Skip to content

Improve robustness of security group reconcilers and add defaultDeleteOutboundRule option #632

Improve robustness of security group reconcilers and add defaultDeleteOutboundRule option

Improve robustness of security group reconcilers and add defaultDeleteOutboundRule option #632

Workflow file for this run

name: docker
on:
pull_request:
branches: [main]
paths:
- "**.go"
- "**.yaml"
- "!capm.yaml"
- "!osc-secret.yaml"
- "!example/**.yaml"
- "!helm/**"
- "Makefile"
- "!docs/src/**"
- "!hack/json-format/*.sh"
- "!hack/json-format/src/*.rs"
- "!hack/json-format/Makefile"
- "!hack/json-format/Cargo.*"
- "!hack/json-format/tests/*.rs"
push:
branches:
- 'main'
paths:
- "**.go"
- "**.yaml"
- "!capm.yaml"
- "!osc-secret.yaml"
- "!example/**.yaml"
- "!helm/**"
- "Makefile"
- "!docs/src/**"
- "!hack/json-format/*.sh"
- "!hack/json-format/src/*.rs"
- "!hack/json-format/Makefile"
- "!hack/json-format/Cargo.*"
- "!hack/json-format/tests/*.rs"
jobs:
docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Cache Trivy Database
- name: Cache Trivy DB
uses: actions/cache@v2
with:
path: ~/.cache/trivy/db # This is where Trivy DB will be cached locally
key: ${{ runner.os }}-trivy-db # Unique cache key based on OS
restore-keys: |
${{ runner.os }}-trivy-db # Fallback key if the exact cache key isn't available
# Download Trivy DB only if cache is missing or outdated
- name: Download Trivy DB
run: |
docker run --rm \
-v $HOME/.cache/trivy/db:/root/.cache/trivy/db \
aquasec/trivy:latest image --download-db-only
# Docker Lint
- name: Docker Lint
run: bash -c "make dockerlint"
# Build and Push Docker Image
- name: Build and Push Docker Image
run: |
make docker-buildx
env:
IMG: cluster-api-outscale-controller:${{ github.sha }}
DOCKER_BUILDKIT: 1
# Trivy Scan
- name: Trivy Scan
run: bash -c "make trivy-scan"
env:
IMG: cluster-api-outscale-controller:${{ github.sha }}
# Mount cached Trivy DB to avoid redundant downloads
with:

Check failure on line 78 in .github/workflows/docker.yaml

View workflow run for this annotation

GitHub Actions / docker

Invalid workflow file

The workflow is not valid. .github/workflows/docker.yaml (Line: 78, Col: 9): Unexpected value 'with'
args: |
-v $HOME/.cache/trivy/db:/root/.cache/trivy/db
# Trivy Ignore Check
- name: Trivy Ignore Check
run: bash -c "make trivy-ignore-check"
env:
IMG: cluster-api-outscale-controller:${{ github.sha }}
# Upload Trivy SARIF report if errors
- name: Upload Scan if Errors
if: ${{ always() && github.event_name != 'pull_request' }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: './.trivyscan/report.sarif'