Skip to content

fix-trivy-helm GHA#3411

Merged
juliusvonkohout merged 8 commits into
masterfrom
fix-trivy-helm
Mar 20, 2026
Merged

fix-trivy-helm GHA#3411
juliusvonkohout merged 8 commits into
masterfrom
fix-trivy-helm

Conversation

@juliusvonkohout

@juliusvonkohout juliusvonkohout commented Mar 20, 2026

Copy link
Copy Markdown
Member

@juliusvonkohout
fix-trivy-helm GHA
e609ba1 
Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>
Copilot AI review requested due to automatic review settings March 20, 2026 15:02
@juliusvonkohout
Update paths format in Helm vs Kustomize workflow
e2bbf55 
Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>
@juliusvonkohout
Add kustomize_install.sh to workflow trigger paths
ec166a2 
Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>
@juliusvonkohout
Update pull request paths in trivy.yaml
281c4fa 
Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>
Copilot AI reviewed Mar 20, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates GitHub Actions workflows and introduces a Kustomize installer script to support CI jobs that compare Helm vs Kustomize and run Trivy-related checks.

Changes:

  • Added tests/kustomize_install.sh to download and checksum-verify a pinned Kustomize binary.
  • Updated workflow pull_request.paths filters to include the new installer and related scripts.
  • Adjusted Helm-vs-Kustomize workflow triggers (notably removing the branches: [master] restriction).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.

File Description
tests/kustomize_install.sh Adds a checksum-verified Kustomize install helper for CI/test scripts.
.github/workflows/trivy.yaml Expands PR path filters to rerun Trivy workflow when relevant scripts change.
.github/workflows/helm-kustomize-comparison.yml Updates PR path filters and changes PR trigger behavior by dropping branch restriction.

@juliusvonkohout
.
7b5917f 
Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>
@juliusvonkohout
.
a42560a 
Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>
@juliusvonkohout
.
4b39341 
Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>
@kubeflow kubeflow deleted a comment from Copilot AI Mar 20, 2026
@kubeflow kubeflow deleted a comment from Copilot AI Mar 20, 2026
@kubeflow kubeflow deleted a comment from Copilot AI Mar 20, 2026
@kubeflow kubeflow deleted a comment from Copilot AI Mar 20, 2026
@kubeflow kubeflow deleted a comment from Copilot AI Mar 20, 2026
@juliusvonkohout
.
95a494f 
Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>
@google-oss-prow google-oss-prow Bot added size/L and removed size/M labels Mar 20, 2026
@juliusvonkohout

juliusvonkohout commented Mar 20, 2026

Copy link
Copy Markdown
Member Author

/approve

@google-oss-prow

google-oss-prow Bot commented Mar 20, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: juliusvonkohout

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

kunal-511
kunal-511 approved these changes Mar 20, 2026
View reviewed changes

@kunal-511 kunal-511 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@google-oss-prow google-oss-prow Bot added the lgtm label Mar 20, 2026
@juliusvonkohout

juliusvonkohout commented Mar 20, 2026

Copy link
Copy Markdown
Member Author

I am force merging, since the helm tests are blocking.

@juliusvonkohout juliusvonkohout merged commit 0575f06 into master Mar 20, 2026
28 of 30 checks passed
@juliusvonkohout juliusvonkohout deleted the fix-trivy-helm branch March 20, 2026 16:19
This was referenced Mar 20, 2026
Closed
Closed
@kunal-511

kunal-511 commented Mar 20, 2026

Copy link
Copy Markdown
Contributor

I am force merging, since the helm tests are blocking.

Do I create a seperate pr to update all of helm charts to match with latest kustomize ?

@juliusvonkohout juliusvonkohout mentioned this pull request Mar 20, 2026
Closed
8 tasks
@juliusvonkohout

juliusvonkohout commented Mar 20, 2026

Copy link
Copy Markdown
Member Author

I am force merging, since the helm tests are blocking.

Do I create a seperate pr to update all of helm charts to match with latest kustomize ?

Yes please raise a seperate PR to do that

Raakshass added a commit to Raakshass/manifests that referenced this pull request Mar 27, 2026
@Raakshass
fix-trivy-helm GHA (kubeflow#3411)
2962ef2 
* fix-trivy-helm GHA

Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>

* Update paths format in Helm vs Kustomize workflow

Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>

* Add kustomize_install.sh to workflow trigger paths

Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>

* Update pull request paths in trivy.yaml

Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>

* .

Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>

* .

Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>

* .

Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>

* .

Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>

---------

Signed-off-by: Julius von Kohout <45896133+juliusvonkohout@users.noreply.github.com>
Signed-off-by: juliusvonkohout <45896133+juliusvonkohout@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@kimwnasptd kimwnasptd Awaiting requested review from kimwnasptd

@tarekabouzeid tarekabouzeid Awaiting requested review from tarekabouzeid

+1 more reviewer

@kunal-511 kunal-511 kunal-511 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@kunal-511 kunal-511

Labels

approved lgtm size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@juliusvonkohout @kunal-511