OIDC authenticator defaults to using host's root CA pool if CA file is not provided #702
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Go | |
| on: [push, pull_request] | |
| env: | |
| QUAY_PATH: quay.io/brancz/kube-rbac-proxy | |
| go-version: '1.23' | |
| kind-version: 'v0.25.0' | |
| jobs: | |
| check-license: | |
| runs-on: ubuntu-latest | |
| name: Check license | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - run: make check-license | |
| generate: | |
| runs-on: ubuntu-latest | |
| name: Generate | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-go@v2 | |
| with: | |
| go-version: ${{ env.go-version }} | |
| - run: make generate && git diff --exit-code | |
| lint: | |
| runs-on: ubuntu-latest | |
| name: Lint | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v2 | |
| with: | |
| version: latest | |
| args: --timeout=5m | |
| build: | |
| runs-on: ubuntu-latest | |
| name: Build | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-go@v2 | |
| with: | |
| go-version: ${{ env.go-version }} | |
| - run: make build | |
| unit-tests: | |
| runs-on: ubuntu-latest | |
| name: Unit tests | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-go@v2 | |
| with: | |
| go-version: ${{ env.go-version }} | |
| - run: make test-unit | |
| e2e-tests: | |
| runs-on: ubuntu-latest | |
| name: E2E tests | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Start kind & create cluster | |
| uses: engineerd/[email protected] | |
| with: | |
| version: ${{ env.kind-version }} | |
| config: test/e2e/kind-config/kind-config.yaml | |
| wait: 300s | |
| - name: Wait for cluster to finish bootstraping | |
| run: kubectl wait --for=condition=Ready pods --all --all-namespaces --timeout=300s | |
| - name: Setup golang for make test-e2e | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: ${{ env.go-version }} | |
| - name: Create container & run tests | |
| run: | | |
| VERSION=local VERSION_SEMVER=$(cat ./VERSION) make container | |
| kind load docker-image ${QUAY_PATH}:local | |
| until docker exec $(kind get nodes) crictl images | grep "${QUAY_PATH}"; do | |
| echo "no kube-rbac-proxy image" | |
| sleep 1 | |
| done | |
| make test-e2e | |
| publish: | |
| runs-on: ubuntu-latest | |
| name: Publish container image to Quay | |
| if: github.event_name == 'push' | |
| needs: | |
| - check-license | |
| - generate | |
| - build | |
| - unit-tests | |
| - e2e-tests | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Setup golang for building | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: ${{ env.go-version }} | |
| - name: Login to Quay.io | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - name: Build images and push | |
| run: ./scripts/publish.sh |