Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add reusable workflows for CI testing #68

Merged
merged 1 commit into from
Mar 3, 2023
Merged

Add reusable workflows for CI testing #68

merged 1 commit into from
Mar 3, 2023

Conversation

turkenf
Copy link
Contributor

@turkenf turkenf commented Feb 27, 2023

Description of your changes

This PR adds reusable workflows to be reused by official provider repositories for CI testing.

I have:

  • Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

Manually tested on turkenf/uptest and turkenf/azuread

Copy link
Member

@ytsarev ytsarev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That looks great and reusable. According to the description, you have already fully end-to-end tested on your forks. That's great!

Just in case I ran it through https://github.com/rhysd/actionlint and it's green apart from shellcheck error, but I don't think it make sense to quote the globally available special variable in this case

./provider-ci.yml:121:9: shellcheck reported issue in this script: SC2086:info:1:37: Double quote to prevent globbing and word splitting [shellcheck]
    |
121 |         run: echo "cache=$(make go.cachedir)" >> $GITHUB_OUTPUT

Additional advice for the future is to run this pipeline through https://app.stepsecurity.io/secureworkflow/ and adopt some of the security hardening. This tools was recommended by CNCF when my other project was going through CNCF security slam( we scored 100 eventually https://clomonitor.io/projects/cncf/k8gb )

Security hardening is a topic for another PR, so this one is good to merge, great job!

@turkenf
Copy link
Contributor Author

turkenf commented Mar 3, 2023

Security hardening is a topic for another PR, so this one is good to merge, great job!

I opened an issue on your suggestion: #73
Thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants