Skip to content

Bump docker/setup-buildx-action from 2 to 3 #439

Bump docker/setup-buildx-action from 2 to 3

Bump docker/setup-buildx-action from 2 to 3 #439

Workflow file for this run

name: Tests
on:
push:
branches:
- master
tags:
- "*"
pull_request:
schedule:
- cron: '0 5 * * *'
jobs:
style:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'gradle'
- name: Check style
run: make -C functionaltest-jenkins-plugin style
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '8'
cache: 'maven'
- name: Initialize CodeQL
if: github.event_name == 'push'
uses: github/codeql-action/init@v2
with:
languages: java, javascript
- name: Build with Maven
run: cd stackrox-container-image-scanner && ./mvnw -B verify package hpi:hpi cyclonedx:makeAggregateBom
- uses: actions/upload-artifact@v3
with:
name: stackrox-container-image-scanner.hpi
path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.hpi
- uses: actions/upload-artifact@v3
with:
name: stackrox-container-image-scanner.jar
path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.jar
- name: Perform CodeQL Analysis
if: github.event_name == 'push'
uses: github/codeql-action/analyze@v2
e2e:
if: github.event_name == 'push' || !github.event.pull_request.head.repo.fork
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v4
with:
repository: stackrox/stackrox
path: stackrox
- uses: docker/setup-buildx-action@v3
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
cache: 'gradle'
- name: Install kubectl
run: sudo snap install kubectl --classic
- name: Install gcloud
run: |
sudo snap install google-cloud-cli --classic
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
sudo apt-get update
sudo apt-get install google-cloud-sdk-gke-gcloud-auth-plugin
- uses: actions/download-artifact@v3
with:
name: stackrox-container-image-scanner.hpi
path: jenkins
- uses: actions/download-artifact@v3
with:
name: stackrox-container-image-scanner.hpi
path: stackrox-container-image-scanner/target/
- name: Build jenkins image
uses: docker/build-push-action@v5
with:
tags: jenkins-test
context: jenkins
push: false
load: true
- name: Run jenkins in background
run: docker run -d --add-host host.docker.internal:host-gateway -p 8080:8080 jenkins-test
- name: Create GKE cluster
id: create-cluster
env:
GCP_SERVICE_ACCOUNT_STACKROX_CI: ${{ secrets.GCP_SERVICE_ACCOUNT_STACKROX_CI }}
run: |
cd stackrox
source "scripts/ci/gke.sh"
provision_gke_cluster "jenkins-plugin-e2e" 3 e2-standard-4
echo "CLUSTER_NAME=${CLUSTER_NAME}" >> $GITHUB_OUTPUT
wait_for_cluster
- name: Deploy Stackrox
id: deploy
env:
MAIN_IMAGE_TAG: latest
MONITORING_SUPPORT: false
run: |
cd stackrox
./deploy/k8s/central.sh
pass=$(cat deploy/k8s/central-deploy/password)
echo "ROX_PASSWORD=$(cat deploy/k8s/central-deploy/password)" >> $GITHUB_OUTPUT
- name: Wait for API
run: |
cd stackrox
source "tests/e2e/lib.sh"
export USE_MIDSTREAM_IMAGES=false
wait_for_api
- name: Run tests
env:
ROX_PASSWORD: ${{ steps.deploy.outputs.ROX_PASSWORD }}
ROX_ENDPOINT: https://localhost:8000
JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000
run: make -C functionaltest-jenkins-plugin test
- name: Teardown GKE cluster
if: always() && steps.create-cluster.outputs.CLUSTER_NAME != ''
env:
CLUSTER_NAME: ${{ steps.create-cluster.outputs.CLUSTER_NAME }}
run: |
source "stackrox/scripts/ci/gke.sh"
teardown_gke_cluster