Skip to content
Main CI

[Snyk] Security upgrade golang from latest to 1.22rc2-bookworm #1

Sign in to view logs

[Snyk] Security upgrade golang from latest to 1.22rc2-bookworm

[Snyk] Security upgrade golang from latest to 1.22rc2-bookworm #1

Workflow file for this run

.github/workflows/main.yml at b76c476
name: Main CI
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- main
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
runs-on: ubuntu-latest
# if: github.event_name == 'push'
steps:
- name: checkout code
uses: actions/checkout@v2
- name: Tests
run: make test
- name: Build the Go package
run: make build
- name: Security Tests
run: make security
- name: Archive security results
uses: actions/upload-artifact@v2
with:
name: security-report
path: security-report
- name: Run the Go package locally (detached)
run: make run
# This is only used to initially create the table - need a cleaner way to include this,
# and have it do nothing if the table exists. Make currently ignores error
- name: Create DynamboDB Table in AWS - To store metadata (one-time)
run: make create_table
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-2
- name: Create tags in DynamboDB Table in AWS - Metadata for this commit
run: make create_tags
env:
PIPELINE_ID: ${GITHUB_RUN_ID}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: us-east-2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push image
run: make push
call-verify:
uses: ./.github/workflows/verify.yml
needs: [build]
secrets: inherit