Join helm charts #39
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Images verify | |
run-name: ${{github.event.pull_request.title}} | |
on: | |
pull_request: | |
branches: | |
- main | |
paths: | |
- sec-scanners-config.yaml | |
- config/docker-registry/values.yaml | |
jobs: | |
# check if developer doesn't change `main` images in the values.yaml and sec-scanners-config.yaml files | |
check-main-tags: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout to main | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
- name: Export main images from the main ref | |
run: | | |
# export sec-scanners-config.yaml images with the main tag as github env | |
echo SSC_MAIN_IMAGES=$(yq '.protecode[] | select(contains(":main")) | sub(":.*", "")' sec-scanners-config.yaml) >> $GITHUB_ENV | |
# export values. images with the main tag as github env | |
echo VALUES_MAIN_IMAGES=$(yq '.global.images[] | select(.version == "main") | .name' config/docker-registry/values.yaml) >> $GITHUB_ENV | |
- name: Checkout to context | |
uses: actions/checkout@v4 | |
- name: Verify sec-scanners-config.yaml images | |
run: | | |
PR_NOT_MAIN_IMAGES=$(yq '.protecode[] | select(contains(":main") | not ) | sub(":.*", "")' sec-scanners-config.yaml) \ | |
.github/scripts/verify-image-changes.sh | |
env: | |
MAIN_IMAGES: ${{ env.SSC_MAIN_IMAGES }} | |
- name: Verify values.yaml images | |
run: | | |
PR_NOT_MAIN_IMAGES=$(yq '.global.images[] | select(.version != "main") | .name' config/docker-registry/values.yaml) \ | |
.github/scripts/verify-image-changes.sh | |
env: | |
MAIN_IMAGES: ${{ env.VALUES_MAIN_IMAGES }} |