Skip to content

Add Keep-Alive Context Isolation Tests (Issue #29) #24

Add Keep-Alive Context Isolation Tests (Issue #29)

Add Keep-Alive Context Isolation Tests (Issue #29) #24

Workflow file for this run

name: CI
on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
env:
GO_VERSION: '1.24'
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: golangci-lint
uses: golangci/golangci-lint-action@v7
with:
version: v2.5.0
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Run tests
run: make test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
files: ./cover.out
fail_ci_if_error: false
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Build proxy
run: go build -v ./cmd/proxy
- name: Build manager
run: go build -v ./cmd/main.go
docker:
name: Docker Build
runs-on: ubuntu-latest
needs: [lint, test, build]
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build proxy image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.proxy
push: false
tags: contextforge-proxy:test
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build operator image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.operator
push: false
tags: contextforge-operator:test
cache-from: type=gha
cache-to: type=gha,mode=max
helm:
name: Helm Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.13.0
- name: Lint chart
run: helm lint deploy/helm/contextforge
security:
name: Security Scan
runs-on: ubuntu-latest
needs: [docker]
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner (filesystem)
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
severity: 'CRITICAL,HIGH'
exit-code: '1'
ignore-unfixed: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build proxy image for scanning
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.proxy
push: false
load: true
tags: contextforge-proxy:scan
- name: Run Trivy vulnerability scanner (proxy image)
uses: aquasecurity/trivy-action@master
with:
image-ref: 'contextforge-proxy:scan'
severity: 'CRITICAL,HIGH'
exit-code: '1'
ignore-unfixed: true
- name: Build operator image for scanning
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile.operator
push: false
load: true
tags: contextforge-operator:scan
- name: Run Trivy vulnerability scanner (operator image)
uses: aquasecurity/trivy-action@master
with:
image-ref: 'contextforge-operator:scan'
severity: 'CRITICAL,HIGH'
exit-code: '1'
ignore-unfixed: true