Skip to content

Commit 2e935b5

Browse files
heldkatheldkat
authored
export testresults as inlined ocm-resource (#361)
1 parent 26a51a8 commit 2e935b5

1 file changed

Lines changed: 46 additions & 9 deletions

File tree

.github/workflows/build.yaml

Lines changed: 46 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -55,12 +55,49 @@ jobs:
5555
ocm-labels: ${{ toJSON(matrix.args.ocm-labels) }}
5656
extra-tags: latest
5757

58-
sast-lint:
59-
uses: gardener/cc-utils/.github/workflows/sastlint-ocm.yaml@master
60-
with:
61-
go-version: '1.25'
62-
linter: gosec
63-
run: .ci/verify
64-
permissions:
65-
contents: read
66-
58+
verify:
59+
runs-on: ubuntu-latest
60+
steps:
61+
- uses: actions/setup-go@v5
62+
with:
63+
go-version: '1.25'
64+
- uses: gardener/cc-utils/.github/actions/trusted-checkout@master
65+
with:
66+
remove-trusted-label: false
67+
- uses: gardener/cc-utils/.github/actions/install-gardener-gha-libs@master
68+
- name: run-verify
69+
run: |
70+
set -eu
71+
mkdir /tmp/blobs.d
72+
.ci/verify |& tee /tmp/blobs.d/verify-log.txt
73+
tar czf /tmp/blobs.d/gosec-report.tar.gz gosec-report.sarif
74+
tar czf /tmp/blobs.d/verify-log.tar.gz -C /tmp/blobs.d verify-log.txt
75+
- name: add-reports-to-component-descriptor
76+
uses: gardener/cc-utils/.github/actions/export-ocm-fragments@master
77+
with:
78+
blobs-directory: /tmp/blobs.d
79+
ocm-resources: |
80+
- name: gosec-report
81+
relation: local
82+
access:
83+
type: localBlob
84+
localReference: gosec-report.tar.gz
85+
labels:
86+
- name: gardener.cloud/purposes
87+
value:
88+
- lint
89+
- sast
90+
- gosec
91+
- name: gardener.cloud/comment
92+
value: |
93+
we use gosec (linter) for SAST scans
94+
see: https://github.com/securego/gosec
95+
- name: test-results
96+
relation: local
97+
access:
98+
type: localBlob
99+
localReference: verify-log.tar.gz
100+
labels:
101+
- name: gardener.cloud/purposes
102+
value:
103+
- test

0 commit comments

Comments
 (0)