Skip to content

Commit

Permalink
Update golang to 1.19.2 , patch version upgrades for ArgoCD, k8s libs…
Browse files Browse the repository at this point in the history
… etc, update image to 0.3.7 (#285)

Update goreleaser action

Backport docs infra selectively

Update golang from 1.19.2 to 1.19.3

Upgrade k8s tools kustomize and controller-gen

Fix code scanning alert - CVE-2022-21698 #157

Fix code scanning alert - CVE-2022-1996

Fix code scanning alert - CVE-2022-0619
cruizen authored Nov 2, 2022
1 parent e9c9e07 commit 9c9af6d
Showing 18 changed files with 937 additions and 301 deletions.
31 changes: 23 additions & 8 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -2,21 +2,36 @@ name: Go

on:
push:
branches: [ main ]
branches:
- main
- v0.3
- v0.9
pull_request:
branches: [ main ]
branches:
- main
- v0.3
- v0.9

jobs:

build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2

- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v2
uses: actions/setup-go@v3
with:
go-version: 1.17

go-version: 1.19.3
check-latest: true
cache: true
- name: Build
run: go build -v ./...
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.11'
cache: 'pip' # caching pip dependencies
- run: pip install -r docs/requirements.txt
- run: mkdocs gh-deploy --force
12 changes: 3 additions & 9 deletions .github/workflows/goreleaser.yaml
Original file line number Diff line number Diff line change
@@ -18,7 +18,7 @@ jobs:
name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.17
go-version: 1.19.3
-
name: Cache go modules
uses: actions/cache@v3
@@ -30,15 +30,9 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
-
name: Test controllers
uses: phalanks/[email protected]
with:
version: '0.20.2'
args: './controllers/...'
-
name: Run package tests
name: Run all tests
run: |
make pkgtest
make test
-
name: Import GPG key
id: import_gpg
53 changes: 53 additions & 0 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

name: build

on:
push:
branches:
- main
- v0.3
- v0.9
pull_request:
# The branches below must be a subset of the branches above
branches:
- main
- v0.3
- v0.9
schedule:
- cron: '28 1 * * 0'

permissions:
contents: read

jobs:
build:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Build
runs-on: "ubuntu-20.04"
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Build an image from Dockerfile
run: |
docker build -t docker.io/arlonproj/arlon:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'docker.io/arlonproj/arlon:${{ github.sha }}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
20 changes: 20 additions & 0 deletions .readthedocs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# .readthedocs.yaml
# Read the Docs configuration file
# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details

# Required
version: 2

# Set the version of Python and other tools you might need
build:
os: ubuntu-20.04
tools:
python: "3.11"

mkdocs:
configuration: mkdocs.yml

# Optionally declare the Python requirements required to build your docs
python:
install:
- requirements: docs/requirements.txt
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.17.13 as builder
FROM golang:1.19.3 as builder

WORKDIR /workspace
# Copy the Go Modules manifests
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
@@ -114,11 +114,11 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi

CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
controller-gen: ## Download controller-gen locally if necessary.
$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.9.2)
$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.10.0)

KUSTOMIZE = $(shell pwd)/bin/kustomize
kustomize: ## Download kustomize locally if necessary.
$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/[email protected])
$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/[email protected])

# go-get-tool will 'go get' any package $2 and install it to $1.
PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
2 changes: 1 addition & 1 deletion config/crd/bases/core.arlon.io_callhomeconfigs.yaml
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: callhomeconfigs.core.arlon.io
spec:
2 changes: 1 addition & 1 deletion config/crd/bases/core.arlon.io_clusterregistrations.yaml
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: clusterregistrations.core.arlon.io
spec:
2 changes: 1 addition & 1 deletion config/crd/bases/core.arlon.io_profiles.yaml
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
name: profiles.core.arlon.io
spec:
2 changes: 1 addition & 1 deletion deploy/manifests/deploy.yaml
Original file line number Diff line number Diff line change
@@ -25,7 +25,7 @@ spec:
- controller
- --argocd-config-path
- /.argocd/config
image: ghcr.io/arlonproj/arlon/controller:0.3.5
image: ghcr.io/arlonproj/arlon/controller:0.3.7
imagePullPolicy: Always
livenessProbe:
httpGet:
Loading

0 comments on commit 9c9af6d

Please sign in to comment.