feat: add secret creation with modelconfig in REST API (#1781) #711
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Scan images | |
| on: | |
| # Trigger once a week on the main branch | |
| schedule: | |
| - cron: '0 0 * * 0' # Every Monday at midnight UTC | |
| # Trigger the workflow on push to the main branch | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - '**/*.md' | |
| workflow_dispatch: | |
| env: | |
| # Cache key components for better organization | |
| CACHE_KEY_PREFIX: kagent-v2 | |
| BRANCH_CACHE_KEY: ${{ github.head_ref || github.ref_name }} | |
| # Consistent builder configuration | |
| BUILDX_BUILDER_NAME: kagent-builder-v0.23.0 | |
| BUILDX_VERSION: v0.23.0 | |
| jobs: | |
| build: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - build_target: controller | |
| image_name: controller | |
| tag_suffix: "" | |
| - build_target: ui | |
| image_name: ui | |
| tag_suffix: "" | |
| - build_target: app | |
| image_name: app | |
| tag_suffix: "" | |
| - build_target: skills-init | |
| image_name: skills-init | |
| tag_suffix: "" | |
| - build_target: golang-adk | |
| image_name: golang-adk | |
| tag_suffix: "" | |
| - build_target: golang-adk-full | |
| image_name: golang-adk | |
| tag_suffix: "-full" | |
| runs-on: ubuntu-latest | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5001:5000 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v4 | |
| with: | |
| name: ${{ env.BUILDX_BUILDER_NAME }} | |
| version: ${{ env.BUILDX_VERSION }} | |
| platforms: linux/amd64,linux/arm64 | |
| use: 'true' | |
| driver-opts: network=host | |
| - name: Set version | |
| id: vars | |
| run: echo "version=v0.0.0-$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| - name: Print version | |
| run: | | |
| echo "Version: ${{ steps.vars.outputs.version }}" | |
| - name: Run make build | |
| env: | |
| DOCKER_BUILDER: "docker buildx" | |
| DOCKER_BUILD_ARGS: >- | |
| --cache-from=type=gha | |
| --cache-to=type=gha,mode=max | |
| --build-arg=VERSION=${{ steps.vars.outputs.version }} | |
| --push | |
| run: | | |
| export VERSION=${{ steps.vars.outputs.version }} | |
| make build-${{ matrix.build_target }} | |
| working-directory: ./ | |
| - name: Image vulnerability scanner | |
| uses: aquasecurity/trivy-action@0.35.0 | |
| with: | |
| image-ref: localhost:5001/kagent-dev/kagent/${{ matrix.image_name }}:${{ steps.vars.outputs.version }}${{ matrix.tag_suffix }} | |
| severity: 'CRITICAL,HIGH' | |
| ignore-unfixed: true | |
| exit-code: '1' |