diff --git a/.github/workflows/e2e_openssl.yml b/.github/workflows/e2e_openssl.yml index 5cbe5e8a3c..e3303080fe 100644 --- a/.github/workflows/e2e_openssl.yml +++ b/.github/workflows/e2e_openssl.yml @@ -1,18 +1,18 @@ name: e2e test openssl on: - workflow_dispatch: - inputs: - skip-undeploy: - description: "Skip undeploy" - required: false - type: boolean - default: false - pull_request: - paths-ignore: - - dev-docs/** - - docs/** - - rfc/** + workflow_dispatch: + inputs: + skip-undeploy: + description: "Skip undeploy" + required: false + type: boolean + default: false + pull_request: + paths-ignore: + - dev-docs/** + - docs/** + - rfc/** env: container_registry: ghcr.io/edgelesssys diff --git a/.github/workflows/e2e_regression.yml b/.github/workflows/e2e_regression.yml index 94ed1651a9..a43ea423bc 100644 --- a/.github/workflows/e2e_regression.yml +++ b/.github/workflows/e2e_regression.yml @@ -30,8 +30,8 @@ jobs: strategy: matrix: case: - - getdents - - genpolicy + - getdents + - genpolicy steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: ./.github/actions/setup_nix diff --git a/.github/workflows/e2e_runtime-reproducibility.yml b/.github/workflows/e2e_runtime-reproducibility.yml index a6dc7a227f..eddd746aa3 100644 --- a/.github/workflows/e2e_runtime-reproducibility.yml +++ b/.github/workflows/e2e_runtime-reproducibility.yml @@ -1,9 +1,9 @@ name: e2e test runtime reproducibility on: - workflow_dispatch: - schedule: - - cron: '0 19 * * 0' # 7pm UTC on Sundays + workflow_dispatch: + schedule: + - cron: '0 19 * * 0' # 7pm UTC on Sundays jobs: os-matrix: @@ -31,13 +31,13 @@ jobs: - name: Build id: build run: | - nix build .#${{ matrix.build-target }} --option substituters https://cache.nixos.org --builders "" - reference_checksum="$(cat result/index.json | jq -r '.manifests[0].digest')" - echo "reference-checksum-${{ matrix.os }}-${{ matrix.build-target}}=$reference_checksum" >> "$GITHUB_OUTPUT" + nix build .#${{ matrix.build-target }} --option substituters https://cache.nixos.org --builders "" + reference_checksum="$(cat result/index.json | jq -r '.manifests[0].digest')" + echo "reference-checksum-${{ matrix.os }}-${{ matrix.build-target}}=$reference_checksum" >> "$GITHUB_OUTPUT" - nix build .#${{ matrix.build-target }} --rebuild --option substituters https://cache.nixos.org --builders "" -o rebuild - rebuild_checksum="$(cat rebuild/index.json | jq -r '.manifests[0].digest')" - echo "rebuild-checksum-${{ matrix.os }}-${{ matrix.build-target}}=$rebuild_checksum" >> "$GITHUB_OUTPUT" + nix build .#${{ matrix.build-target }} --rebuild --option substituters https://cache.nixos.org --builders "" -o rebuild + rebuild_checksum="$(cat rebuild/index.json | jq -r '.manifests[0].digest')" + echo "rebuild-checksum-${{ matrix.os }}-${{ matrix.build-target}}=$rebuild_checksum" >> "$GITHUB_OUTPUT" - name: Upload Build Artifacts uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: diff --git a/.github/workflows/e2e_servicemesh.yml b/.github/workflows/e2e_servicemesh.yml index d9843cfc1b..c68a60df35 100644 --- a/.github/workflows/e2e_servicemesh.yml +++ b/.github/workflows/e2e_servicemesh.yml @@ -1,18 +1,18 @@ name: e2e test service-mesh on: - workflow_dispatch: - inputs: - skip-undeploy: - description: "Skip undeploy" - required: false - type: boolean - default: false - pull_request: - paths-ignore: - - dev-docs/** - - docs/** - - rfc/** + workflow_dispatch: + inputs: + skip-undeploy: + description: "Skip undeploy" + required: false + type: boolean + default: false + pull_request: + paths-ignore: + - dev-docs/** + - docs/** + - rfc/** env: container_registry: ghcr.io/edgelesssys diff --git a/.github/workflows/rpm_updates.yml b/.github/workflows/rpm_updates.yml index de0387b433..4e023bbcc2 100644 --- a/.github/workflows/rpm_updates.yml +++ b/.github/workflows/rpm_updates.yml @@ -20,10 +20,10 @@ jobs: cachixToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - name: Update Microsoft RPMs run: | - nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp > packages/by-name/microsoft/kata-image/package-index.json + nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp > packages/by-name/microsoft/kata-image/package-index.json - name: Update Kata RPMs run: | - nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp core-packages-base-image > packages/by-name/kata/kata-image/package-index.json + nix run .#rpm-pin-vendor -- kata-packages-uvm kata-packages-uvm-coco systemd libseccomp core-packages-base-image > packages/by-name/kata/kata-image/package-index.json - name: Create PR uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 with: diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index e05692c5f0..8ae8cfeb11 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -44,17 +44,17 @@ jobs: renovate-commit-msg: "fixup: update generated code" govulncheck: - runs-on: ubuntu-22.04 - timeout-minutes: 15 - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: ./.github/actions/setup_nix - with: - githubToken: ${{ secrets.GITHUB_TOKEN }} - cachixToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Run govulncheck - run: | - nix run .#scripts.govulncheck -- ./... + runs-on: ubuntu-22.04 + timeout-minutes: 15 + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: ./.github/actions/setup_nix + with: + githubToken: ${{ secrets.GITHUB_TOKEN }} + cachixToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Run govulncheck + run: | + nix run .#scripts.govulncheck -- ./... golangci-lint: runs-on: ubuntu-22.04