feat: add security context for cleanup hook #139
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ChartLint | |
| on: | |
| pull_request: | |
| # only run when there are chart changes | |
| paths: | |
| - 'charts/**' | |
| - '!charts/charts.mk' | |
| - '!charts/go*' | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: '0' | |
| - name: Determine Go version from go.mod | |
| run: echo "GO_VERSION=$(go mod edit -json | jq -r .Go)" >> $GITHUB_ENV | |
| working-directory: ./charts | |
| - uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - uses: actions/cache@v3 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Verify charts are upt-do-date | |
| run: make chart-lint | |
| template: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Render Helm charts | |
| run: find charts -type f -name Chart.yaml -exec .github/render-charts.sh {} \; |