Skip to content

feat: Add API Speculator module for OAS #57

feat: Add API Speculator module for OAS

feat: Add API Speculator module for OAS #57

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
# Copyright 2024 Authors of SentryFlow
name: PR checks
on:
pull_request:
types: [ opened, reopened, synchronize, ready_for_review ]
paths-ignore:
- '**.md'
- 'docs/**'
- 'LICENSE'
permissions: read-all
jobs:
files-changed:
name: Find out which files were changed
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
sentryflow: ${{ steps.filter.outputs.sentryflow}}
envoyfilter: ${{ steps.filter.outputs.envoyfilter}}
steps:
- uses: actions/checkout@v4
- uses: dorny/[email protected]
id: filter
with:
filters: |
sentryflow:
- 'sentryflow/**'
envoyfilter:
- 'filter/envoy/envoy-wasm-filters/**'
license:
name: License
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./sentryflow
steps:
- uses: actions/checkout@v4
- name: Check License Header
uses: apache/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
static-checks:
needs: [ files-changed ]
if: ${{ github.repository == '5GSEC/sentryflow' && needs.files-changed.outputs.sentryflow == 'true' }}
name: Static checks
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./sentryflow
steps:
- uses: actions/checkout@v4
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: go fmt vet
run: make fmt vet
- name: Lint
uses: golangci/golangci-lint-action@v6
with:
working-directory: ./sentryflow
version: v1.60.3
args: --timeout=10m --out-format=line-number
skip-cache: true # https://github.com/golangci/golangci-lint-action/issues/244#issuecomment-1052197778
- name: unit tests
run: make test
build-sentryflow-image:
needs: [ files-changed ]
if: ${{ github.repository == '5GSEC/sentryflow' && needs.files-changed.outputs.sentryflow == 'true' }}
name: Build SentryFlow container image
runs-on: ubuntu-latest
timeout-minutes: 20
defaults:
run:
working-directory: ./sentryflow
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Build image
run: make image
- name: Scan image
uses: anchore/scan-action@v4
with:
image: "docker.io/5gsec/sentryflow:latest"
severity-cutoff: critical
output-format: sarif
build-envoy-filter-image:
needs: [ files-changed ]
if: ${{ github.repository == '5GSEC/sentryflow' && needs.files-changed.outputs.envoyfilter == 'true' }}
name: Build Envoy WASM Filter container image
runs-on: ubuntu-latest
timeout-minutes: 20
defaults:
run:
working-directory: ./filter/envoy/envoy-wasm-filters
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Build image
run: make image
- name: Scan image
uses: anchore/scan-action@v4
with:
image: "docker.io/5gsec/sentryflow-httpfilter:latest"
severity-cutoff: critical
output-format: sarif