Remove readiness probe #1009
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Validation | |
| on: pull_request | |
| env: | |
| NAME: "azad-kube-proxy" | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| env: | |
| GO111MODULE: on | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.20" | |
| - name: golangci-lint | |
| uses: golangci/[email protected] | |
| with: | |
| version: v1.52.2 | |
| fmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.20" | |
| - name: Run fmt | |
| run: | | |
| make fmt | |
| - name: Check if working tree is dirty | |
| run: | | |
| if [[ $(git status --porcelain) ]]; then | |
| git diff | |
| echo 'run make fmt and commit changes' | |
| exit 1 | |
| fi | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.20" | |
| - name: Run build | |
| run: | | |
| make build | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.20" | |
| - name: Run test | |
| env: | |
| CLIENT_ID: ${{ secrets.CLIENT_ID }} | |
| CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} | |
| TENANT_ID: ${{ secrets.TENANT_ID }} | |
| TEST_USER_SP_CLIENT_ID: ${{ secrets.TEST_USER_SP_CLIENT_ID }} | |
| TEST_USER_SP_CLIENT_SECRET: ${{ secrets.TEST_USER_SP_CLIENT_SECRET }} | |
| TEST_USER_SP_RESOURCE: ${{ secrets.TEST_USER_SP_RESOURCE }} | |
| TEST_USER_SP_OBJECT_ID: ${{ secrets.TEST_USER_SP_OBJECT_ID }} | |
| TEST_USER_OBJECT_ID: ${{ secrets.TEST_USER_OBJECT_ID }} | |
| run: | | |
| make test | |
| coverage: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.20" | |
| - name: coverage | |
| env: | |
| CLIENT_ID: ${{ secrets.CLIENT_ID }} | |
| CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} | |
| TENANT_ID: ${{ secrets.TENANT_ID }} | |
| TEST_USER_SP_CLIENT_ID: ${{ secrets.TEST_USER_SP_CLIENT_ID }} | |
| TEST_USER_SP_CLIENT_SECRET: ${{ secrets.TEST_USER_SP_CLIENT_SECRET }} | |
| TEST_USER_SP_RESOURCE: ${{ secrets.TEST_USER_SP_RESOURCE }} | |
| TEST_USER_SP_OBJECT_ID: ${{ secrets.TEST_USER_SP_OBJECT_ID }} | |
| TEST_USER_OBJECT_ID: ${{ secrets.TEST_USER_OBJECT_ID }} | |
| run: | | |
| mkdir -p tmp | |
| make cover | |
| - name: Send coverage to coverall | |
| uses: shogo82148/[email protected] | |
| with: | |
| path-to-profile: tmp/coverage.out | |
| ignore: cmd/azad-kube-proxy/main.go,internal/proxy/proxy.go,cmd/kubectl-azad-proxy/main.go | |
| build-container: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v3 | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| VERSION=sha-${GITHUB_SHA::8} | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| VERSION=${GITHUB_REF/refs\/tags\//} | |
| fi | |
| echo BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') >> $GITHUB_OUTPUT | |
| echo VERSION=${VERSION} >> $GITHUB_OUTPUT | |
| - uses: brpaz/[email protected] | |
| with: | |
| dockerfile: Dockerfile | |
| - name: Cache container layers | |
| uses: actions/[email protected] | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Set up QEMU | |
| uses: docker/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/[email protected] | |
| - name: Build and load (current arch) | |
| run: | | |
| docker buildx build --load -t ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }} . | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }} | |
| format: "table" | |
| exit-code: "1" | |
| ignore-unfixed: true | |
| severity: "CRITICAL,HIGH" |