Skip to content

Fix privilege for passwd CVE-2025-7195 #149

Fix privilege for passwd CVE-2025-7195

Fix privilege for passwd CVE-2025-7195 #149

Workflow file for this run

name: Go
on:
workflow_dispatch: {}
pull_request:
branches:
- main
env:
# Common versions
GO_VERSION: '1.23'
GO_REQUIRED_MIN_VERSION: ''
GOPATH: '/home/runner/work/cluster-permission/cluster-permission/go'
defaults:
run:
working-directory: go/src/github.com/open-cluster-management/cluster-permission
jobs:
build:
name: build
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/github.com/open-cluster-management/cluster-permission
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: pre-build
run: make pre-build
- name: build
run: make build
images:
name: images
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/github.com/open-cluster-management/cluster-permission
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/[email protected]
- name: images
run: make docker-build
test:
name: test
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/github.com/open-cluster-management/cluster-permission
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: test
run: make test
- name: report-coverage
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: /home/runner/work/cluster-permission/cluster-permission/go/src/github.com/open-cluster-management/cluster-permission/coverage.out
flags: unit
name: unit
verbose: true
fail_ci_if_error: true
go-sec-scan:
name: go-sec-scan
runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: -exclude-generated ./...
e2e:
name: e2e
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/github.com/open-cluster-management/cluster-permission
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/[email protected]
- name: images
run: make docker-build
- name: setup kind
uses: engineerd/[email protected]
with:
version: v0.27.0
name: cluster1
- name: setup kind
uses: engineerd/[email protected]
with:
version: v0.27.0
name: hub
- name: Load image on the nodes of the cluster
run: |
kind load docker-image --name=hub quay.io/open-cluster-management/cluster-permission:latest
- name: Run e2e test
run: |
make test-e2e
env:
KUBECONFIG: /home/runner/.kube/config