Skip to content
Build

sec: CVE-2024-24790 (#140) #311

Sign in to view logs

sec: CVE-2024-24790 (#140)

sec: CVE-2024-24790 (#140) #311

Workflow file for this run

.github/workflows/build.yaml at badb8b1
---
name: Build
on:
push:
branches:
- main
paths-ignore:
- .github/ISSUE_TEMPLATE/*.md
- "*.md"
- docs/**
- mkdocs.yml
- LICENSE
- NOTICE
pull_request:
branches:
- main
paths-ignore:
- .github/ISSUE_TEMPLATE/*.md
- "*.md"
- docs/**
- mkdocs.yml
- LICENSE
- NOTICE
env:
GO_VERSION: 1.22.4
KIND_VERSION: v0.11.1
KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6
permissions: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
verify-code:
name: Verify code
runs-on: ubuntu-20.04
steps:
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Checkout code
uses: actions/checkout@v4
- name: Cached Go dependencies
uses: actions/cache@v4
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Verify Go code
uses: golangci/[email protected]
with:
args: --verbose
version: v1.57.2
skip-pkg-cache: true
skip-build-cache: true
- name: Verify YAML code
uses: ibiqlik/action-yamllint@v3
- name: Vendor Go modules
run: go mod vendor
tests:
name: Run tests
runs-on: ubuntu-20.04
steps:
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Checkout code
uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Run unit tests
run: make test
- name: Upload code coverage
uses: codecov/codecov-action@v4
with:
files: ./coverage.txt
e2e-testing:
name: Run end to end testing
runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: enabled
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Release snapshot
uses: goreleaser/goreleaser-action@v6
with:
version: v1.7.0
args: release -f=goreleaser-e2e.yaml --snapshot --skip-publish --rm-dist
- name: Install kind and create cluster
run: >
curl -Lo ./kind https://kind.sigs.k8s.io/dl/${{ env.KIND_VERSION
}}/kind-linux-amd64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
kind create cluster
curl -LO https://dl.k8s.io/release/v1.26.0/bin/linux/amd64/kubectl
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
- name: Test connection to Kubernetes cluster
run: |
kubectl cluster-info
kubectl wait --for=condition=Ready nodes --all --timeout=300s
kubectl describe node
- name: Load node-collector image to cluster
run: >
echo "tagging image with e2e tag"
docker tag ghcr.io/aquasecurity/node-collector:${{ github.sha }}-amd64 ghcr.io/aquasecurity/node-collector:e2e
echo "saving image to tar file"
docker save -o node-collector.tar ghcr.io/aquasecurity/node-collector:e2e
sleep 5
echo "loading image to kind cluster"
kind load image-archive node-collector.tar
- name: Install JQ Tool
uses: mbround18/install-jq@v1
- name: Run node-collector job
run: >
go run ./tests/e2e/job-update.go
kubectl apply -f ./tests/e2e/job.yaml
kubectl wait --for=condition=Complete --timeout=30s job/node-collector
kubectl logs job/node-collector > full-actual-node-collector-output.txt
jq -r .info full-actual-node-collector-output.txt > actual-node-collector-output.txt
echo "compare node collector actual vs expected logs"
diff -a --suppress-common-lines -y actual-node-collector-output.txt ./tests/e2e/expected-node-collector-output.txt