github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-16 16:32:03 +00:00
Code Issues Projects Releases Wiki Activity

ci/static-checks: install opa

Browse Source 
Make open-policy-agent available for static checks as prerequisite for rego checks.

Signed-off-by: Paul Meyer <katexochen0@gmail.com>
This commit is contained in:
Paul Meyer 2025-06-11 12:56:48 +02:00
parent 5baea34fff
commit 71796f7b12
3 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/static-checks.yaml vendored
View File

@ -123,6 +123,10 @@ jobs:
- name: Install system dependencies - name: Install system dependencies
run: | run: |
sudo apt-get update && sudo apt-get -y install moreutils hunspell hunspell-en-gb hunspell-en-us pandoc sudo apt-get update && sudo apt-get -y install moreutils hunspell hunspell-en-gb hunspell-en-us pandoc
- name: Install open-policy-agent
run: |
cd "${GOPATH}/src/github.com/${{ github.repository }}"
./tests/install_opa.sh
- name: Run check - name: Run check
run: | run: |
export PATH="${PATH}:${GOPATH}/bin" export PATH="${PATH}:${GOPATH}/bin"

40
tests/install_opa.sh Executable file
View File

@ -0,0 +1,40 @@
#!/usr/bin/env bash
#
# Copyright (c) Edgeless Systems GmbH
#
# SPDX-License-Identifier: Apache-2.0
set -eou pipefail
[[ -n "${DEBUG:-}" ]] && set -o xtrace
test_dir=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
source "${test_dir}/common.bash"
install_opa()
{
local url
local version
url=$(get_test_version "externals.opa.url")
version=$(get_test_version "externals.opa.version")
if opa version 2>/dev/null | grep -q "${version}"; then
info "OPA version ${version} is already installed"
return 0
fi
info "Installing OPA version ${version} from ${url}"
curl -fsSL "${url}/releases/download/${version}/opa_linux_amd64_static" \
-o "/usr/local/bin/opa" \
|| die "Failed to download OPA binary"
chmod +x "/usr/local/bin/opa" \
|| die "Failed to make OPA binary executable"
command -v opa &>/dev/null \
|| die "OPA binary not found in PATH after installation"
info "Successfully installed OPA version ${version}"
}
install_opa

5
versions.yaml
View File

@ -347,6 +347,11 @@ externals:
url: "https://github.com/containerd/nydus-snapshotter" url: "https://github.com/containerd/nydus-snapshotter"
version: "v0.13.14" version: "v0.13.14"
opa:
description: "Open Policy Agent"
url: "https://github.com/open-policy-agent/opa"
version: "v1.5.1"
ovmf: ovmf:
description: "Firmware, implementation of UEFI for virtual machines." description: "Firmware, implementation of UEFI for virtual machines."
url: "https://github.com/tianocore/edk2" url: "https://github.com/tianocore/edk2"