Use newer kube-bench #575
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-20.04 | |
| if: ${{ github.event.head_commit.message != '[Release] Update Chart.yaml' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Get merge request latest commit | |
| id: parse-commit | |
| if: ${{ github.event_name == 'pull_request' }} | |
| run: | | |
| msg=$(git show -s --format=%s) | |
| echo "head_commit_message=${msg}" >> $GITHUB_ENV | |
| echo "Latest commit: ${msg}" | |
| echo "Env commit ${{env.head_commit_message}}" | |
| echo "Contains msg ${{ contains(env.head_commit_message, '#skip-lint') }}" | |
| - name: Setup Go 1.19 | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: 1.19 | |
| - name: Cache Go modules | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-build-${{ hashFiles('**/go.sum') }} | |
| restore-keys: ${{ runner.os }}-build- | |
| - name: Build agent go binary amd64 | |
| run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/castai-kvisor-amd64 ./cmd/agent | |
| env: | |
| GOOS: linux | |
| GOARCH: amd64 | |
| CGO_ENABLED: 0 | |
| - name: Build imgcollector go binary amd64 | |
| run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/castai-imgcollector-amd64 ./cmd/imgcollector | |
| env: | |
| GOOS: linux | |
| GOARCH: amd64 | |
| CGO_ENABLED: 0 | |
| - name: Build agent go binary arm64 | |
| run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/castai-kvisor-arm64 ./cmd/agent | |
| env: | |
| GOOS: linux | |
| GOARCH: arm64 | |
| CGO_ENABLED: 0 | |
| - name: Build imgcollector go binary arm64 | |
| run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/castai-imgcollector-arm64 ./cmd/imgcollector | |
| env: | |
| GOOS: linux | |
| GOARCH: arm64 | |
| CGO_ENABLED: 0 | |
| - name: Run golangci-lint | |
| # You may pin to the exact commit or the version. | |
| # uses: golangci/golangci-lint-action@537aa1903e5d359d0b27dbc19ddd22c5087f3fbc | |
| if: ${{ github.event_name == 'pull_request' && !contains(env.head_commit_message, '#skip-lint') }} | |
| uses: golangci/golangci-lint-action@v3.4.0 | |
| with: | |
| args: -v --timeout=5m | |
| skip-pkg-cache: true | |
| skip-build-cache: true | |
| - name: Test | |
| if: ${{ github.event_name == 'pull_request' && !contains(env.head_commit_message, '#skip-test') }} | |
| run: go test -race ./... | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to Google Artifact Registry | |
| uses: docker/login-action@v1 | |
| if: ${{ github.event_name != 'pull_request' }} | |
| with: | |
| registry: us-docker.pkg.dev | |
| username: _json_key | |
| password: ${{ secrets.ARTIFACT_BUILDER_JSON_KEY }} | |
| - name: Login to GitHub Container Registry | |
| if: ${{ github.event_name == 'pull_request' }} | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push pr (agent) | |
| if: ${{ github.event_name == 'pull_request' }} | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile.agent | |
| platforms: linux/arm64,linux/amd64 | |
| push: ${{ github.event_name == 'pull_request' }} | |
| tags: ghcr.io/castai/kvisor/kvisor:${{ github.sha }} | |
| - name: Build and push pr (imgcollector) | |
| if: ${{ github.event_name == 'pull_request' }} | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile.imgcollector | |
| platforms: linux/arm64,linux/amd64 | |
| push: ${{ github.event_name == 'pull_request' }} | |
| tags: ghcr.io/castai/kvisor/kvisor-imgcollector:${{ github.sha }} | |
| - name: Build and push main (agent) | |
| if: ${{ github.event_name != 'pull_request' && github.event_name != 'release' }} | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile.agent | |
| platforms: linux/arm64,linux/amd64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: us-docker.pkg.dev/castai-hub/library/kvisor:${{ github.sha }} | |
| - name: Build and push main (imgcollector) | |
| if: ${{ github.event_name != 'pull_request' && github.event_name != 'release' }} | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile.imgcollector | |
| platforms: linux/arm64,linux/amd64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: us-docker.pkg.dev/castai-hub/library/kvisor-imgcollector:${{ github.sha }} | |
| e2e: | |
| name: E2E | |
| runs-on: ubuntu-20.04 | |
| if: ${{ github.event_name == 'pull_request' }} | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Setup Go 1.19 | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: 1.19 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create kind cluster | |
| uses: helm/kind-action@v1.4.0 | |
| with: | |
| config: ./e2e/kind-config.yaml | |
| cluster_name: kvisor-e2e | |
| - name: Run e2e | |
| shell: bash | |
| run: | | |
| KIND_CONTEXT=kvisor-e2e IMAGE_TAG=${{ github.sha }} ./e2e/run.sh |