Merge pull request #1087 from Nordix/Fix-flaking-test-template/mohammed #304

Summary
Jobs
- setup
- Kubesec
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/kubesec.yml at d04a34e

	name: Kubesec
	on:
	push:
	branches: [ main ]
	schedule:
	- cron: '30 7 * * 3'

	permissions:
	contents: read

	jobs:
	setup:
	# This workflow is only of value to the metal3-io/cluster-api-provider-metal3 repository and
	# would always fail in forks
	if: github.repository == 'metal3-io/cluster-api-provider-metal3'
	runs-on: ubuntu-20.04
	permissions:
	actions: read
	contents: read
	steps:
	- name: Checkout code
	uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3

	- name: Collect all yaml
	id: list_yaml
	run: \|
	LIST_YAML="$(find * -type f -name '*.yaml' ! -name "clusterctl-cluster.yaml")"
	echo "::set-output name=value::$(IFS=$','; echo $LIST_YAML \| jq -cnR '[inputs \| select(length>0)]'; IFS=$'\n')"
	outputs:
	matrix: ${{ steps.list_yaml.outputs.value }}

	lint:
	needs: [ setup ]
	name: Kubesec
	runs-on: ubuntu-20.04
	permissions:
	actions: read
	contents: read
	security-events: write
	strategy:
	matrix:
	value: ${{ fromJson(needs.setup.outputs.matrix) }}
	steps:
	- name: Checkout code
	uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3

	- name: Run kubesec scanner
	uses: controlplaneio/kubesec-action@43d0ddff5ffee89a6bb9f29b64cd865411137b14
	with:
	input: ${{ matrix.value }}
	format: template
	template: template/sarif.tpl
	output: ${{ matrix.value }}.sarif
	exit-code: "0"

	- name: Save result into a variable
	id: save_result
	run: echo "::set-output name=result::$(cat ${{ matrix.value }}.sarif \| jq -c '.runs')"

	- name: Upload Kubesec scan results to GitHub Security tab
	if: ${{ steps.save_result.outputs.result != '[]' }}
	uses: github/codeql-action/upload-sarif@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2
	with:
	sarif_file: ${{ matrix.value }}.sarif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #1087 from Nordix/Fix-flaking-test-template/mohammed #304

Workflow file

Merge pull request #1087 from Nordix/Fix-flaking-test-template/mohammed #304

Jobs

Run details

Workflow file for this run