Fix trivy findings on spring boot image #464
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Lint and Test Charts | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| node_image: | |
| description: 'kindest/node image for k8s kind cluster' | |
| # k8s version from 3.1 release as default | |
| default: 'kindest/node:v1.27.3' | |
| required: false | |
| type: string | |
| upgrade_from: | |
| description: 'chart version to upgrade from' | |
| # chart version from 3.1 release as default | |
| default: '3.1.2' | |
| required: false | |
| type: string | |
| jobs: | |
| lint-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Kubernetes KinD Cluster | |
| uses: container-tools/kind-action@v1 | |
| with: | |
| # upgrade version, default (v0.17.0) uses node image v1.21.1 and doesn't work with more recent node image versions | |
| version: v0.20.0 | |
| # default value for event_name != workflow_dispatch | |
| node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.27.3' }} | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v3 | |
| with: | |
| version: v3.9.3 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.9' | |
| check-latest: true | |
| - name: Set up chart-testing | |
| uses: helm/[email protected] | |
| - name: Run chart-testing (list-changed) | |
| id: list-changed | |
| run: | | |
| changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) | |
| if [[ -n "$changed" ]]; then | |
| echo "changed=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Run chart-testing (lint) | |
| run: ct lint --target-branch ${{ github.event.repository.default_branch }} --config charts/config/chart-testing-config.yaml | |
| - name: Run chart-testing (install) | |
| run: ct install --charts charts/bpdm --config charts/config/chart-testing-config.yaml | |
| if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' | |
| # Upgrade the released chart version with the locally available chart | |
| # default value for event_name != workflow_dispatch | |
| - name: Run helm upgrade | |
| run: | | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev | |
| helm repo add opensearch https://opensearch-project.github.io/helm-charts | |
| helm install bpdm-test tractusx-dev/bpdm --version ${{ github.event.inputs.upgrade_from || '3.1.2' }} | |
| helm dependency update charts/bpdm | |
| helm upgrade bpdm-test charts/bpdm | |
| if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' |