chore(psql): add securityContext to run as nonRoot #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ############################################################################# | |
| # Copyright (c) 2023 Contributors to the Eclipse Foundation | |
| # | |
| # See the NOTICE file(s) distributed with this work for additional | |
| # information regarding copyright ownership. | |
| # | |
| # This program and the accompanying materials are made available under the | |
| # terms of the Apache License, Version 2.0 which is available at | |
| # https://www.apache.org/licenses/LICENSE-2.0. | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
| # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
| # License for the specific language governing permissions and limitations | |
| # under the License. | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # ############################################################################# | |
| --- | |
| name: Helm Test | |
| on: | |
| pull_request: | |
| paths-ignore: | |
| - '**/*.md' | |
| branches: | |
| - '*' | |
| workflow_dispatch: | |
| jobs: | |
| test-charts: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| # Executing the Jobs sequentially to avoid race conditions for ct and kubectl context | |
| max-parallel: 1 | |
| matrix: | |
| # This will be used as node_image tag | |
| # see https://hub.docker.com/r/kindest/node/tags for available tags (tags always pinned to bugfix level) | |
| kind_node_version: ["v1.24.12"] #, "v1.25.8", "v1.26.3"] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v3 | |
| with: | |
| version: v3.11.2 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.9' | |
| check-latest: true | |
| - name: Set up chart-testing | |
| uses: helm/[email protected] | |
| - name: Create kind cluster | |
| uses: helm/[email protected] | |
| with: | |
| node_image: ${{ format('kindest/node:{0}', matrix.kind_node_version) }} | |
| # Create clusters with separate names, so there are no clashes on the worker | |
| cluster_name: ${{ format('chart-testing-{0}', matrix.kind_node_version) }} | |
| # The current umbrella chart requires a dedicated dependency build for tractusx-connector sub chart (recursive) | |
| - name: Download chart dependencies (recursive) | |
| shell: bash | |
| run: hack/helm-dependencies.bash | |
| - name: Run chart-testing (install) | |
| # Chain kubectl + ct calls to avoid race condition (max-parallel setting should also prevent that) | |
| # ct install '--all' charts, to skip changed charts detection and automatically include new charts in this repo | |
| run: | | |
| kubectl config use-context ${{ format('kind-chart-testing-{0}', matrix.kind_node_version) }} | |
| ct install --all --chart-dirs charts/ |