Zenn
Closed2

kyverno chainsawをgithub actionsで使う

GitHub Actions
Kubernetes
Kyverno
chainsaw
not75743not75743

name: chainsaw-policy-test
on:
  workflow_dispatch:
  pull_request:

jobs:
  test:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      checks: write

    steps:
      - name: Checkout repo
        uses: actions/checkout@v4

      - name: Set up Kubernetes cluster
        uses: helm/kind-action@v1.12.0

      - name: Install Cosign
        uses: sigstore/cosign-installer@v3.6.0

      - name: Install Chainsaw
        uses: kyverno/action-install-chainsaw@v0.2.12
        with:
          release: 'v0.2.12'
          verify: true

      - name: Run tests
        run: |
          mkdir -p ./test-reports/
          chainsaw test \
          --test-dir ./chainsaw/ \
          --report-format XML \
          --report-name chainsaw-report \
          --report-path ./test-reports/

      - name: Upload test reports as artifacts
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: chainsaw-test-reports
          path: ./test-reports/*.xml

      - name: Publish test results
        uses: dorny/test-reporter@v2
        if: always()
        with:
          name: 'Chainsaw Test Results'
          path: './test-reports/*.xml'
          reporter: 'java-junit'
not75743not75743

テスト成功時

  • --test-dirでテストマニフェストが入ったディレクトリを指定
  • dorny/test-reporterでテスト結果をworkflowの結果画面に出力
  • PRには何も出ない

このスクラップは2ヶ月前にクローズされました