Skip to content

Update docker.io/golang Docker digest to 73f06be #1320

Update docker.io/golang Docker digest to 73f06be

Update docker.io/golang Docker digest to 73f06be #1320

Workflow file for this run

name: CI
on:
push:
branches:
- main
paths-ignore:
- '**.md'
pull_request:
branches:
- main
paths-ignore:
- '**.md'
env:
IMG: candidate
GOLANG_VERSION: 1.19.1
DOCKER_ORG: jkremser
permissions:
contents: read
jobs:
lint:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
name: Lint
runs-on: ubuntu-20.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
storage.googleapis.com:443
sum.golang.org:443
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- name: Lint using golangci-lint
uses: reviewdog/action-golangci-lint@94d61e3205b61acf4ddabfeb13c5f8a13eb4167b # v2
with:
golangci_lint_version: v1.50.1
go_version: ${{ env.GOLANG_VERSION }}
level: warning
- name: gokart
run: |
go install github.com/praetorian-inc/gokart@3d38a9ae72f7d67d5c13f83ec5669630868e409e # tag=v0.5.1
gokart scan --globalsTainted
build-and-test:
name: Build and Test
runs-on: ubuntu-20.04
needs: lint
steps:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
gotest-release.s3.amazonaws.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
storage.googleapis.com:443
sum.golang.org:443
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: ${{ env.GOLANG_VERSION }}
- name: Build
run: |
go version
make build
- name: Test
run: |
# curl -s https://gotest-release.s3.amazonaws.com/gotest_linux > gotest && chmod +x gotest
# (set -o pipefail && ./gotest ./... | tee $GITHUB_STEP_SUMMARY)
(set -o pipefail && go test ./... | tee $GITHUB_STEP_SUMMARY)
e2e-on-k8s:
name: e2e tests against kubernetes
runs-on: ubuntu-20.04
needs: build-and-test
steps:
- name: Harden Runner
uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v2.0.0
with:
egress-policy: block
allowed-endpoints: >
api.github.com:443
auth.docker.io:443
docker.io:443
cdn02.quay.io:443
cdn03.quay.io:443
quay.io:443
gcr.io:443
ghcr.io:443
github.com:443
gotest-release.s3.amazonaws.com:443
objects.githubusercontent.com:443
pkg-containers.githubusercontent.com:443
production.cloudflare.docker.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
registry-1.docker.io:443
storage.googleapis.com:443
sum.golang.org:443
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4
with:
go-version: ${{ env.GOLANG_VERSION }}
- name: Install stuff
run: |
curl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
# curl -s https://gotest-release.s3.amazonaws.com/gotest_linux > gotest && chmod +x gotest
- name: Build container image
run: |
make container-img
- name: Spawn k8s cluster and import the image
run: |
k3d cluster create --no-lb --k3s-arg "--disable=traefik,servicelb,metrics-server,local-storage@server:*"
echo "importing image: ${IMG}"
k3d image import ${IMG}:latest
echo "Kubernetes vesion:"
kubectl version
- name: Deploy the operator
run: |
make install deploy
kubectl wait deploy/log2rbac -n log2rbac --for condition=available --timeout=2m && sleep 10
- name: Test
run: |
# (cd e2e-test/ && set -o pipefail && ../gotest ./... | tee $GITHUB_STEP_SUMMARY)
(cd e2e-test/ && set -o pipefail && go test ./... | tee $GITHUB_STEP_SUMMARY)
- name: Login to Dockerhub
if: ${{ github.event_name == 'push' }}
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # tag=v2.1.0
with:
username: ${{ env.DOCKER_ORG }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push the :latest container image
if: ${{ github.event_name == 'push' }}
run: |
docker tag ${IMG} docker.io/${DOCKER_ORG}/log2rbac:latest
docker push docker.io/${DOCKER_ORG}/log2rbac:latest
- name: Print test logs & debug
if: always()
run: |
echo "::group::env | sort"
env | sort
echo "::endgroup::"
echo "::group::k get events"
kubectl get events -A || true
echo "::endgroup::"
echo "::group::k describe deploy log2rbac"
kubectl describe deploy -nlog2rbac log2rbac || true
echo "::endgroup::"
echo "::group::k describe clusterrole new-k8gb-role"
kubectl describe clusterrole new-k8gb-role || true
echo "::endgroup::"
echo -e "\n\nCRs:"
kubectl get rn -A -owide || true
echo -e "\n\n Deployments:"
kubectl get deployment -A || true
echo -e "\n\n Operator logs:"
kubectl logs -nlog2rbac -lid=log2rbac --tail=200 || true