save \
nginx-ingress-controller:e2e \
ingress-controller/controller:1.0.0-dev \
| pigz > docker.tar.gz
- name: cache
uses: actions/upload-artifact@v2
with:
name: docker.tar.gz
path: docker.tar.gz
helm:
name: Helm chart
runs-on: ubuntu-latest
needs:
- changes
if: |
(needs.changes.outputs.charts == 'true')
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Lint
run: |
./build/run-in-docker.sh ./hack/verify-chart-lint.sh
- name: fix permissions
run: |
sudo mkdir -p $HOME/.kube
sudo chmod -R 777 $HOME/.kube
- name: Create Kubernetes cluster
id: kind
uses: engineerd/setup-kind@v0.5.0
with:
version: v0.9.0
image: kindest/node:v1.19.4
- name: Test
env:
KIND_CLUSTER_NAME: kind
SKIP_CLUSTER_CREATION: true
run: |
kind get kubeconfig > $HOME/.kube/kind-config-kind
make kind-e2e-chart-tests
kubernetes:
name: Kubernetes
runs-on: ubuntu-latest
needs:
- changes
- build
if: |
(needs.changes.outputs.go == 'true')
strategy:
matrix:
k8s: [v1.16.15, v1.17.11, v1.18.8, v1.19.4]
steps:
- name: Checkout
uses: actions/checkout@v2
- name: cache
uses: actions/download-artifact@v2
with:
name: docker.tar.gz
- name: Create Kubernetes ${{ matrix.k8s }} cluster
id: kind
uses: engineerd/setup-kind@v0.5.0
with:
version: v0.9.0
config: test/e2e/kind.yaml
image: kindest/node:${{ matrix.k8s }}
- uses: geekyeggo/delete-artifact@v1
with:
name: docker.tar.gz
failOnError: false
- name: Prepare cluster for testing
id: local-path
run: |
kubectl version
echo
echo "installing helm 3..."
curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
- name: Load images from cache
run: |
echo "loading docker images..."
pigz -dc docker.tar.gz | docker load
- name: Run e2e tests
env:
KIND_CLUSTER_NAME: kind
SKIP_CLUSTER_CREATION: true
SKIP_IMAGE_CREATION: true
run: |
kind get kubeconfig > $HOME/.kube/kind-config-kind
make kind-e2e-test
Reference in a new issue View git blame Copy permalink