Skip to content
This repository was archived by the owner on Oct 14, 2020. It is now read-only.

Commit a382391

Browse files
nigthknightnigthknight
committed
Pin the Tag for custom scanner images
1 parent 9d7ad24 commit a382391

File tree

1 file changed

+18
-6
lines changed

1 file changed

+18
-6
lines changed

.github/workflows/ci.yaml

Lines changed: 18 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -396,15 +396,21 @@ jobs:
396396
--set="image.tag=sha-$(git rev-parse --short HEAD)" \
397397
--set="attribute.name=severity" \
398398
--set="attribute.value=high"
399-
helm -n integration-tests install test-scan ./scanners/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
399+
helm -n integration-tests install test-scan ./scanners/test-scan/ \
400+
--set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
401+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
400402
cd tests/integration/
401403
npx jest --ci --color read-write-hook
402404
helm -n integration-tests uninstall test-scan update-category update-severity
403405
- name: "Hooks (ReadOnly) Integration Tests"
404406
run: |
405-
helm -n integration-tests install test-scan ./scanners/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
407+
helm -n integration-tests install test-scan ./scanners/test-scan/ \
408+
--set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \
409+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
406410
helm -n integration-tests install http-webhook ./demo-apps/http-webhook
407-
helm -n integration-tests install ro-hook ./hooks/generic-webhook/ --set="webhookUrl=http://http-webhook/hallo-welt"
411+
helm -n integration-tests install ro-hook ./hooks/generic-webhook/ \
412+
--set="webhookUrl=http://http-webhook/hallo-welt" \
413+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
408414
cd tests/integration/
409415
npx jest --ci --color read-only-hook
410416
helm -n integration-tests uninstall test-scan http-webhook ro-hook
@@ -417,17 +423,23 @@ jobs:
417423
kubectl expose deployment nginx --port 80 --namespace demo-apps
418424
- name: "nmap Integration Tests"
419425
run: |
420-
helm -n integration-tests install nmap ./scanners/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
426+
helm -n integration-tests install nmap ./scanners/nmap/ \
427+
--set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
428+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
421429
cd tests/integration/
422430
npx jest --ci --color nmap
423431
- name: "ncrack Integration Tests"
424432
run: |
425-
helm -n integration-tests install ncrack ./scanners/ncrack/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
433+
helm -n integration-tests install ncrack ./scanners/ncrack/ \
434+
--set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \
435+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
426436
cd tests/integration/
427437
npx jest --ci --color ncrack
428438
- name: "kube-hunter Integration Tests"
429439
run: |
430-
helm -n integration-tests install kube-hunter ./scanners/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
440+
helm -n integration-tests install kube-hunter ./scanners/kube-hunter/ \
441+
--set="parserImage.tag=sha-$(git rev-parse --short HEAD)" \
442+
--set="image.tag=sha-$(git rev-parse --short HEAD)"
431443
cd tests/integration/
432444
npx jest --ci --color kube-hunter
433445
- name: "ssh-scan Integration Tests"

0 commit comments

Comments
 (0)