Our orchestration repo is big. Really big. You just won't believe how vastly hugely mind-bogglingly big it is. I mean, you may think it's a long way down the road to the chemist, but that's just peanuts to our orchestration repo.
As such, we'd like to only test files that have actually changed in a PR.
I tried some (what I though) clever shell commands, and ended up at this:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- run: echo "CHANGED_FILES=$(git diff --name-only ${{ github.event.before }}..${{ github.event.after }} | grep 'k8s/.*\.y[a]*ml$' | tr '\n' ' ')" >> $GITHUB_ENV
- name: Scan yaml files with kube-linter
uses: stackrox/kube-linter-action@v1.0.4
id: kube-linter-action-scan
with:
directory: $CHANGED_FILES
config: .kube-linter-config.yaml
# Use plain output, because we don't have GitHub Enterprise which is required for SARIF upload
format: plain
continue-on-error: true
Sadly, this fails because directory is interpreted as a single file or directory; if multiple files has been changed, it will try to use "file1.yaml file2.yaml" as a single file, which will of course fail.
Suggestion: extend github action so it supports either directory or files, where the latter can take multiple files as input.
Our orchestration repo is big. Really big. You just won't believe how vastly hugely mind-bogglingly big it is. I mean, you may think it's a long way down the road to the chemist, but that's just peanuts to our orchestration repo.
As such, we'd like to only test files that have actually changed in a PR.
I tried some (what I though) clever shell commands, and ended up at this:
Sadly, this fails because
directoryis interpreted as a single file or directory; if multiple files has been changed, it will try to use "file1.yaml file2.yaml" as a single file, which will of course fail.Suggestion: extend github action so it supports either
directoryorfiles, where the latter can take multiple files as input.