Skip to content
Kube-Score Security Scan

Add VS Code integration for JupyterHub #43

Sign in to view logs

Add VS Code integration for JupyterHub

Add VS Code integration for JupyterHub #43

Workflow file for this run

.github/workflows/kube-score.yaml at c629e68
name: Kube-Score Security Scan
on:
push:
branches: [ "main", "gh-pages" ]
pull_request:
branches: [ "main" ]
jobs:
kube-score:
name: Kube-score
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Helm
uses: azure/setup-helm@v4
with:
version: v3.15.2
- name: Build Helm dependencies
run: |
helm dependency build chart/f7t4jhub
- name: Build dependencies
run: |
mkdir ci
cd ci
cp ../chart/Chart.yaml ../chart/values.yaml .
cp -r ../chart/f7t4jhub .
helm dependency build
helm template . > rendered.yaml
- name: Install kube-score
run: |
curl -L -o kube-score https://github.com/zegl/kube-score/releases/download/v1.20.0/kube-score_1.20.0_linux_amd64
chmod +x kube-score
sudo mv kube-score /usr/local/bin/
- name: Run kube-score with SARIF output
run: |
kube-score score ci/rendered.yaml -o sarif > kube-score.sarif || true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'kube-score.sarif'