From 686b67985db8be4f4d4f7257e5c26ba5f04e038e Mon Sep 17 00:00:00 2001 From: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> Date: Wed, 14 Feb 2024 09:55:14 -0500 Subject: [PATCH 1/2] Simplify GitHub Action workflows - Removes unnecessary subdirectories in favor of defaults - Also attempts to resolve the `setup-go` caching warnings. Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> --- .github/workflows/go-postsubmit.yml | 14 +------------- .github/workflows/go-release.yml | 9 ++------- .github/workflows/kind.yml | 7 +------ 3 files changed, 4 insertions(+), 26 deletions(-) diff --git a/.github/workflows/go-postsubmit.yml b/.github/workflows/go-postsubmit.yml index bcbe766f..74a336b1 100644 --- a/.github/workflows/go-postsubmit.yml +++ b/.github/workflows/go-postsubmit.yml @@ -5,15 +5,6 @@ on: branches: - main - release-* - workflow_dispatch: {} - -env: - # Common versions - GO_REQUIRED_MIN_VERSION: '' - GOPATH: '/home/runner/work/config-policy-controller/config-policy-controller/go' -defaults: - run: - working-directory: go/src/open-cluster-management.io/config-policy-controller jobs: verify: @@ -22,13 +13,10 @@ jobs: steps: - name: checkout code uses: actions/checkout@v4 - with: - fetch-depth: 1 - path: go/src/open-cluster-management.io/config-policy-controller - name: install Go uses: actions/setup-go@v5 with: - go-version-file: go/src/open-cluster-management.io/config-policy-controller/go.mod + go-version-file: go.mod - name: images run: make build-images - name: push diff --git a/.github/workflows/go-release.yml b/.github/workflows/go-release.yml index 0cd71f3b..e7c4c0ea 100644 --- a/.github/workflows/go-release.yml +++ b/.github/workflows/go-release.yml @@ -7,9 +7,7 @@ on: env: TAG: ${{ github.ref_name }} -defaults: - run: - working-directory: go/src/open-cluster-management.io/config-policy-controller + jobs: release: @@ -18,13 +16,10 @@ jobs: steps: - name: checkout code uses: actions/checkout@v4 - with: - fetch-depth: 1 - path: go/src/open-cluster-management.io/config-policy-controller - name: install Go uses: actions/setup-go@v5 with: - go-version-file: go/src/open-cluster-management.io/config-policy-controller/go.mod + go-version-file: go.mod - name: build images run: | make build-images diff --git a/.github/workflows/kind.yml b/.github/workflows/kind.yml index 9a90db49..ada05217 100644 --- a/.github/workflows/kind.yml +++ b/.github/workflows/kind.yml @@ -13,7 +13,6 @@ on: defaults: run: shell: bash - working-directory: config-policy-controller jobs: kind-tests: @@ -33,15 +32,11 @@ jobs: steps: - name: Checkout Config Policy Controller uses: actions/checkout@v4 - with: - path: config-policy-controller - fetch-depth: 0 # Fetch all history for all tags and branches - name: Set up Go uses: actions/setup-go@v5 - id: go with: - go-version-file: config-policy-controller/go.mod + go-version-file: go.mod - name: Verify modules run: | From e359e46727c5969a190985a3ebdcf49b20965f57 Mon Sep 17 00:00:00 2001 From: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> Date: Wed, 14 Feb 2024 09:59:19 -0500 Subject: [PATCH 2/2] Resolve gosec warnings Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> --- .github/workflows/kind.yml | 2 +- controllers/operatorpolicy_status.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/kind.yml b/.github/workflows/kind.yml index ada05217..f499e9c8 100644 --- a/.github/workflows/kind.yml +++ b/.github/workflows/kind.yml @@ -70,7 +70,6 @@ jobs: - name: E2E Tests run: | - kubectl get pod -A export GOPATH=$(go env GOPATH) KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-coverage @@ -100,6 +99,7 @@ jobs: run: | make test-coverage make coverage-verify + make gosec-scan - name: Debug if: ${{ failure() }} diff --git a/controllers/operatorpolicy_status.go b/controllers/operatorpolicy_status.go index 77bef570..9ce107bf 100644 --- a/controllers/operatorpolicy_status.go +++ b/controllers/operatorpolicy_status.go @@ -644,6 +644,7 @@ func opGroupTooManyObjs(opGroups []unstructured.Unstructured) []policyv1.Related objs := make([]policyv1.RelatedObject, len(opGroups)) for i, opGroup := range opGroups { + opGroup := opGroup objs[i] = policyv1.RelatedObject{ Object: policyv1.ObjectResourceFromObj(&opGroup), Compliant: string(policyv1.NonCompliant),