You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
flux2/.github/workflows
dependabot[bot] 8d75df8fc3
build(deps): bump the ci group with 3 updates
Bumps the ci group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action).


Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...44c2b7a8a4)

Updates `ossf/scorecard-action` from 2.3.1 to 2.3.3
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](0864cf1902...dc50aa9510)

Updates `goreleaser/goreleaser-action` from 5.0.0 to 5.1.0
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](7ec5c2b0c6...5742e2a039)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
9 months ago
..
README.md ci: Refactor GitHub workflows 2 years ago
action.yaml build(deps): bump the ci group with 3 updates 9 months ago
backport.yaml build(deps): bump the ci group with 3 updates 9 months ago
conformance.yaml build(deps): bump the ci group with 3 updates 9 months ago
e2e-azure.yaml build(deps): bump the ci group with 3 updates 9 months ago
e2e-bootstrap.yaml build(deps): bump the ci group with 3 updates 9 months ago
e2e-gcp.yaml build(deps): bump the ci group with 3 updates 9 months ago
e2e.yaml build(deps): bump the ci group with 3 updates 9 months ago
ossf.yaml build(deps): bump the ci group with 3 updates 9 months ago
release.yaml build(deps): bump the ci group with 3 updates 9 months ago
scan.yaml build(deps): bump the ci group with 3 updates 9 months ago
sync-labels.yaml build(deps): bump the ci group with 3 updates 9 months ago
update.yaml build(deps): bump the ci group with 3 updates 9 months ago

README.md

Flux GitHub Workflows

End-to-end Testing

The e2e workflows run a series of tests to ensure that the Flux CLI and the GitOps Toolkit controllers work well all together. The tests are written in Go, Bash, Make and Terraform.

Workflow Jobs Runner Role
e2e.yaml e2e-amd64-kubernetes GitHub Ubuntu integration testing with Kubernetes Kind
e2e-arm64.yaml e2e-arm64-kubernetes Equinix Ubuntu integration testing with Kubernetes Kind
e2e-bootstrap.yaml e2e-boostrap-github GitHub Ubuntu integration testing with GitHub API
e2e-azure.yaml e2e-amd64-aks GitHub Ubuntu integration testing with Azure API
scan.yaml scan-fossa GitHub Ubuntu license scanning
scan.yaml scan-snyk GitHub Ubuntu vulnerability scanning
scan.yaml scan-codeql GitHub Ubuntu vulnerability scanning

Components Update

The components update workflow scans the GitOps Toolkit controller repositories for new releases, amd when it finds a new controller version, the workflow performs the following steps:

  • Updates the controller API package version in go.mod.
  • Patches the controller CRDs version in the manifests/crds overlay.
  • Patches the controller Deployment version in manifests/bases overlay.
  • Opens a Pull Request against the main branch.
  • Triggers the e2e test suite to run for the opened PR.
Workflow Jobs Runner Role
update.yaml update-components GitHub Ubuntu update the GitOps Toolkit APIs and controllers

Release

The release workflow is triggered by a semver Git tag and performs the following steps:

  • Generates the Flux install manifests (YAML).
  • Generates the OpenAPI validation schemas for the GitOps Toolkit CRDs (JSON).
  • Generates a Software Bill of Materials (SPDX JSON).
  • Builds the Flux CLI binaries and the multi-arch container images.
  • Pushes the container images to GitHub Container Registry and DockerHub.
  • Signs the sbom, the binaries checksum and the container images with Cosign and GitHub OIDC.
  • Uploads the sbom, binaries, checksums and install manifests to GitHub Releases.
  • Pushes the install manifests as OCI artifacts to GitHub Container Registry and DockerHub.
  • Signs the OCI artifacts with Cosign and GitHub OIDC.
Workflow Jobs Runner Role
release.yaml release-flux-cli GitHub Ubuntu build, push and sign the CLI release artifacts
release.yaml release-flux-manifests GitHub Ubuntu build, push and sign the Flux install manifests