chore(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 #278
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| env: | |
| GO_VERSION: 1.23.1 | |
| permissions: read-all | |
| jobs: | |
| tests: | |
| name: Unit tests | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Go Test | |
| run: go test -shuffle=on -tags testing -race -v -covermode=atomic -coverprofile=coverage.out ./... | |
| - name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| codecov_yml_path: .github/codecov.yml | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 | |
| with: | |
| install-mode: 'goinstall' | |
| version: latest | |
| args: '--build-tags testing' | |
| versioning: | |
| name: Versioning | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| release: ${{ steps.go-semver.outputs.MAIN_NEW_RELEASE }} | |
| semver: ${{ steps.go-semver.outputs.MAIN_SEMVER }} | |
| needs: | |
| - tests | |
| - lint | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Set up GPG key | |
| run: | | |
| mkdir -p ~/secrets | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" > ~/secrets/private.asc | |
| GO_SEMVER_GPG_KEY_PATH="${HOME}/secrets/private.asc" | |
| chmod 600 "${GO_SEMVER_GPG_KEY_PATH}" | |
| echo "GO_SEMVER_GPG_KEY_PATH=${GO_SEMVER_GPG_KEY_PATH}" >> $GITHUB_ENV | |
| - name: Download latest stable release | |
| run: | | |
| chmod +x ./build/download_latest_release.sh | |
| bash ./build/download_latest_release.sh | |
| - name: Go Semver Release | |
| id: go-semver | |
| run: | | |
| if [ ! -f "${GO_SEMVER_GPG_KEY_PATH}" ]; then | |
| echo "Error: GPG key file not found at ${GO_SEMVER_GPG_KEY_PATH}" | |
| exit 1 | |
| fi | |
| ./go-semver-release-linux-amd64 release https://github.com/s0ders/go-semver-release.git \ | |
| --config .semver.yaml \ | |
| --access-token ${{ secrets.GO_SEMVER_RELEASE_ACCESS_TOKEN }} \ | |
| --gpg-key-path "${GO_SEMVER_GPG_KEY_PATH}" \ | |
| --verbose | |
| docker-release: | |
| name: Docker release | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| needs: | |
| - versioning | |
| if: ${{needs.versioning.outputs.release == 'true'}} | |
| env: | |
| VERSION: ${{needs.versioning.outputs.semver}} | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Docker build | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
| with: | |
| context: . | |
| file: ./build/Dockerfile | |
| push: true | |
| build-args: | | |
| APP_VERSION="${{ env.VERSION }}" | |
| APP_BUILD_NUMBER="${{ github.run_id }}" | |
| APP_COMMIT_HASH="${{ github.sha }}" | |
| tags: s0ders/go-semver-release:${{ env.VERSION }} | |
| slsa-build: | |
| name: SLSA build and release | |
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | |
| needs: | |
| - versioning | |
| - docker-release | |
| if: ${{needs.versioning.outputs.release == 'true'}} | |
| strategy: | |
| matrix: | |
| os: | |
| - linux | |
| - windows | |
| - darwin | |
| arch: | |
| - amd64 | |
| - arm64 | |
| permissions: | |
| id-token: write | |
| contents: write | |
| actions: read | |
| with: | |
| go-version: 1.23 | |
| config-file: .github/slsa-goreleaser/${{ matrix.os }}-${{ matrix.arch }}.yml | |
| evaluated-envs: "VERSION:${{ needs.versioning.outputs.semver }}, COMMIT_HASH:${{ github.sha }}, BUILD_NUMBER:${{ github.run_id }}" | |
| upload-assets: true | |
| upload-tag-name: ${{ needs.versioning.outputs.semver }} |