Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions .github/workflows/devel.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,15 +41,15 @@ jobs:
- trivy
uses: "./.github/workflows/lib-build.yaml"

e2e:
needs:
- build
uses: "./.github/workflows/lib-e2e.yaml"
# e2e:
# needs:
# - build
# uses: "./.github/workflows/lib-e2e.yaml"

# devel image push
publish:
needs:
- e2e
- build
uses: "./.github/workflows/lib-publish.yaml"
secrets: inherit
# publish:
# needs:
# - e2e
# - build
# uses: "./.github/workflows/lib-publish.yaml"
# secrets: inherit
52 changes: 26 additions & 26 deletions .github/workflows/lib-build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,35 +18,35 @@ jobs:
- intel-gpu-fakedev
- intel-gpu-initcontainer
- intel-gpu-plugin
- intel-fpga-plugin
- intel-qat-initcontainer
- intel-qat-plugin
- intel-qat-plugin-kerneldrv
- intel-deviceplugin-operator
- intel-sgx-admissionwebhook
- intel-sgx-plugin
- intel-sgx-initcontainer
- intel-dsa-plugin
- intel-iaa-plugin
- intel-idxd-config-initcontainer
- intel-dlb-plugin
- intel-dlb-initcontainer
- intel-xpumanager-sidecar
# - intel-fpga-plugin
# - intel-qat-initcontainer
# - intel-qat-plugin
# - intel-qat-plugin-kerneldrv
# - intel-deviceplugin-operator
# - intel-sgx-admissionwebhook
# - intel-sgx-plugin
# - intel-sgx-initcontainer
# - intel-dsa-plugin
# - intel-iaa-plugin
# - intel-idxd-config-initcontainer
# - intel-dlb-plugin
# - intel-dlb-initcontainer
# - intel-xpumanager-sidecar

# # Demo images
- crypto-perf
- accel-config-demo
- intel-opencl-icd
- opae-nlb-demo
- openssl-qat-engine
- sgx-sdk-demo
- sgx-aesmd-demo
- dlb-dpdk-demo
- dlb-libdlb-demo
# # # Demo images
# - crypto-perf
# - accel-config-demo
# - intel-opencl-icd
# - opae-nlb-demo
# - openssl-qat-engine
# - sgx-sdk-demo
# - sgx-aesmd-demo
# - dlb-dpdk-demo
# - dlb-libdlb-demo
builder: [buildah, docker]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/lib-codeql.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,19 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

- uses: actions/setup-go@v5
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true

- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@187e591bef188a41dd329c95d7905134173654ae # v3
with:
languages: 'go'

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@187e591bef188a41dd329c95d7905134173654ae # v3
with:
category: "/language:go"
2 changes: 1 addition & 1 deletion .github/workflows/lib-e2e.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ jobs:
IMAGES: ${{ join(matrix.images, ' ') }}

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
- name: Describe test environment
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/lib-publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ jobs:
#- crypto-perf
#- opae-nlb-demo
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true
Expand All @@ -54,7 +54,7 @@ jobs:
run: |
REG=intel/ make ${IMAGE_NAME} BUILDER=docker
- name: Trivy scan for image
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: image
image-ref: intel/${{ matrix.image }}:${{ inputs.image_tag }}
Expand All @@ -64,7 +64,7 @@ jobs:
if: ${{ !contains(fromJson(env.no_base_check), matrix.image) }}
run: IMG=intel/${{ matrix.image }}:${{ inputs.image_tag }} make test-image-base-layer BUILDER=docker
- name: Login
uses: docker/login-action@v3
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASS }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/lib-scorecard.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,18 @@ jobs:
id-token: write

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
persist-credentials: false

- name: "Analyze project"
uses: ossf/scorecard-action@v2.3.3
uses: ossf/scorecard-action@v2.3.1
with:
results_file: results.sarif
results_format: sarif
publish_results: true

- name: "Upload results to security"
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@187e591bef188a41dd329c95d7905134173654ae # v3
with:
sarif_file: results.sarif
26 changes: 13 additions & 13 deletions .github/workflows/lib-trivy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,10 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

- name: Run Trivy in config mode for deployments
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: config
scan-ref: deployments/
Expand All @@ -49,10 +49,10 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

- name: Run Trivy in config mode for dockerfiles
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: config
scan-ref: build/docker/
Expand All @@ -64,10 +64,10 @@ jobs:
name: Scan licenses
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

- name: Run Trivy in fs mode
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: fs
scan-ref: .
Expand All @@ -83,11 +83,11 @@ jobs:
name: Scan vulnerabilities
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4

- name: Run Trivy in fs mode
continue-on-error: true
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: fs
scan-ref: .
Expand All @@ -97,7 +97,7 @@ jobs:
output: trivy-report.json

- name: Show report in human-readable format
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: convert
vuln-type: ''
Expand All @@ -107,7 +107,7 @@ jobs:

- name: Convert report to sarif
if: ${{ inputs.upload-to-github-security-tab }}
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: convert
vuln-type: ''
Expand All @@ -118,13 +118,13 @@ jobs:

- name: Upload sarif report to GitHub Security tab
if: ${{ inputs.upload-to-github-security-tab }}
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@187e591bef188a41dd329c95d7905134173654ae # v3
with:
sarif_file: trivy-report.sarif

- name: Convert report to csv
if: ${{ inputs.export-csv }}
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
scan-type: convert
vuln-type: ''
Expand All @@ -136,7 +136,7 @@ jobs:

- name: Upload CSV report as an artifact
if: ${{ inputs.export-csv }}
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
with:
name: trivy-report
path: trivy-report.csv
18 changes: 9 additions & 9 deletions .github/workflows/lib-validate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
run: |
sudo apt-get update
sudo apt-get install -y python3-venv
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
- name: Set up doc directory
Expand All @@ -35,13 +35,13 @@ jobs:
name: lint
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6
with:
version: v1.57.2
args: -v --timeout 5m
Expand All @@ -50,8 +50,8 @@ jobs:
name: Build and check device plugins
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true
Expand All @@ -60,7 +60,7 @@ jobs:
- run: make go-mod-tidy
- run: make BUILDTAGS=kerneldrv
- run: make test BUILDTAGS=kerneldrv
- run: make check-github-actions
#- run: make check-github-actions
#- name: Codecov report
# run: bash <(curl -s https://codecov.io/bash)

Expand All @@ -74,8 +74,8 @@ jobs:
- 1.29.x
- 1.30.x
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5
with:
go-version-file: go.mod
check-latest: true
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
run: |
sudo apt-get update
sudo apt-get install -y python3-venv git
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
ref: main
Expand All @@ -44,7 +44,7 @@ jobs:
rm -rf _work/venv
make vhtml
mv _build/html/* $HOME/output/
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
ref: release-0.28
Expand All @@ -55,7 +55,7 @@ jobs:
rm -rf _work/venv
make vhtml
mv _build/html $HOME/output/0.28
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
ref: release-0.29
Expand All @@ -66,7 +66,7 @@ jobs:
rm -rf _work/venv
make vhtml
mv _build/html $HOME/output/0.29
- uses: actions/checkout@v4
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
fetch-depth: 0
ref: release-0.30
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
[![Build Status](https://github.com/intel/intel-device-plugins-for-kubernetes/actions/workflows/devel.yaml/badge.svg)](https://github.com/intel/intel-device-plugins-for-kubernetes/actions?query=workflow%3ADevel)
[![Go Report Card](https://goreportcard.com/badge/github.com/intel/intel-device-plugins-for-kubernetes)](https://goreportcard.com/report/github.com/intel/intel-device-plugins-for-kubernetes)
[![GoDoc](https://godoc.org/github.com/intel/intel-device-plugins-for-kubernetes/pkg/deviceplugin?status.svg)](https://godoc.org/github.com/intel/intel-device-plugins-for-kubernetes/pkg/deviceplugin)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/intel/intel-device-plugins-for-kubernetes/badge)](https://api.securityscorecards.dev/projects/intel/intel-device-plugins-for-kubernetes)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/tkatila/intel-device-plugins-for-kubernetes/badge)](https://api.securityscorecards.dev/projects/intel/intel-device-plugins-for-kubernetes)

This repository contains a framework for developing plugins for the Kubernetes
[device plugins framework](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/),
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ require (
github.com/onsi/gomega v1.33.1
github.com/pkg/errors v0.9.1
github.com/prometheus/client_model v0.6.1
github.com/prometheus/common v0.47.0
github.com/prometheus/common v0.53.0
golang.org/x/sys v0.20.0
golang.org/x/text v0.15.0
google.golang.org/grpc v1.63.2
Expand Down Expand Up @@ -74,7 +74,7 @@ require (
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/prometheus/client_golang v1.18.0 // indirect
github.com/prometheus/client_golang v1.19.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
github.com/spf13/cobra v1.7.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
Expand Down
Loading