Skip to content

Bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /sidecar #2733

Bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /sidecar

Bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /sidecar #2733

name: Tenant Tests On Kind
on:
pull_request:
branches: [ master ]
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
shellcheck:
timeout-minutes: 30
name: Shellcheck
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [ 1.22.x ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
env:
SHELLCHECK_OPTS: -e SC2046 -e SC1091 -e SC2086 -e SC2090 -e SC2089 -e SC2006 -e SC2206
- name: Run nancy vulnerability report
run: |
nancy_version=$(curl --retry 10 -Ls -o /dev/null -w "%{url_effective}" https://github.com/sonatype-nexus-community/nancy/releases/latest | sed "s/https:\/\/github.com\/sonatype-nexus-community\/nancy\/releases\/tag\///")
curl -L -o nancy https://github.com/sonatype-nexus-community/nancy/releases/download/${nancy_version}/nancy-${nancy_version}-linux-amd64 && chmod +x nancy
go list -deps -json ./... | jq -s 'unique_by(.Module.Path)|.[]|select(has("Module"))|.Module' | ./nancy sleuth
lint:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Lint
run: |
make lint
govet:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: govet
run: |
make govet
vulnerable-dependencies-checks:
timeout-minutes: 30
name: "Check for vulnerable dependencies"
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [ 1.22.x ]
steps:
- name: Check out code
uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
cache: true
check-latest: true
- name: Get govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest
shell: bash
- name: Run govulncheck
run: govulncheck ./...
shell: bash
gotest:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- lint
- govet
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Go Test
run: |
make gotest
lint-sidecar:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Lint
working-directory: ./sidecar
run: |
make lint
govet-sidecar:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: govet
working-directory: ./sidecar
run: |
make govet
vulnerable-dependencies-checks-sidecar:
timeout-minutes: 30
name: "Check for vulnerable dependencies in sidecar"
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [ 1.22.x ]
steps:
- name: Check out code
uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
cache: true
check-latest: true
- name: Get govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest
shell: bash
- name: Run govulncheck
working-directory: ./sidecar
run: govulncheck ./...
shell: bash
gotest-sidecar:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- lint-sidecar
- govet-sidecar
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Go Test
working-directory: ./sidecar
run: |
make gotest
operator:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- lint
- govet
- shellcheck
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Operator Binary
run: |
make operator
- uses: actions/cache/save@v3
name: Save Operator Binary
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
sidecar:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- lint-sidecar
- govet-sidecar
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Operator Sidecar Binary
working-directory: ./sidecar
run: |
make sidecar
- uses: actions/cache/save@v3
name: Save Operator Sidecar Binary
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
test-tenant:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- operator
- sidecar
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Deploy Tenant
run: |
"${GITHUB_WORKSPACE}/testing/deploy-tenant.sh"
test-tenant-upgrade:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Tenant upgrade test on Kind
run: |
"${GITHUB_WORKSPACE}/testing/deploy-tenant-upgrade.sh"
# test-kes:
# timeout-minutes: 30
# runs-on: ${{ matrix.os }}
# needs:
# - operator
# strategy:
# matrix:
# go-version: [ 1.22.x ]
# os: [ ubuntu-latest ]
#
# steps:
# - uses: actions/checkout@v3
# - uses: actions/setup-go@v4
# with:
# go-version: ${{ matrix.go-version }}
# - uses: actions/cache@v3
# name: Operator Binary Cache
# with:
# path: |
# ./minio-operator
# key: ${{ runner.os }}-binary-${{ github.run_id }}
# - uses: actions/cache@v3
# name: Operator Sidecar Binary Cache
# with:
# path: |
# ./sidecar/minio-operator-sidecar
# key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
# - name: Tenant KES
# run: |
# "${GITHUB_WORKSPACE}/testing/console-tenant+kes.sh"
test-tenant-hotfix-update:
timeout-minutes: 10
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Tenant upgrade to hotfix version
run: |
"${GITHUB_WORKSPACE}/testing/tenant-hotfix-update.sh" "quay.io/minio/minio:RELEASE.2024-07-10T18-41-49Z" "quay.io/minio/minio:RELEASE.2024-07-10T18-41-49Z.hotfix.0fbf4c10f"
test-kes:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Tenant KES
run: |
"${GITHUB_WORKSPACE}/testing/console-tenant+kes.sh"
test-cert-manager:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Deploy Tenant with cert-manager
run: |
"${GITHUB_WORKSPACE}/testing/deploy-cert-manager-tenant.sh"
test-policy-binding:
timeout-minutes: 30
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
- name: Test PolicyBinding CRD and sts call on kind
run: |
"${GITHUB_WORKSPACE}/testing/test-policy-binding.sh"
helm:
timeout-minutes: 30
# The type of runner that the job will run on
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
# Runs a set of commands using the runners shell
- name: Deploy a MinIO Tenant on Kind
run: |
curl -sLO "https://dl.k8s.io/release/v1.29.10/bin/linux/amd64/kubectl" -o kubectl
chmod +x kubectl
mv kubectl /usr/local/bin
"${GITHUB_WORKSPACE}/testing/check-helm.sh"
helm-floor:
timeout-minutes: 30
# The type of runner that the job will run on
runs-on: ${{ matrix.os }}
needs:
- operator
strategy:
matrix:
go-version: [ 1.22.x ]
os: [ ubuntu-latest ]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- uses: actions/cache@v3
name: Operator Binary Cache
with:
path: |
./minio-operator
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v3
name: Operator Sidecar Binary Cache
with:
path: |
./sidecar/minio-operator-sidecar
key: ${{ runner.os }}-sidecar-binary-${{ github.run_id }}
# Runs a set of commands using the runners shell
- name: Deploy a MinIO Tenant on Kind
env:
TEST_FLOOR: true
run: |
curl -sLO "https://dl.k8s.io/release/v1.29.10/bin/linux/amd64/kubectl" -o kubectl
chmod +x kubectl
mv kubectl /usr/local/bin
"${GITHUB_WORKSPACE}/testing/check-helm.sh"