diff --git a/.github/workflows/run-govulncheck.yaml b/.github/workflows/run-govulncheck.yaml new file mode 100644 index 000000000..27aa49223 --- /dev/null +++ b/.github/workflows/run-govulncheck.yaml @@ -0,0 +1,44 @@ +name: Run govulncheck + +on: + pull_request: + branches: [ main ] + +jobs: + run-govulncheck: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Get changed files + id: changed-files-specific + uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 + with: + files: | + .github/** + api/** + cmd/** + config/** + controllers/** + deployments/** + examples/** + hack/** + internal/** + module-chart/** + module-resources/** + scripts/** + config.yaml + Dockerfile + go.mod + go.sum + main.go + Makefile + **/*.go + **/*.sh + + - name: Run govulncheck + if: steps.changed-files-specific.outputs.any_modified == 'true' + uses: golang/govulncheck-action@v1 + with: + go-version-file: 'go.mod' diff --git a/docs/contributor/04-10-workflows.md b/docs/contributor/04-10-workflows.md index b4d2af944..d25d8f9ce 100644 --- a/docs/contributor/04-10-workflows.md +++ b/docs/contributor/04-10-workflows.md @@ -70,6 +70,30 @@ This workflow calls the reusable [workflow](/.github/workflows/run-unit-tests-re This [workflow](/.github/workflows/markdown-link-check.yaml) is triggered daily at midnight and by each PR on the `main` branch. It checks for dead links in the repository. +## Govulncheck Workflow + +This [workflow](/.github/workflows/run-govulncheck.yaml) runs the Govulncheck. It is triggered by PRs on the `main` branch that change at least one of the following: +- `/.github` directory content +- `/api` directory content +- `/cmd` directory content +- `/config` directory content +- `/controllers` directory content +- `/deployments` directory content +- `/examples` directory content +- `/hack` directory content +- `/internal` directory content +- `/module-chart` directory content +- `/module-resources` directory content +- `/scripts` directory content +- `config.yaml` file +- `Dockerfile` file +- `go.mod` file +- `go.sum` file +- `main.go` file +- `Makefile` file +- any `*.go` file +- any `*.sh` file + ## Reusable Workflows There are reusable workflows created. Anyone with access to a reusable workflow can call it from another workflow. diff --git a/docs/user/02-11-examples.md b/docs/user/02-11-examples.md new file mode 100644 index 000000000..634890fe2 --- /dev/null +++ b/docs/user/02-11-examples.md @@ -0,0 +1,32 @@ +# SAP BTP Service Operator Examples + +This document describes notable features shipped with new SAP BTP service operator upgrades discovered during the application of latest versions. + +## Secret Templates + +Version 0.6.1 introduced a Secret templates feature that allows for modification of a Secret's content that is normally generated from a ServiceBinding instance created for any service. You can now specify a data-driven template as a value of the **secretTemplate** field inside the binding's spec section. Inside the template, you can refer (by using `{{}}` syntax) to credentials stored inside of a ServiceBinding (with `{{credentials.}}`) or information of a given instance (with `{{instance.}}`). The parameters that can be used with the `instance` key are limited to the values set in the [getInstanceInfo](https://github.com/SAP/sap-btp-service-operator/blob/8c0a3d7d7ca54e44143c0e0b7d1e1ef206b362ab/controllers/servicebinding_controller.go#L819) method. Here is an example of a ServiceBinding with the **secretTemplate** field: + +``` +apiVersion: services.cloud.sap.com/v1 +kind: ServiceBinding +metadata: + labels: + app.kubernetes.io/name: nice-script + name: nice-script + namespace: default +spec: + externalName: nice-script + secretName: nice-script + secretTemplate: | + apiVersion: v1 + kind: Secret + metadata: + labels: + instance_plan: {{ .instance.plan }} + annotations: + instance_name: {{ .instance.instance_name }} + data: + foo: {{ .instance.type }} + bar: {{ .credentials.url }} + serviceInstanceName: dimpled-editor +``` diff --git a/docs/user/_sidebar.md b/docs/user/_sidebar.md index 57ea508ba..3ad1c1f14 100644 --- a/docs/user/_sidebar.md +++ b/docs/user/_sidebar.md @@ -1,3 +1,4 @@ - [Back to Kyma Home](/) - [SAP BTP Operator Module](README.md) - [Use BTP Manager to Manage SAP BTP Service Operator](02-10-usage.md) +- [SAP BTP Service Operator Examples](02-11-examples.md) diff --git a/go.mod b/go.mod index fe61e3ba6..f8f90874b 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ toolchain go1.21.6 require ( github.com/go-logr/logr v1.4.1 github.com/onsi/ginkgo/v2 v2.17.1 - github.com/onsi/gomega v1.31.1 + github.com/onsi/gomega v1.32.0 github.com/prometheus/client_golang v1.19.0 github.com/stretchr/testify v1.9.0 go.uber.org/zap v1.27.0 diff --git a/go.sum b/go.sum index 92f39d4b0..34cb4f5da 100644 --- a/go.sum +++ b/go.sum @@ -73,8 +73,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= -github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= -github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=