k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/config/jobs/kubernetes/sig-security/cvelist-public.yaml

k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/config/jobs/kubernetes/sig-security/cvelist-public.yaml (about)

     1  presubmits:
     2    kubernetes-security/cvelist-public:
     3    - name: validate-cve-files
     4      cluster: eks-prow-build-cluster
     5      decorate: true
     6      always_run: false
     7      optional: true
     8      run_if_changed: 'CVE.*json$'
     9      spec:
    10        containers:
    11        - image: golang
    12          command:
    13          - /bin/bash
    14          args:
    15          - -c
    16          - |
    17            set -euo pipefail; \
    18            apt update && apt -y install jq; \
    19            [[ -f validate-k8s.sh ]] || (git fetch https://github.com/kubernetes-security/cvelist-public.git validate && git checkout FETCH_HEAD -- validate-k8s.sh); \
    20            git diff --name-only --diff-filter=d $PULL_BASE_SHA...$PULL_PULL_SHA | grep "\/CVE.*json$" | xargs ./validate-k8s.sh
    21          resources:
    22            limits:
    23              cpu: 2
    24              memory: 4Gi
    25            requests:
    26              cpu: 2
    27              memory: 4Gi
    28      annotations:
    29        testgrid-create-test-group: "true"
    30        testgrid-dashboards: sig-security-cvelist-public
    31        description: Validate the CVE json