chore(deps): update module github.com/jackc/pgx/v4 to v4.18.2 [security] - autoclosed #216
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pr-build | |
on: | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
jobs: | |
lint-chart: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 #v3.5 | |
with: | |
version: v3.4.0 | |
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 | |
with: | |
python-version: 3.7 | |
- name: Set up chart-testing | |
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed --target-branch=master --chart-dirs chart) | |
if [[ -n "$changed" ]]; then | |
echo "::set-output name=changed::true" | |
fi | |
- name: Run chart-testing (lint) | |
run: ct lint --target-branch=master --chart-dirs chart --check-version-increment=false | |
fmt: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
- name: Setup Go | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version: 1.20.x | |
- name: Restore Go cache | |
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: fmt | |
run: make fmt | |
- name: vet | |
run: make vet | |
- name: lint | |
run: make lint | |
- name: Check if working tree is dirty | |
run: | | |
if [[ $(git diff --stat) != '' ]]; then | |
git --no-pager diff | |
echo 'run <make test> and commit changes' | |
exit 1 | |
fi | |
test: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
kubernetes-version: | |
- "1.25" | |
- "1.26" | |
- "1.27" | |
- "1.28" | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
- name: Setup Go | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version: 1.20.x | |
- name: Restore Go cache | |
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: run test | |
run: make test ENVTEST_K8S_VERSION=${{ matrix.kubernetes-version }} | |
build: | |
runs-on: ubuntu-latest | |
outputs: | |
profiles: ${{ steps.profiles.outputs.matrix }} | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
- name: Setup Go | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version: 1.20.x | |
- name: Restore Go cache | |
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: build | |
run: make build | |
- name: Check if working tree is dirty | |
run: | | |
if [[ $(git diff --stat) != '' ]]; then | |
git --no-pager diff | |
echo 'run <make test> and commit changes' | |
exit 1 | |
fi | |
- name: Build container image | |
run: | | |
make docker-build | |
- name: Create image tarball | |
run: | | |
docker save --output db-controller-container.tar db-controller:latest | |
- name: Upload image | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce #v3.1.2 | |
with: | |
name: db-controller-container | |
path: db-controller-container.tar | |
- id: profiles | |
name: Determine test profiles | |
run: | | |
profiles=$(ls config/tests/cases | jq -R -s -c 'split("\n")[:-1]') | |
echo $profiles | |
echo "::set-output name=matrix::$profiles" | |
e2e-tests: | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
strategy: | |
matrix: | |
profile: ${{ fromJson(needs.build.outputs.profiles) }} | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
- name: Setup Go | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version: 1.20.x | |
- name: Setup Kubernetes | |
uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 | |
with: | |
version: v0.17.0 | |
- name: Download db-controller container | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a #v3.0.2 | |
with: | |
name: db-controller-container | |
path: /tmp | |
- name: Load images | |
run: | | |
docker load --input /tmp/db-controller-container.tar | |
docker image ls -a | |
- name: Setup Kustomize | |
uses: imranismail/setup-kustomize@6691bdeb1b0a3286fb7f70fd1423c10e81e5375f # v2.0.0 | |
- name: Run test | |
run: | | |
make kind-test TEST_PROFILE=${{ matrix.profile }} | |
- name: Debug failure | |
if: failure() | |
run: | | |
kubectl -n kube-system describe pods | |
kubectl -n db-system describe pods | |
kubectl -n db-system get all | |
kubectl -n db-system logs deploy/db-controller | |
test-chart: | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- lint-chart | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 #v3.5 | |
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 | |
with: | |
python-version: 3.7 | |
- name: Set up chart-testing | |
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | |
- name: Create kind cluster | |
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 | |
- name: Download db-controller container | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: db-controller-container | |
path: /tmp | |
- name: Load image | |
run: | | |
docker load --input /tmp/db-controller-container.tar | |
docker tag db-controller:latest ghcr.io/doodlescheduling/db-controller:v0.0.0 | |
kind load docker-image ghcr.io/doodlescheduling/db-controller:v0.0.0 --name chart-testing | |
docker image ls -a | |
- name: Run chart-testing (install) | |
run: ct install --target-branch=master --chart-dirs chart |