From 150e72e1de0112e3a20adb34b62f571dea1cfd3f Mon Sep 17 00:00:00 2001 From: Ricardo Martinelli de Oliveira Date: Thu, 15 Jun 2023 15:25:36 -0300 Subject: [PATCH] Add kube-linter automation --- .github/workflows/image-check.yaml | 30 ++++++++++++++++++++++++++++++ config/base/params.env | 24 ++++++++++++------------ 2 files changed, 42 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/image-check.yaml diff --git a/.github/workflows/image-check.yaml b/.github/workflows/image-check.yaml new file mode 100644 index 00000000..668bc358 --- /dev/null +++ b/.github/workflows/image-check.yaml @@ -0,0 +1,30 @@ +name: Image-check +on: + push: + branches: + - '**' + tags-ignore: + - 'v*' + pull_request: + workflow_dispatch: + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: '1.19.9' + - name: Check hard-coded image names in template files + run: | + lines=$(grep -r "image: " ./config/internal/ | egrep -v "{{[a-zA-Z.]+}}" | grep -v sample | wc -l) + if [ "$lines" -gt "0" ]; then exit 1; else exit 0; fi + - name: Check Operator resources + run: | + lines=$(grep -r "image: " ./config/manager/ | grep -oP -v "\\$\([[:upper:]_]+\)" | wc -l) + if [ "$lines" -gt "0" ]; then exit 1; else exit 0; fi + - name: Check non-sha image parameters + run: | + lines=$(egrep -v "IMAGES_[A-Z]+=[a-z0-9./-]+@sha256" ./config/base/params.env | wc -l) + if [ "$lines" -gt "0" ]; then exit 1; else exit 0; fi diff --git a/config/base/params.env b/config/base/params.env index aded367d..61721aeb 100644 --- a/config/base/params.env +++ b/config/base/params.env @@ -1,12 +1,12 @@ -IMAGES_APISERVER=quay.io/opendatahub/ds-pipelines-api-server:v1.0.0 -IMAGES_ARTIFACT=quay.io/opendatahub/ds-pipelines-artifact-manager:v1.0.0 -IMAGES_PERSISTENTAGENT=quay.io/opendatahub/ds-pipelines-persistenceagent:v1.0.0 -IMAGES_SCHEDULEDWORKFLOW=quay.io/opendatahub/ds-pipelines-scheduledworkflow:v1.0.0 -IMAGES_CACHE=registry.access.redhat.com/ubi8/ubi-minimal -IMAGES_MOVERESULTSIMAGE=registry.access.redhat.com/ubi8/ubi-micro -IMAGES_MARIADB=registry.redhat.io/rhel8/mariadb-103:1-188 -IMAGES_DSPO=quay.io/opendatahub/data-science-pipelines-operator:v1.0.0 -IMAGES_OAUTHPROXY=registry.redhat.io/openshift4/ose-oauth-proxy:v4.12.0 -IMAGES_MLMDENVOY=quay.io/opendatahub/ds-pipelines-metadata-envoy:v1.0.0 -IMAGES_MLMDGRPC=quay.io/opendatahub/ds-pipelines-metadata-grpc:v1.0.0 -IMAGES_MLMDWRITER=quay.io/opendatahub/ds-pipelines-metadata-writer:v1.0.0 +IMAGES_APISERVER=quay.io/opendatahub/ds-pipelines-api-server@sha256:4650c62254cd79112de3e4f09270130501d0d86a4dea79b74c2fcb8b5ca567e7 +IMAGES_ARTIFACT=quay.io/opendatahub/ds-pipelines-artifact-manager@sha256:58a13845901f8aae5421f640eeebee0abf3b12b27c1f96fbc8ff199b7e4f8d8d +IMAGES_PERSISTENTAGENT=quay.io/opendatahub/ds-pipelines-persistenceagent@sha256:c8b0953c28fd24180ddd24a30c68df411d299ccc7f6bc18ab15f4dba4a84b7d9 +IMAGES_SCHEDULEDWORKFLOW=quay.io/opendatahub/ds-pipelines-scheduledworkflow@sha256:31d049e74ab038f3a6d3ff9fa8953a4d0ddb21b0efc43fbb5b07fbaf83817022 +IMAGES_CACHE=registry.access.redhat.com/ubi8/ubi-minimal@sha256:e52fc1de73dc2879516431ff1865e0fb61b1a32f57b6f914bdcddb13c62f84e6 +IMAGES_MOVERESULTSIMAGE=registry.access.redhat.com/ubi8/ubi-micro@sha256:443db9a646aaf9374f95d266ba0c8656a52d70d0ffcc386a782cea28fa32e55d +IMAGES_MARIADB=registry.redhat.io/rhel8/mariadb-103@sha256:cafc7364494fb7206c373a1235fd5da74399c19b5c34d87dd02aa07e8f343fa2 +IMAGES_DSPO=quay.io/opendatahub/data-science-pipelines-operator@sha256:97b4d3c588abe62ffba0474ecb9506752bce43a0f952e84cc9fddc63724f696b +IMAGES_OAUTHPROXY=registry.redhat.io/openshift4/ose-oauth-proxy@sha256:d0f2f1ef0bdc3aa1a70794ac8ac779271b634af83e939029ac5224ec0c815d7a +IMAGES_MLMDENVOY=quay.io/opendatahub/ds-pipelines-metadata-envoy@sha256:f2d5d430bbc925520f635f35698e604aae391ace39b15a5d601a9c9eb26dec2b +IMAGES_MLMDGRPC=quay.io/opendatahub/ds-pipelines-metadata-grpc@sha256:2490aadb2227cc72fd9e698549a8cd3270b669a2faa24bb0603c37f1c71ac8c4 +IMAGES_MLMDWRITER=quay.io/opendatahub/ds-pipelines-metadata-writer@sha256:89fc26374f8e58384628f6b178eb9b8e3ebb111fe395c529d0b65ba8adaa89f5