diff --git a/.github/workflows/build-snap.yaml b/.github/workflows/build-snap.yaml index 0fe6121f44..7d6b5f8b12 100644 --- a/.github/workflows/build-snap.yaml +++ b/.github/workflows/build-snap.yaml @@ -45,6 +45,7 @@ jobs: echo "snap-artifact=$out_snap" >> "$GITHUB_OUTPUT" - name: Uploading snap + needs: build uses: actions/upload-artifact@v4 with: name: ${{ steps.build.outputs.snap-artifact }} diff --git a/.github/workflows/get-e2e-test-tags.yaml b/.github/workflows/get-e2e-test-tags.yaml index a0d24de86e..b1fc985597 100644 --- a/.github/workflows/get-e2e-test-tags.yaml +++ b/.github/workflows/get-e2e-test-tags.yaml @@ -12,7 +12,7 @@ jobs: name: Build snap runs-on: ubuntu-latest outputs: - test-tags: ${{ steps.get-tags.outputs.snap-artifact }} + test-tags: ${{ steps.get-tags.outputs.test-tags }} steps: - name: Checking out repo uses: actions/checkout@v4 diff --git a/.github/workflows/integration-informing.yaml b/.github/workflows/integration-informing.yaml index 4fb953496f..b1ed350fb2 100644 --- a/.github/workflows/integration-informing.yaml +++ b/.github/workflows/integration-informing.yaml @@ -37,10 +37,10 @@ jobs: matrix: os: ["ubuntu:20.04"] patch: ["moonray"] - needs: build + needs: [build-snap, get-e2e-test-tags] uses: ./.github/workflows/run-e2e-tests.yaml with: arch: amd64 os: ${{ matrix.os }} - test-tags: ${{ jobs.get-e2e-test-tags.outputs.test-tags}} + test-tags: ${{ needs.get-e2e-test-tags.outputs.test-tags}} artifact: k8s-${{ matrix.patch }}.snap diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml index 6fbc35ca39..0daeebaf7c 100644 --- a/.github/workflows/integration.yaml +++ b/.github/workflows/integration.yaml @@ -51,17 +51,17 @@ jobs: fail-fast: false matrix: os: ["ubuntu:20.04", "ubuntu:22.04", "ubuntu:24.04"] - needs: build + needs: [build-snap, get-e2e-test-tags] uses: ./.github/workflows/run-e2e-tests.yaml with: arch: amd64 os: ${{ matrix.os }} - test-tags: ${{ jobs.get-e2e-test-tags.outputs.test-tags}} - artifact: ${{ jobs.build-snap.outputs.snap-artifact}} + test-tags: ${{ needs.get-e2e-test-tags.outputs.test-tags}} + artifact: ${{ needs.build-snap.outputs.snap-artifact}} security-scan: name: Security scan - needs: build + needs: build-snap uses: ./.github/workflows/security-scan.yaml with: - artifact: ${{ jobs.build-snap.outputs.snap-artifact}} + artifact: ${{ needs.build-snap.outputs.snap-artifact}} diff --git a/.github/workflows/run-e2e-tests.yaml b/.github/workflows/run-e2e-tests.yaml index e524a33552..bf5ee84deb 100644 --- a/.github/workflows/run-e2e-tests.yaml +++ b/.github/workflows/run-e2e-tests.yaml @@ -45,8 +45,9 @@ jobs: - name: Install tox run: pip install tox - name: Run e2e tests + needs: download-snap env: - TEST_SNAP: ${{ steps.download-snap.outputs.snap-artifact }} + TEST_SNAP: ${{ needs.download-snap.outputs.snap-artifact }} TEST_SUBSTRATE: lxd TEST_LXD_IMAGE: ${{ inputs.os }} TEST_INSPECTION_REPORTS_DIR: ${{ github.workspace }}/inspection-reports diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml index 1a6be3730a..00473b48ed 100644 --- a/.github/workflows/security-scan.yaml +++ b/.github/workflows/security-scan.yaml @@ -64,11 +64,12 @@ jobs: run: | cp trivy-k8s-repo-scan--results.sarif ./manual-trivy/sarifs/ - name: Run Trivy vulnerability scanner on the snap + needs: download-snap run: | for var in $(env | grep -o '^TRIVY_[^=]*'); do unset "$var" done - cp ${{ steps.download-snap.outputs.snap-artifact }} . + cp ${{ needs.download-snap.outputs.snap-artifact }} . unsquashfs `basename ${{ steps.download-snap.outputs.snap-artifact }}` ./manual-trivy/trivy --db-repository public.ecr.aws/aquasecurity/trivy-db rootfs ./squashfs-root/ --format sarif > ./manual-trivy/sarifs/snap.sarif - name: Upload Trivy scan results to GitHub Security tab