This repository has been archived by the owner on Aug 28, 2024. It is now read-only.
Used latest version of kube-rbac-proxy:v0.15.0 #527
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: linter | |
| on: | |
| pull_request: | |
| jobs: | |
| golangci-lint: | |
| name: golangci | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go 1.x | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "1.21" | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v3 | |
| with: | |
| # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version | |
| version: latest | |
| # Optional: working directory, useful for monorepos | |
| # working-directory: somedir | |
| # Optional: golangci-lint command line arguments. | |
| args: --timeout=10m | |
| # Optional: show only new issues if it's a pull request. The default value is `false`. | |
| # only-new-issues: true | |
| # Optional: if set to true then the action don't cache or restore ~/go/pkg. | |
| # skip-pkg-cache: true | |
| # Optional: if set to true then the action don't cache or restore ~/.cache/go-build. | |
| # skip-build-cache: true | |
| gosec: | |
| runs-on: ubuntu-latest | |
| env: | |
| GO111MODULE: on | |
| steps: | |
| - name: Checkout Source | |
| uses: actions/checkout@v4 | |
| - name: Run Gosec Security Scanner | |
| uses: securego/gosec@master | |
| with: | |
| args: '--exclude-generated ./...' | |
| kube-linter: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # This prepares directory where github/codeql-action/upload-sarif@v1 looks up report files by default. | |
| - name: Create ./.kube-linter/ for deployment files | |
| shell: bash | |
| run: mkdir -p ./.kube-linter/ | |
| - name: Generate openshift with vault configuration | |
| shell: bash | |
| run: kustomize build config/overlays/openshift_vault/ > ./.kube-linter/deploy-spi-openshift-vault.yaml | |
| - name: Generate openshift with aws configuration | |
| shell: bash | |
| run: kustomize build config/overlays/openshift_aws/ > ./.kube-linter/deploy-spi-openshift-aws.yaml | |
| - name: Scan yaml files with kube-linter | |
| uses: stackrox/kube-linter-action@v1 | |
| id: kube-linter-action-scan | |
| with: | |
| # Adjust this directory to the location where your kubernetes resources and helm charts are located. | |
| directory: ./.kube-linter/ | |
| # Adjust this to the location of kube-linter config you're using, or remove the setting if you'd like to use | |
| # the default config. | |
| config: ./.github/.kube-linter-config.yaml |