-
Notifications
You must be signed in to change notification settings - Fork 21
94 lines (75 loc) · 2.75 KB
/
preflight.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
---
name: Preflight
'on':
schedule:
- cron: '0 0 * * *'
# pull_request:
# branches: [ main ]
workflow_dispatch:
jobs:
preflight-debug-partner:
runs-on: ubuntu-22.04
env:
SHELL: /bin/bash
IMAGE_NAME: quay.io/testnetworkfunction/debug-partner:latest
steps:
- uses: actions/checkout@v4
- name: Set up Go 1.23
uses: actions/setup-go@v5
with:
go-version: 1.23.4
- name: Disable default go problem matcher
run: echo "::remove-matcher owner=go::"
- name: Clone the preflight repository
uses: actions/checkout@v4
with:
repository: redhat-openshift-ecosystem/openshift-preflight
path: openshift-preflight
- name: Run preflight
working-directory: openshift-preflight
run: |
make build
./preflight check container ${{ env.IMAGE_NAME }} --artifacts ${GITHUB_WORKSPACE}/openshift-preflight/artifacts
ALLOWED_FAILURES=("HasLicense" "RunAsNonRoot")
FAILURES=$(cat ${GITHUB_WORKSPACE}/openshift-preflight/artifacts/amd64/results.json | jq -r '.results.failed[].name')
for FAILURE in $FAILURES; do
FAILURE=$(echo $FAILURE | tr -d '"')
if [[ ! " ${ALLOWED_FAILURES[@]} " =~ " ${FAILURE} " ]]; then
echo "ERROR: $FAILURE is not an allowed failure"
exit 1
fi
done
preflight-certsuite-sample-workload:
runs-on: ubuntu-22.04
env:
SHELL: /bin/bash
IMAGE_NAME: quay.io/redhat-best-practices-for-k8s/certsuite-sample-workload:latest
steps:
- uses: actions/checkout@v4
- name: Set up Go 1.23
uses: actions/setup-go@v5
with:
go-version: 1.23.4
- name: Disable default go problem matcher
run: echo "::remove-matcher owner=go::"
- name: Clone the preflight repository
uses: actions/checkout@v4
with:
repository: redhat-openshift-ecosystem/openshift-preflight
path: openshift-preflight
# - name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
- name: Run preflight
working-directory: openshift-preflight
run: |
make build
./preflight check container ${{ env.IMAGE_NAME }} --artifacts ${GITHUB_WORKSPACE}/openshift-preflight/artifacts
ALLOWED_FAILURES=()
FAILURES=$(cat ${GITHUB_WORKSPACE}/openshift-preflight/artifacts/amd64/results.json | jq -r '.results.failed[].name')
for FAILURE in $FAILURES; do
FAILURE=$(echo $FAILURE | tr -d '"')
if [[ ! " ${ALLOWED_FAILURES[@]} " =~ " ${FAILURE} " ]]; then
echo "ERROR: $FAILURE is not an allowed failure"
exit 1
fi
done