.github/workflows/lint.yml
name: Lint
on:
pull_request:
push:
branches:
- master
permissions:
contents: read
jobs:
rubocop:
name: Rubocop
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c # v1.175.1
with:
bundler-cache: true
- name: Rubocop
run: bundle exec rubocop
brakeman:
name: Brakeman
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c # v1.175.1
with:
bundler-cache: true
- name: Brakeman
run: bundle exec brakeman
importmap:
name: Importmap Verify
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c # v1.175.1
with:
bundler-cache: true
- name: Importmap Verify
run: bundle exec rake importmap:verify
kubeconform:
name: Kubeconform
runs-on: ubuntu-22.04
strategy:
matrix:
kubernetes_version: ["1.29.1"]
environment:
- staging
- production
steps:
- name: login to Github Packages
run: echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c # v1.175.1
with:
bundler-cache: true
- name: krane render
run: |
gem exec --silent krane render -f config/deploy/$ENVIRONMENT --bindings=environment=$ENVIRONMENT --current-sha=$REVISION > config/deploy/$ENVIRONMENT.rendered.yaml
env:
ENVIRONMENT: "${{ matrix.environment }}"
REVISION: "${{ github.sha }}"
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: "${{ matrix.environment }}.rendered.yaml"
path: "config/deploy/${{ matrix.environment }}.rendered.yaml"
- name: kubeconform
uses: docker://ghcr.io/yannh/kubeconform:v0.6.3
with:
entrypoint: "/kubeconform"
args: "-strict -summary -output json --kubernetes-version ${{ matrix.kubernetes_version }} config/deploy/${{ matrix.environment }}.rendered.yaml"