diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 36d8669b4..83538e446 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -89,34 +89,34 @@ jobs: with: image: ghcr.io/podkrepi-bg/frontend:${{ env.VERSION }} -# scan-manifests: -# name: Scan k8s manifests -# runs-on: ubuntu-latest -# steps: -# - uses: actions/checkout@v4 -# -# - name: Install kustomize -# uses: imranismail/setup-kustomize@v2 -# -# - name: Build development manifests -# run: kustomize build manifests/overlays/development > dev-manifests.yaml -# -# - name: Scan development manifests with Mondoo -# uses: mondoohq/actions/k8s-manifest@main -# env: -# MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} -# with: -# path: dev-manifests.yaml -# -# - name: Build production manifests -# run: kustomize build manifests/overlays/production > prod-manifests.yaml -# -# - name: Scan production manifests with Mondoo -# uses: mondoohq/actions/k8s-manifest@main -# env: -# MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} -# with: -# path: prod-manifests.yaml + scan-manifests: + name: Scan k8s manifests + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Install kustomize + uses: imranismail/setup-kustomize@v2 + + - name: Build development manifests + run: kustomize build manifests/overlays/development > dev-manifests.yaml + + - name: Scan development manifests with Mondoo + uses: mondoohq/actions/k8s-manifest@main + env: + MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} + with: + path: dev-manifests.yaml + + - name: Build production manifests + run: kustomize build manifests/overlays/production > prod-manifests.yaml + + - name: Scan production manifests with Mondoo + uses: mondoohq/actions/k8s-manifest@main + env: + MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} + with: + path: prod-manifests.yaml run-playwright: name: Run Playwright diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index ad13277f2..0eef12272 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -71,36 +71,36 @@ jobs: with: image: ghcr.io/podkrepi-bg/maintenance:pr -# scan-manifests: -# name: Scan k8s manifests -# runs-on: ubuntu-latest -# steps: -# - uses: actions/checkout@v4 -# with: -# ref: ${{ github.event.pull_request.head.sha }} -# -# - name: Install kustomize -# uses: imranismail/setup-kustomize@v2 -# -# - name: Build development manifests -# run: kustomize build manifests/overlays/development > dev-manifests.yaml -# -# - name: Scan development manifests with Mondoo -# uses: mondoohq/actions/k8s-manifest@main -# env: -# MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} -# with: -# path: dev-manifests.yaml -# -# - name: Build production manifests -# run: kustomize build manifests/overlays/production > prod-manifests.yaml -# -# - name: Scan production manifests with Mondoo -# uses: mondoohq/actions/k8s-manifest@main -# env: -# MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} -# with: -# path: prod-manifests.yaml + scan-manifests: + name: Scan k8s manifests + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + + - name: Install kustomize + uses: imranismail/setup-kustomize@v2 + + - name: Build development manifests + run: kustomize build manifests/overlays/development > dev-manifests.yaml + + - name: Scan development manifests with Mondoo + uses: mondoohq/actions/k8s-manifest@main + env: + MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} + with: + path: dev-manifests.yaml + + - name: Build production manifests + run: kustomize build manifests/overlays/production > prod-manifests.yaml + + - name: Scan production manifests with Mondoo + uses: mondoohq/actions/k8s-manifest@main + env: + MONDOO_CONFIG_BASE64: ${{ secrets.MONDOO_SECRET }} + with: + path: prod-manifests.yaml run-playwright: name: Run Playwright