Skip to content

Add security policy link to README.md #2010

Add security policy link to README.md

Add security policy link to README.md #2010

#
# Copyright 2021-2022 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Validate stacks
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: 0 5 * * *
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
env:
MINIKUBE_VERSION: "v1.29.0"
MINIKUBE_RESOURCES: "--memory 14gb --cpus 4"
KUBERNETES_VERSION: "v1.25.2"
TEST_DELTA: false
jobs:
validate-devfile-schema:
name: validate devfile schemas
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Install Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.21"
- name: Install Ginkgo
run: go install -mod=mod github.com/onsi/ginkgo/v2/[email protected]
- name: Test delta if on a pull request
if: ${{ github.event_name == 'pull_request' }}
run: echo "TEST_DELTA=true" >> $GITHUB_ENV
- name: Validate stacks
run: bash tests/validate_devfile_schemas.sh
non-terminating:
name: check for non-terminating images
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Setup Minikube
uses: manusa/actions-setup-minikube@92af4db914ab207f837251cd53eb7060e6477614 # v2.11.0
with:
minikube version: ${{ env.MINIKUBE_VERSION }}
kubernetes version: ${{ env.KUBERNETES_VERSION }}
driver: "docker"
github token: ${{ secrets.GITHUB_TOKEN }}
start args: "--addons=ingress ${{ env.MINIKUBE_RESOURCES }}"
- name: Test delta if on a pull request
if: ${{ github.event_name == 'pull_request' }}
run: echo "TEST_DELTA=true" >> $GITHUB_ENV
- name: Check that containers components are non terminating
run: bash tests/check_non_terminating.sh
odov2:
name: with odo v2
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Free Disk Space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be #v1.3.1
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- name: Setup Minikube
uses: manusa/actions-setup-minikube@92af4db914ab207f837251cd53eb7060e6477614 # v2.11.0
with:
minikube version: ${{ env.MINIKUBE_VERSION }}
kubernetes version: ${{ env.KUBERNETES_VERSION }}
driver: "docker"
github token: ${{ secrets.GITHUB_TOKEN }}
start args: "--addons=ingress ${{ env.MINIKUBE_RESOURCES }}"
- name: Install odo v2
uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1
with:
odo: "2.5.1"
- name: Check odo version
run: odo version
- name: Test delta if on a pull request
if: ${{ github.event_name == 'pull_request' }}
run: echo "TEST_DELTA=true" >> $GITHUB_ENV
- name: Check the devfile stacks with odo v2
run: bash tests/check_odov2.sh odo
odov3:
name: with odo v3
runs-on: ubuntu-latest
needs: [odov2, non-terminating, validate-devfile-schema]
if: success() || failure()
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Free Disk Space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be #v1.3.1
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- name: Setup Minikube
uses: manusa/actions-setup-minikube@92af4db914ab207f837251cd53eb7060e6477614 # v2.11.0
with:
minikube version: ${{ env.MINIKUBE_VERSION }}
kubernetes version: ${{ env.KUBERNETES_VERSION }}
driver: "docker"
github token: ${{ secrets.GITHUB_TOKEN }}
start args: "--addons=ingress ${{ env.MINIKUBE_RESOURCES }}"
- name: Install Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "1.21"
- name: Install odo latest version
run: |
curl -L https://s3.eu-de.cloud-object-storage.appdomain.cloud/odo-nightly-builds/odo-linux-amd64 -o odo
sudo install -m 0755 odo /usr/local/bin/odo
- name: Install Ginkgo
run: go install -mod=mod github.com/onsi/ginkgo/v2/[email protected]
- name: Check odo version
run: odo version
- name: Test delta if on a pull request
if: ${{ github.event_name == 'pull_request' }}
run: echo "TEST_DELTA=true" >> $GITHUB_ENV
- name: Check the devfile stacks with odo v3
run: bash tests/check_odov3.sh
slack_notification:
name: send slack notification
runs-on: ubuntu-latest
if: ${{ always() && contains(join(needs.*.result, ','), 'failure') && github.event_name == 'schedule' }}
needs: [validate-devfile-schema, non-terminating, odov2, odov3]
steps:
- name: Send slack notification
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
payload: |
{
"text": "GitHub Action failed",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "*Status:* :red_circle: failure\n*Severity:* medium\n*Title:* Registry's validate stacks nightly run\n*Description:* run failed for `${{ github.ref }}` - `${{ github.sha }}`"
}
},
{
"type": "actions",
"elements": [
{
"type": "button",
"text": {
"type": "plain_text",
"text": ":github: Failed action"
},
"url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK