Skip to content

Add trivy workflow

Add trivy workflow #9

Workflow file for this run

name: Build ROCK
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
pull_request:
workflow_call:
outputs:
rock:
description: "The rock output of build process."
value: ${{ jobs.build.outputs.rock }}
jobs:
lint:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install yamllint
run: python3 -m pip install yamllint
- name: YAML Lint
run: |
yamllint -d "{extends: relaxed, rules: {line-length: {max: 250}}}" \
--no-warnings rockcraft.yaml
build:
runs-on: ubuntu-latest
timeout-minutes: 15
needs:
- lint
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup LXD
uses: canonical/setup-lxd@main
- name: Install dependencies
id: install
run: |
sudo snap install yq
sudo snap install rockcraft --classic --edge
- name: Build ROCK
id: build
run: |
VERSION=$(yq '.version' rockcraft.yaml)
rockcraft pack --verbose
echo "rock=charmed-karapace_${VERSION}_amd64.rock" >> $GITHUB_OUTPUT
- name: Upload locally built ROCK artifact
uses: actions/upload-artifact@v3
with:
name: charmed-karapace
path: ${{ steps.build.outputs.rock }}
outputs:
rock: ${{ steps.build.outputs.rock }}