Bump golang from 1.21.4-bullseye to 1.22.0-bullseye #183
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Validation | |
| on: pull_request | |
| env: | |
| NAME: "azcagit" | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: golangci-lint | |
| uses: golangci/[email protected] | |
| with: | |
| version: v1.54.2 | |
| fmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: Run fmt | |
| run: | | |
| make fmt | |
| - name: Check if working tree is dirty | |
| run: | | |
| if [[ $(git status --porcelain) ]]; then | |
| git diff | |
| echo 'run make fmt and commit changes' | |
| exit 1 | |
| fi | |
| generate-schema: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: Generate schema | |
| run: | | |
| make generate-schema | |
| - name: Check if working tree is dirty | |
| run: | | |
| if [[ $(git status --porcelain) ]]; then | |
| git diff | |
| echo 'run make generate-schema and commit changes' | |
| exit 1 | |
| fi | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: Run build | |
| run: | | |
| make build | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: Run test | |
| run: | | |
| make test | |
| coverage: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Setup go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.21.4" | |
| - name: coverage | |
| run: | | |
| make cover | |
| - name: Send coverage to coverall | |
| uses: shogo82148/[email protected] | |
| with: | |
| path-to-profile: .tmp/coverage.out | |
| build-container: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') | |
| VERSION=sha-${GITHUB_SHA::8} | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| VERSION=${GITHUB_REF/refs\/tags\//} | |
| fi | |
| echo "BUILD_DATE=${BUILD_DATE}" >> $GITHUB_OUTPUT | |
| echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT | |
| - uses: brpaz/[email protected] | |
| with: | |
| dockerfile: Dockerfile | |
| - name: Cache container layers | |
| uses: actions/[email protected] | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and load (current arch) | |
| run: | | |
| docker buildx build --load -t ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }} . | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }} | |
| format: "table" | |
| exit-code: "1" | |
| ignore-unfixed: true | |
| severity: "CRITICAL,HIGH" |