fix: patch and bump kubecost images to fix cve #7743
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Manifest validation | |
on: | |
pull_request: | |
types: [opened, reopened, synchronize, labeled] | |
push: | |
branches: | |
- 'main' | |
- 'v*' | |
jobs: | |
manifest-validation: | |
name: Manifest validation | |
if: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'ok-to-test') }} | |
runs-on: | |
- self-hosted | |
- small | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
#- uses: webfactory/[email protected] | |
# with: | |
# ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }} | |
- name: Install NIX | |
uses: cachix/install-nix-action@v30 | |
- name: Install devbox | |
uses: jetify-com/[email protected] | |
with: | |
enable-cache: true | |
skip-nix-installation: true | |
- name: Run tests | |
run: devbox run -- "GOOS=linux GOARCH=amd64 make validate-manifests" |