Skip to content

Updated CodeQL GitHub Action to v3 #1623 #944

Updated CodeQL GitHub Action to v3 #1623

Updated CodeQL GitHub Action to v3 #1623 #944

Workflow file for this run

#
# Copyright Red Hat
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
env:
GO_VERSION: 1.21
OAPI_CODEGEN_VERSION: v1.12.4
jobs:
go:
name: Check go tools build
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go environment
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Check if index-generator build is working
run: cd index/generator && bash ./build.sh
- name: Test index-generator
run: cd index/generator && go test ./...
- name: Check if registry-library build is working
run: cd registry-library && bash ./build.sh
- name: Check index-server code generation
run: |
export GOPATH=$(go env GOPATH)
go install github.com/deepmap/oapi-codegen/cmd/oapi-codegen@${{ env.OAPI_CODEGEN_VERSION }}
bash index/server/codegen.sh
GEN_DIFFS=$(git diff --name-only --diff-filter=ACMRT | grep .gen.go$ | xargs)
if [[ ! -z "${GEN_DIFFS}" ]]
then
echo "generated source does not match current changes "
for f in ${GEN_DIFFS}; do git diff HEAD -- $f; done
exit 1
fi
- name: Run Gosec Security Scanner
run: |
export PATH=$PATH:$(go env GOPATH)/bin
go install github.com/securego/gosec/v2/cmd/gosec@v2.14.0
bash ./run_gosec.sh
if [[ $? != 0 ]]
then
echo "gosec scanner failed to run "
exit 1
fi
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3.26.9@461ef6c76dfe95d5c364de2f431ddbd31a417628
with:
# Path to SARIF file relative to the root of the repository
sarif_file: gosec.sarif
docker:
name: Check docker builds
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go environment
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Set up QEMU # Enables arm64 image building
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
- name: Check license
run: |
export PATH=$PATH:$(go env GOPATH)/bin
go install github.com/google/addlicense@latest
git reset HEAD --hard
bash ./check_licenses.sh
if [[ $? != 0 ]]
then
echo "license headers not found:"
git --no-pager diff
exit 1
fi
- name: Test index server build for linux/amd64
run: |
cd index/server
export GOPATH=$(go env GOPATH)
go install github.com/deepmap/oapi-codegen/cmd/oapi-codegen@${{ env.OAPI_CODEGEN_VERSION }}
bash ./build.sh
- name: Test index server build for linux/arm64
run: |
cd index/server
export GOPATH=$(go env GOPATH)
go install github.com/deepmap/oapi-codegen/cmd/oapi-codegen@${{ env.OAPI_CODEGEN_VERSION }}
bash ./build.sh linux/arm64
- name: Test index server
run: cd index/server && go test ./... -coverprofile cover.out
- name: Check if oci server build is working
run: cd oci-registry && bash ./build.sh && bash ./build.sh linux/arm64
- name: Check if devfile-registry-integration build is working
run: cd tests/integration && bash ./docker-build.sh
- name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
test_minikube:
name: Test Devfile Registry
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go environment
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Setup Minikube
uses: manusa/actions-setup-minikube@3856c6fa039819f1c8e7e248b1fc5a8564e354c9 # v2.9.0
with:
minikube version: 'v1.31.2'
kubernetes version: 'v1.29.2'
driver: 'docker'
github token: ${{ secrets.GITHUB_TOKEN }}
start args: '--addons=ingress --memory 4096 --cpus 2'
- name: Run the devfile registry integration tests
run: |
export GOPATH=$(go env GOPATH)
go install github.com/deepmap/oapi-codegen/cmd/oapi-codegen@${{ env.OAPI_CODEGEN_VERSION }}
bash .ci/run_tests_minikube_linux.sh
test_staging:
name: Test Staging Devfile Registry
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go environment
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: ${{ env.GO_VERSION }}
- name: Run the devfile registry integration tests
run: |
# Run the integration tests
cd tests/integration
bash ./docker-build.sh
docker run --env REGISTRY=https://registry.stage.devfile.io --env IS_TEST_REGISTRY=false devfile-registry-integration