Skip to content
Go

Merge pull request #108 from sudo-bmitch/pr-gc-testing #234

Sign in to view logs

Merge pull request #108 from sudo-bmitch/pr-gc-testing

Merge pull request #108 from sudo-bmitch/pr-gc-testing #234

Workflow file for this run

.github/workflows/go.yml at 0f285cf
name: Go
on:
push:
branches:
- '**'
tags:
- 'v*.*.*'
pull_request:
branches: [ main ]
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-latest
strategy:
matrix:
gover: ["1.20", "1.21", "1.22"]
env:
RELEASE_GO_VER: "1.22"
# do not automatically upgrade go to a different version: https://go.dev/doc/toolchain
GOTOOLCHAIN: "local"
permissions:
contents: write # needed for pushing release with softprops/actions-gh-release
id-token: write # needed for OIDC Token signing with cosign
steps:
- name: Check out code
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: "Set up Go ${{ matrix.gover }}"
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: "${{ matrix.gover }}"
check-latest: true
id: go
- name: Get dependencies
run: |
go get -v -t -d ./...
- name: Verify go fmt
run: test -z "$(go fmt ./...)"
- name: Verify go vet
run: test -z "$(go vet ./...)"
- name: Test
run: make test
- name: Linting
if: matrix.gover == env.RELEASE_GO_VER
run: make lint
- name: Install syft
if: startsWith( github.ref, 'refs/tags/v' ) || github.ref == 'refs/heads/main'
uses: anchore/sbom-action/download-syft@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0
id: syft
with:
syft-version: "v1.4.1"
- name: Build artifacts
if: startsWith( github.ref, 'refs/tags/v' ) || github.ref == 'refs/heads/main'
run: make artifacts
- name: Install cosign
if: ( startsWith( github.ref, 'refs/tags/v' ) || github.ref == 'refs/heads/main' ) && matrix.gover == env.RELEASE_GO_VER
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
with:
cosign-release: "v2.2.4"
- name: Sign artifacts
if: ( startsWith( github.ref, 'refs/tags/v' ) || github.ref == 'refs/heads/main' ) && matrix.gover == env.RELEASE_GO_VER
run: |
cd artifacts
for artifact in \
olareg-darwin-amd64 \
olareg-darwin-arm64 \
olareg-linux-amd64 \
olareg-linux-arm64 \
olareg-linux-ppc64le \
olareg-linux-s390x \
olareg-windows-amd64.exe \
; do
cosign sign-blob -y --output-signature "${artifact%.exe}.sig" --output-certificate "${artifact%.exe}.pem" "${artifact}"
done
- name: Gather release details
if: startsWith( github.ref, 'refs/tags/v' ) && github.repository_owner == 'olareg' && matrix.gover == env.RELEASE_GO_VER
id: release_details
run: |
VERSION=${GITHUB_REF#refs/tags/}
VALID_RELEASE=false
if [ -f "release.md" ] && grep -q "Release $VERSION" release.md; then
VALID_RELEASE=true
fi
RELEASE_NOTES=$(cat release.md || echo release notes unavailable)
# escape % and linefeeds
RELEASE_NOTES="${RELEASE_NOTES//'%'/'%25'}"
RELEASE_NOTES="${RELEASE_NOTES//$'\n'/'%0A'}"
RELEASE_NOTES="${RELEASE_NOTES//$'\r'/'%0D'}"
echo ::set-output name=version::${VERSION}
echo ::set-output name=valid::${VALID_RELEASE}
echo ::set-output name=release_notes::${RELEASE_NOTES}
- name: Create release
if: steps.release_details.outputs.valid == 'true' && matrix.gover == env.RELEASE_GO_VER
id: release_create
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.release_details.outputs.version }}
body: ${{ steps.release_details.outputs.release_notes }}
draft: false
prerelease: false
files: ./artifacts/*
- name: Save artifacts
if: github.ref == 'refs/heads/main' && matrix.gover == env.RELEASE_GO_VER
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: binaries
path: ./artifacts/
retention-days: 30