Fix workflow summary #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Compass Manager | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - '[0-9]+.[0-9]+.[0-9]+' | |
| - '[0-9]+.[0-9]+.[0-9]+-*' | |
| paths-ignore: | |
| - .reuse | |
| - hack/ | |
| - LICENSES/ | |
| - LICENSE | |
| - .gitignore | |
| - "**.md" | |
| pull_request_target: | |
| types: [opened, synchronize, reopened] | |
| paths-ignore: | |
| - .reuse | |
| - hack/ | |
| - LICENSES/ | |
| - LICENSE | |
| - .gitignore | |
| - "**.md" | |
| permissions: | |
| id-token: write # This is required for requesting the JWT token | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| setup: | |
| permissions: | |
| contents: read | |
| runs-on: ubuntu-latest | |
| outputs: | |
| tag: ${{ steps.tag.outputs.tag }} | |
| code: ${{ steps.detect-files.outputs.code_any_changed }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - id: tag | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| run: echo "tag=${{ github.ref_name }}" >> $GITHUB_OUTPUT | |
| - name: Detect files | |
| id: detect-files | |
| uses: tj-actions/changed-files@d6babd6899969df1a11d14c368283ea4436bca78 | |
| with: | |
| files_yaml: | | |
| code: | |
| - ./**.go | |
| - ./go.mod | |
| - ./go.sum | |
| unit-tests: | |
| permissions: | |
| contents: read | |
| needs: setup | |
| if: needs.setup.outputs.code == 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - name: Set up go environment | |
| uses: actions/setup-go@v4 | |
| with: | |
| cache-dependency-path: go.sum | |
| go-version-file: go.mod | |
| - name: Run unit tests | |
| run: make test | tee test.log | |
| - name: Generate summary | |
| if: success() || failure() | |
| run: | | |
| { | |
| echo '## Test Log' | |
| echo '```' | |
| cat test.log | |
| echo '```' | |
| } >> $GITHUB_STEP_SUMMARY | |
| - name: Upload test logs artifact | |
| uses: actions/upload-artifact@v4 | |
| if: success() || failure() | |
| with: | |
| name: test.log | |
| path: test.log | |
| trivy: | |
| permissions: | |
| contents: read | |
| runs-on: "ubuntu-20.04" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| - name: Install trivy | |
| run: | | |
| mkdir ./trivy | |
| curl -L https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar xvz --directory=./trivy | |
| ./trivy/trivy --version | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@0.24.0 | |
| with: | |
| scan-type: 'fs' | |
| scan-ref: '.' | |
| exit-code: 1 | |
| severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL' | |
| ignore-unfixed: false | |
| timeout: '5m0s' | |
| vuln-type: 'os,library' | |
| format: table | |
| output: 'trivy-results.txt' | |
| - name: Generate summary | |
| if: success() || failure() | |
| run: | | |
| { | |
| echo '## Trivy' | |
| echo '```txt' | |
| cat trivy-results.txt | |
| echo '```' | |
| } >> $GITHUB_STEP_SUMMARY | |
| - name: Upload trivy table | |
| if: success() || failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: trivy-results.txt | |
| path: trivy-results.txt | |
| build-image: | |
| needs: setup | |
| uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main | |
| with: | |
| name: compass-manager | |
| dockerfile: Dockerfile | |
| context: . | |
| tags: ${{ needs.setup.outputs.tag }} | |
| print-images: | |
| runs-on: ubuntu-latest | |
| needs: build-image | |
| steps: | |
| - name: "Generate summary" | |
| run: | | |
| { | |
| echo '## Images' | |
| echo '```json' | |
| echo '${{ needs.build-image.outputs.images }}' | jq | |
| echo '```' | |
| } >> $GITHUB_STEP_SUMMARY |