Bump golang.org/x/crypto from 0.28.0 to 0.31.0 #850
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| concurrency: | |
| group: ci-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release/* | |
| tags: | |
| - "v*" | |
| pull_request: | |
| schedule: | |
| - cron: "0 10 * * *" # ~2am PST | |
| workflow_dispatch: | |
| inputs: | |
| debug_enabled: | |
| type: boolean | |
| description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)" | |
| required: false | |
| default: false | |
| env: | |
| REGISTRY: ghcr.io | |
| ORG: githedgehog | |
| jobs: | |
| # cache-tools: | |
| # runs-on: ubuntu-latest # It should be faster than running in hour DC | |
| # steps: | |
| # - name: Checkout repository | |
| # uses: actions/checkout@v4 | |
| # - name: Setup Go | |
| # uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: stable | |
| # cache: true | |
| # - name: Cache dev tools | |
| # uses: actions/cache@v4 | |
| # with: | |
| # path: bin | |
| # key: bin-${{ hashFiles('hack/tools.just') }} | |
| # - name: Prepare all dev tools | |
| # run: | | |
| # just --timestamp tools | |
| # - name: Setup tmate session for debug | |
| # if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| # uses: mxschmitt/action-tmate@v3 | |
| # timeout-minutes: 30 | |
| # with: | |
| # limit-access-to-actor: true | |
| test: | |
| runs-on: lab | |
| # needs: | |
| # - cache-tools | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # with: | |
| # fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| cache: true | |
| # - name: Cache dev tools | |
| # uses: actions/cache@v4 | |
| # with: | |
| # path: bin | |
| # key: bin-${{ hashFiles('hack/tools.mk') }} | |
| - name: Lint and generate code | |
| run: | | |
| just --timestamp lint-gha gen _lint | |
| - name: Some Go lint | |
| run: | | |
| just --timestamp _lint | |
| - name: More Go lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| # keep in sync with hack/tools.just | |
| version: v1.61.0 | |
| - name: Run tests | |
| run: | | |
| just --timestamp test | |
| # Don't remove it! We shouldn't allow CI to pass if there are any changes not committed after running just | |
| - name: Fail on dirty | |
| run: | | |
| git status --short | |
| git diff --quiet | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| test-api: | |
| runs-on: lab | |
| # needs: | |
| # - cache-tools | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| cache: true | |
| # - name: Cache dev tools | |
| # uses: actions/cache@v4 | |
| # with: | |
| # path: bin | |
| # key: bin-${{ hashFiles('hack/tools.mk') }} | |
| - name: Create k8s Kind Cluster | |
| uses: helm/[email protected] | |
| with: | |
| version: v0.24.0 | |
| cluster_name: kind | |
| - name: Install CRDs | |
| run: | | |
| just --timestamp test-api | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| build: | |
| runs-on: lab | |
| # needs: | |
| # - cache-tools | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| cache: true | |
| # - name: Cache dev tools | |
| # uses: actions/cache@v4 | |
| # with: | |
| # path: bin | |
| # key: bin-${{ hashFiles('hack/tools.mk') }} | |
| - name: Build all | |
| run: | | |
| just --timestamp build kube-build build-multi | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true | |
| publish: | |
| runs-on: lab | |
| if: startsWith(github.event.ref, 'refs/tags/v') && github.event_name == 'push' | |
| needs: | |
| # - cache-tools | |
| - test | |
| - test-api | |
| - build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| cache: true | |
| - name: Cache dev tools | |
| uses: actions/cache@v4 | |
| with: | |
| path: bin | |
| key: bin-${{ hashFiles('hack/tools.mk') }} | |
| - name: Login to ghcr.io | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish Images, Helm charts and Bins on release | |
| run: | | |
| just --timestamp oci_repo=ghcr.io push push-multi | |
| - name: Create GH Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| make_latest: true # TODO do it for master only | |
| files: | | |
| bin/hhfctl-*.tar.gz | |
| - name: Setup tmate session for debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
| uses: mxschmitt/action-tmate@v3 | |
| timeout-minutes: 30 | |
| with: | |
| limit-access-to-actor: true |