Skip to content

CSU-2183: Fix CVE-2024-37307 #368

CSU-2183: Fix CVE-2024-37307

CSU-2183: Fix CVE-2024-37307 #368

Workflow file for this run

name: Build
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
build:
name: Build
runs-on: ubuntu-22.04
if: ${{ github.event.head_commit.message != '[Release] Update Chart.yaml' }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Get merge request latest commit
id: parse-commit
if: ${{ github.event_name == 'pull_request' }}
run: |
msg=$(git show -s --format=%s)
echo "head_commit_message=${msg}" >> $GITHUB_ENV
- name: Setup Go 1.21
uses: actions/setup-go@v2
with:
go-version: "1.21"
- name: Cache Go modules
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-build-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-build-
- name: Build egressd collector go binary amd64
run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/egressd-amd64 ./cmd/collector
env:
GOOS: linux
GOARCH: amd64
CGO_ENABLED: 0
- name: Build egressd collector go binary arm64
run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/egressd-arm64 ./cmd/collector
env:
GOOS: linux
GOARCH: arm64
CGO_ENABLED: 0
- name: Build egressd exporter go binary amd64
run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/egressd-exporter-amd64 ./cmd/exporter
env:
GOOS: linux
GOARCH: amd64
CGO_ENABLED: 0
- name: Build egressd exporter go binary arm64
run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/egressd-exporter-arm64 ./cmd/exporter
env:
GOOS: linux
GOARCH: arm64
CGO_ENABLED: 0
- name: Run golangci-lint
# You may pin to the exact commit or the version.
# uses: golangci/golangci-lint-action@537aa1903e5d359d0b27dbc19ddd22c5087f3fbc
if: ${{ github.event_name == 'pull_request' && !contains(env.head_commit_message, '#skip-lint') }}
uses: golangci/[email protected]
with:
args: --timeout=5m
skip-pkg-cache: true
skip-build-cache: true
version: v1.58.2
- name: Test
if: ${{ github.event_name == 'pull_request' && !contains(env.head_commit_message, '#skip-test') }}
run: go test -race ./...
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push pr (egressd collector)
if: ${{ github.event_name == 'pull_request' }}
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/arm64,linux/amd64
file: ./Dockerfile
push: ${{ github.event_name == 'pull_request' }}
tags: ghcr.io/castai/egressd/egressd:${{ github.sha }}
- name: Build and push pr (egressd exporter)
if: ${{ github.event_name == 'pull_request' }}
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/arm64,linux/amd64
file: ./Dockerfile.exporter
push: ${{ github.event_name == 'pull_request' }}
tags: ghcr.io/castai/egressd/egressd-exporter:${{ github.sha }}
- name: Build and push main (egressd collector)
if: ${{ github.event_name != 'pull_request' && github.event_name != 'release' }}
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/arm64,linux/amd64
file: ./Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/castai/egressd/egressd:${{ github.sha }}
- name: Build and push main (egressd exporter)
if: ${{ github.event_name != 'pull_request' && github.event_name != 'release' }}
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/arm64,linux/amd64
file: ./Dockerfile.exporter
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/castai/egressd/egressd-exporter:${{ github.sha }}
e2e:
name: E2E
runs-on: ubuntu-22.04
if: ${{ github.event_name == 'pull_request' }}
needs: build
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Go 1.21
uses: actions/setup-go@v2
with:
go-version: "1.21"
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create kind cluster
uses: helm/[email protected]
with:
config: ./e2e/kind-config.yaml
version: "v0.20.0"
cluster_name: e2e
- name: Run e2e
shell: bash
run: |
KIND_CONTEXT=e2e IMAGE_TAG=${{ github.sha }} ./e2e/run.sh