Skip to content

Add security policy link to README.md #282

Add security policy link to README.md

Add security policy link to README.md #282

Workflow file for this run

#
# Copyright Red Hat
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Validate PRs
on:
pull_request:
branches: [ main ]
jobs:
go:
name: Check go sources
runs-on: ubuntu-latest
steps:
-
name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
-
name: Set up Go 1.x
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: 'go.mod'
-
name: Cache go modules
id: cache-mod
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
-
name: Download dependencies
run: go mod download
if: steps.cache-mod.outputs.cache-hit != 'true'
-
name: Check go mod status
run: |
go mod tidy
if [[ ! -z $(git status -s) ]]
then
echo "Go mod state is not clean: $(git status -s)"
exit 1
fi
-
name: Check format
run: |
go get -u github.com/google/addlicense
go install github.com/google/addlicense
go get -u golang.org/x/tools/cmd/goimports
go install golang.org/x/tools/cmd/goimports
git reset HEAD --hard
make fmt
if [[ ! -z $(git status -s) ]]
then
echo "not well formatted sources found during make fmt: $(git --no-pager diff)"
exit 1
fi
make fmt_license
if [[ ! -z $(git status -s) ]]
then
echo "not well formatted sources found during make fmt_license: $(git status -s)"
exit 1
fi
-
name: Check code generation
run: make generate
-
name: Check CRD manifest generation
run: make manifests
-
name: Run unit tests
run: make test
-
name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
- name: Run Gosec Security Scanner
run: |
go install github.com/securego/gosec/v2/cmd/gosec@v2.14.0
make gosec
if [[ $? != 0 ]]
then
echo "gosec scanner failed to run "
exit 1
fi
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # 2.22.5
with:
# Path to SARIF file relative to the root of the repository
sarif_file: gosec.sarif
operator-build:
name: Check operator container image build
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up QEMU # Enables arm64 image building
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
- name: Check if operator docker build is working
run: make docker-buildx-build
operator-bundle-build:
name: Check operator bundle build
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up QEMU # Enables arm64 image building
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
- name: Build the operator's bundle image
run: make docker-bundle-buildx-build