diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index c8cf7c9..0000000 --- a/.drone.yml +++ /dev/null @@ -1,20 +0,0 @@ -workspace: - base: /go - path: src/github.com/uswitch/klint - -pipeline: - build: - when: - event: push - image: golang:1.18 - environment: - - GO111MODULE=on - commands: - - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/klint . - - publish: - when: - event: push - image: plugins/docker - repo: registry.usw.co/cloud/klint - tags: [ "${DRONE_COMMIT_SHA}", "latest" ] diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml new file mode 100644 index 0000000..5a6cdcf --- /dev/null +++ b/.github/workflows/push.yaml @@ -0,0 +1,50 @@ +name: push + +on: push + +permissions: + contents: read + id-token: write + +jobs: + build: + runs-on: ubuntu-latest + env: + GO111MODULE: "on" + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + with: + go-version: "1.18" + - run: CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/klint . + - uses: actions/upload-artifact@v4 + with: + name: bin + path: bin/ + + docker: + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/download-artifact@v4 + with: + name: bin + path: bin/ + - name: Login to Quay.io + uses: docker/login-action@v3 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + - id: meta + uses: docker/metadata-action@v5 + with: + images: quay.io/uswitch/klint + tags: type=sha,prefix=,format=long + - uses: docker/build-push-action@v6 + with: + context: . + labels: ${{ steps.meta.outputs.labels }} + push: true + tags: ${{ steps.meta.outputs.tags }} \ No newline at end of file diff --git a/README.md b/README.md index 2d7b5f3..8115fde 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,23 @@ A tool that listens to changes in Kubernetes resources and runs linting rules against them. Alerts are published via Slack webhooks to a configurable channel (using an annotation on the object or the object's namespace). +## Table of contents- [klint](#klint) +- [klint](#klint) + - [Table of contents- klint](#table-of-contents--klint) + - [Rationale](#rationale) + - [Building](#building) + - [Using](#using) + - [Rules](#rules) + - [UnsuccessfulExitRule](#unsuccessfulexitrule) + - [ResourceAnnotationRule](#resourceannotationrule) + - [ScrapeNeedsPortsRule](#scrapeneedsportsrule) + - [ValidIAMRoleRule](#validiamrolerule) + - [RequireCronJobHistoryLimits](#requirecronjobhistorylimits) + - [Building](#building-1) + - [Notes](#notes) + - [License](#license) + + ## Rationale We started Klint to help us move more production teams over to our Kubernetes infrastructure. It helps us achieve: @@ -64,6 +81,10 @@ failure history limits, and that these should both be lower than 10. $ go build -o bin/klint . ``` +## Notes +* *July 2024 -* The `klint` image is now stored in the `uswitch/klint` repository on Quay. +
+ ## License ``` diff --git a/kubernetes.yaml b/kubernetes.yaml index ba917da..56f1c88 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -17,7 +17,7 @@ spec: serviceAccountName: klint containers: - name: klint - image: registry.usw.co/cloud/klint:{{ .Env.DRONE_COMMIT }} + image: quay.io/uswitch/klint:{{ TAG }} imagePullPolicy: Always args: - --json