From abe2667511c495218aab329a1e55a5f4fd27e6f6 Mon Sep 17 00:00:00 2001 From: mgreau Date: Mon, 10 Jan 2022 23:08:22 -0500 Subject: [PATCH 1/3] Add the option to download the final artifact --- .github/workflows/test-action.yaml | 1 + action.yaml | 5 +++++ tekton/kind-config.yaml | 7 +++++++ tekton/pvc.yaml | 15 +++++++++++++++ 4 files changed, 28 insertions(+) create mode 100644 tekton/kind-config.yaml diff --git a/.github/workflows/test-action.yaml b/.github/workflows/test-action.yaml index a106294..6497ffb 100644 --- a/.github/workflows/test-action.yaml +++ b/.github/workflows/test-action.yaml @@ -15,6 +15,7 @@ jobs: - uses: engineerd/setup-kind@v0.5.0 with: version: "v0.11.1" + config: tekton/kind-config.yaml - name: Install Tekton Pipelines run: kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.24.1/release.yaml diff --git a/action.yaml b/action.yaml index 50b5c65..393b282 100644 --- a/action.yaml +++ b/action.yaml @@ -31,3 +31,8 @@ runs: PR=$(tkn pipelinerun list -o name --limit 1) PR_NAME=$(echo "${PR#*/}") tkn pipelinerun describe ${PR_NAME} + + - uses: actions/upload-artifact@v2 + with: + name: image-patched + path: /tmp/ \ No newline at end of file diff --git a/tekton/kind-config.yaml b/tekton/kind-config.yaml new file mode 100644 index 0000000..5e0c222 --- /dev/null +++ b/tekton/kind-config.yaml @@ -0,0 +1,7 @@ +apiVersion: kind.x-k8s.io/v1alpha4 +kind: Cluster +nodes: +- role: control-plane + extraMounts: + - hostPath: /tmp/ + containerPath: /ws/ \ No newline at end of file diff --git a/tekton/pvc.yaml b/tekton/pvc.yaml index 61b45a7..4dbe1b9 100644 --- a/tekton/pvc.yaml +++ b/tekton/pvc.yaml @@ -1,8 +1,23 @@ +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv +spec: + storageClassName: standard + accessModes: + - ReadWriteOnce + capacity: + storage: 2Gi + hostPath: + path: /ws/ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc spec: + volumeName: pv accessModes: - ReadWriteOnce resources: From 94d71e261812ad844596336ff8804c90511f7e98 Mon Sep 17 00:00:00 2001 From: mgreau Date: Mon, 10 Jan 2022 23:10:57 -0500 Subject: [PATCH 2/3] Trigger gh actions on pr --- .github/workflows/test-action.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/test-action.yaml b/.github/workflows/test-action.yaml index 6497ffb..0422183 100644 --- a/.github/workflows/test-action.yaml +++ b/.github/workflows/test-action.yaml @@ -3,6 +3,8 @@ name: Test Log4shell cpatch Action on: push: branches: ['main'] + pull_request: + branches: ['main'] jobs: use-action: From e3cfe940fec85975222c52cceff999c8b4cef52e Mon Sep 17 00:00:00 2001 From: mgreau Date: Mon, 10 Jan 2022 23:27:12 -0500 Subject: [PATCH 3/3] test --- .github/workflows/test-action.yaml | 4 ++-- action.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-action.yaml b/.github/workflows/test-action.yaml index 0422183..993e918 100644 --- a/.github/workflows/test-action.yaml +++ b/.github/workflows/test-action.yaml @@ -25,11 +25,11 @@ jobs: - uses: jerop/tkn@v0.1.0 - name: Test non-vulnerable image - uses: mgreau/log4shell-cpatch@main + uses: mgreau/log4shell-cpatch with: image: alpine - name: Test vulnerable image - uses: mgreau/log4shell-cpatch@main + uses: mgreau/log4shell-cpatch with: image: mlinarik/log4j-log4shell-vulnerable-app:latest diff --git a/action.yaml b/action.yaml index 393b282..5c032d4 100644 --- a/action.yaml +++ b/action.yaml @@ -34,5 +34,5 @@ runs: - uses: actions/upload-artifact@v2 with: - name: image-patched + name: my-artifact path: /tmp/ \ No newline at end of file