Skip to content
Workflow Integration tests

Add inline comments to trivy ignore #3281

Sign in to view logs

Add inline comments to trivy ignore

Add inline comments to trivy ignore #3281

Workflow file for this run

.github/workflows/workflow_test.yaml at 98376c1
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
name: Workflow Integration tests
on:
pull_request:
jobs:
integration:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
trivy-severity-config: "CRITICAL,HIGH"
integration-juju3:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
identifier: test-upload
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
juju-channel: 3.3/stable
channel: 1.30-strict/stable
provider: microk8s
test-tox-env: "integration-juju3.1"
integration-artifact:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
identifier: test-upload-artifact
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
juju-channel: 3.3/stable
channel: 1.30-strict/stable
provider: microk8s
test-tox-env: "integration-juju3.1"
upload-image: artifact
microk8s-addons: "dns ingress rbac storage registry"
integration-self-hosted:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
self-hosted-runner: true
self-hosted-runner-label: "edge"
integration-with-uv:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
self-hosted-runner: false
with-uv: true
python-version: "3.12"
integration-rock:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-rock/"
trivy-image-config: "tests/workflows/integration/test-rock/trivy.yaml"
integration-rock-artifact:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-rock/"
upload-image: artifact
microk8s-addons: "dns ingress rbac storage registry"
trivy-image-config: "tests/workflows/integration/test-rock/trivy.yaml"
publish:
uses: ./.github/workflows/publish_charm.yaml
secrets: inherit
needs: [ integration-juju3 ]
with:
identifier: test-upload
channel: latest/edge
force-publish: true
integration-test-workflow-file: workflow_test.yaml
working-directory: tests/workflows/integration/test-upload-charm/
workflow-run-id: ${{ github.run_id }}
publish-artifact:
uses: ./.github/workflows/publish_charm.yaml
secrets: inherit
needs: [ publish, integration-artifact ]
with:
identifier: test-upload-artifact
channel: latest/edge
force-publish: true
integration-test-workflow-file: workflow_test.yaml
working-directory: tests/workflows/integration/test-upload-charm/
workflow-run-id: ${{ github.run_id }}
allure-report:
if: always() && !cancelled()
needs:
- integration
- integration-juju3
- integration-artifact
- integration-self-hosted
uses: ./.github/workflows/allure_report.yaml
check:
runs-on: ubuntu-latest
if: always() && !cancelled()
timeout-minutes: 5
needs:
- integration
- integration-juju3
- integration-artifact
- integration-self-hosted
- integration-rock
- integration-rock-artifact
- publish
- publish-artifact
- allure-report
steps:
- run: |
[ '${{ needs.integration.result }}' = 'success' ] || (echo integration failed && false)
[ '${{ needs.integration-juju3.result }}' = 'success' ] || (echo integration-juju3 failed && false)
[ '${{ needs.integration-artifact.result }}' = 'success' ] || (echo integration-artifact failed && false)
[ '${{ needs.integration-self-hosted.result }}' = 'success' ] || (echo integration-self-hosted failed && false)
[ '${{ needs.integration-rock.result }}' = 'success' ] || (echo integration-rock failed && false)
[ '${{ needs.integration-rock-artifact.result }}' = 'success' ] || (echo integration-rock-artifact failed && false)
[ '${{ needs.publish.result }}' != 'failure' ] || (echo publish failed && false)
[ '${{ needs.publish-artifact.result }}' != 'failure' ] || (echo publish failed && false)
[ '${{ needs.allure-report.result }}' != 'failure' ] || (echo allure-report failed && false)
integration-canonical-k8s:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-rock/"
trivy-image-config: "tests/workflows/integration/test-rock/trivy.yaml"
provider: k8s
extra-arguments: |
--kube-config=~/.kube/config
use-canonical-k8s: true
juju-channel: 3.5/stable
channel: edge
charmcraft-channel: latest/edge
# We need large runners to be able to deploy canonical k8s
self-hosted-runner: true
self-hosted-runner-image: noble
self-hosted-runner-label: large
integration-charmcraftcache:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
charmcraftcache: true
working-directory: "tests/workflows/integration/test-upload-charm/"
trivy-image-config: "tests/workflows/integration/test-upload-charm/trivy.yaml"
trivy-severity-config: "CRITICAL,HIGH"
integration-alternative-rock-filename:
uses: ./.github/workflows/integration_test.yaml
secrets: inherit
with:
working-directory: "tests/workflows/integration/test-alter-rock-name/"
trivy-image-config: "tests/workflows/integration/test-alter-rock-name/trivy.yaml"