chore: bump up Trivy to version v0.68.1 #1372
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Helm | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - deploy/** | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - deploy/** | |
| env: | |
| KIND_VERSION: v0.29.0 | |
| KIND_IMAGE: kindest/node:v1.33.1@sha256:050072256b9a903bd914c0b2866828150cb229cea0efe5892e2b644d5dd3b34f | |
| permissions: {} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| chart-testing: | |
| name: Run chart testing | |
| runs-on: ubuntu-22.04 | |
| env: | |
| DOCKER_CLI_EXPERIMENTAL: enabled | |
| steps: | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Available platforms | |
| run: echo ${{ steps.buildx.outputs.platforms }} | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Release snapshot | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| version: v2.4.8 | |
| args: release -f=goreleaser-e2e.yaml --snapshot --skip=publish --clean | |
| - name: Setup Kubernetes cluster (KIND) | |
| uses: engineerd/setup-kind@v0.6.2 | |
| with: | |
| version: ${{ env.KIND_VERSION }} | |
| image: ${{ env.KIND_IMAGE }} | |
| - name: Test connection to Kubernetes cluster | |
| run: | | |
| kubectl cluster-info | |
| kubectl wait --for=condition=Ready nodes --all --timeout=300s | |
| kubectl describe node | |
| - name: Install helm and yq | |
| run: > | |
| curl -fsSL -o get_helm.sh | |
| https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
| chmod 700 get_helm.sh | |
| - name: update appVersion | |
| uses: mikefarah/yq@master | |
| with: | |
| cmd: yq -i '.appVersion = "ct"' ./deploy/helm/Chart.yaml | |
| - name: Load operator image to cluster | |
| run: > | |
| docker tag mirror.gcr.io/aquasec/trivy-operator:${{ github.sha }}-amd64 | |
| mirror.gcr.io/aquasec/trivy-operator:ct | |
| docker save -o trivy-operator.tar mirror.gcr.io/aquasec/trivy-operator:ct | |
| kind load image-archive trivy-operator.tar | |
| - name: Set up python | |
| uses: actions/setup-python@v5.6.0 | |
| with: | |
| python-version: '3.x' | |
| check-latest: true | |
| - name: Setup chart-testing | |
| id: lint | |
| uses: helm/chart-testing-action@v2.7.0 | |
| with: | |
| # v6.0.0 resolved the compatibility issue with Python > 3.13. may be removed after the action itself is updated | |
| yamale_version: "6.0.0" | |
| - name: Run chart-testing | |
| run: ct lint-and-install --validate-maintainers=false --charts deploy/helm |