Skip to content

chore(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 #362

chore(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7

chore(deps): bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 #362

Workflow file for this run

# This GitHub action can publish assets for release when a tag is created.
# Currently its setup to run on any tag that matches the pattern "v*" (ie. v0.1.0).
#
# This uses an action (paultyng/ghaction-import-gpg) that assumes you set your
# private key in the `GPG_PRIVATE_KEY` secret and passphrase in the `PASSPHRASE`
# secret. If you would rather own your own GPG handling, please fork this action
# or use an alternative one for key handling.
#
# You will need to pass the `--batch` flag to `gpg` in your signing step
# in `goreleaser` to indicate this is being used in a non-interactive mode.
#
name: release
on:
push:
branches:
- master
tags:
- 'v*'
paths-ignore:
- 'CHANGELOG.md'
pull_request:
paths:
- .github/workflows/release.yml
- .golangci.yml
- .goreleaser.yml
- .semgrep.yml
- interal/**
- api/**
- powershell/**
- examples/**
- docs/**
- go.sum
- GNUmakefile
- main.go
- staticcheck.conf
- website/**
env:
GO_VERSION: "1.21.5"
GO111MODULE: on
TERRAFORM_VERSION: "1.5.5"
GIT_CHGLOG_VERSION: "0.15.4"
SVU_VERSION: "1.12.0"
TEST_TIME_OUT: "120s"
RELEASE_TIME_OUT: "30m"
jobs:
go_mod_download:
name: go mod download
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
go_build:
name: go build
needs: [go_mod_download]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-build
timeout-minutes: 3
with:
path: |
~/.cache/go-build
key: ${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-build
- name: Cache cache-terraform-plugin-dir
uses: actions/[email protected]
continue-on-error: true
id: cache-terraform-plugin-dir
timeout-minutes: 2
with:
path: |
terraform-plugin-dir
key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure' || steps.cache-go-build.outputs.cache-hit != 'true' || steps.cache-go-build.outcome == 'failure' || steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure'
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure' || steps.cache-go-build.outputs.cache-hit != 'true' || steps.cache-go-build.outcome == 'failure' || steps.cache-terraform-plugin-dir.outputs.cache-hit != 'true' || steps.cache-terraform-plugin-dir.outcome == 'failure'
name: go build
run: go build -o terraform-plugin-dir/registry.terraform.io/hashicorp/hyperv/99.99.99/linux_amd64/terraform-provider-hyperv_v99.99.99
terraform_providers_schema:
name: terraform providers schema
needs: [go_build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Cache cache-terraform-providers-schema
uses: actions/[email protected]
continue-on-error: true
id: cache-terraform-providers-schema
timeout-minutes: 2
with:
path: |
terraform-providers-schema
key: ${{ runner.os }}-terraform-providers-schema-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
- name: Cache cache-terraform-plugin-dir
uses: actions/[email protected]
continue-on-error: true
id: cache-terraform-plugin-dir
timeout-minutes: 2
with:
path: |
terraform-plugin-dir
key: ${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-terraform-plugin-dir-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-terraform-plugin-dir-
- if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure'
uses: hashicorp/[email protected]
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
terraform_wrapper: false
- if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure'
name: terraform init
run: |
# We need a file to initialize the provider
echo 'resource "hyperv_network_switch" "dmz_network_switch" {name = "dmz"}' > example.tf
terraform init -plugin-dir terraform-plugin-dir
- if: steps.cache-terraform-providers-schema.outputs.cache-hit != 'true' || steps.cache-terraform-providers-schema.outcome == 'failure'
name: terraform providers schema
run: |
mkdir terraform-providers-schema
terraform providers schema -json > terraform-providers-schema/schema.json
go_generate:
name: go generate
needs: [go_build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-build
timeout-minutes: 3
with:
path: |
~/.cache/go-build
key: ${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-build
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
- run: go generate ./...
- name: Check for Git Differences
run: |
git diff --exit-code || \
(echo; echo "Unexpected difference in directories after code generation. Run 'go generate ./...' command and commit."; exit 1)
go_test:
name: go test
needs: [go_build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-build
timeout-minutes: 3
with:
path: |
~/.cache/go-build
key: ${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-build
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
- run: go test ./... -timeout=${{ env.TEST_TIME_OUT }}
golangci-lint:
needs: [go_build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-build
timeout-minutes: 3
with:
path: |
~/.cache/go-build
key: ${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-build
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
- run: go get -d github.com/golangci/golangci-lint/cmd/golangci-lint
- run: go install github.com/golangci/golangci-lint/cmd/golangci-lint
- run: golangci-lint run
semgrep:
# User definable name of this GitHub Actions job.
name: semgrep/ci
# If you are self-hosting, change the following `runs-on` value:
runs-on: ubuntu-latest
container:
# A Docker image with Semgrep installed. Do not change this.
image: returntocorp/semgrep
# Skip any PR created by dependabot to avoid permission issues:
if: (github.actor != 'dependabot[bot]')
steps:
# Fetch project source with GitHub Actions Checkout.
- uses: actions/checkout@v4
with:
fetch-depth: 0
# Run the "semgrep ci" command on the command line of the docker image.
- run: semgrep ci --no-suppress-errors
env:
# Connect to Semgrep Cloud Platform through your SEMGREP_APP_TOKEN.
# Generate a token from Semgrep Cloud Platform > Settings
# and add it to your GitHub secrets.
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
goreleaser:
needs: [go_build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: true
fetch-tags: true
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.CREATE_TAG_GITHUB_TOKEN }}
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-pkg-mod
timeout-minutes: 3
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-pkg-mod-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-pkg-mod
- uses: actions/[email protected]
continue-on-error: true
id: cache-go-build
timeout-minutes: 3
with:
path: |
~/.cache/go-build
key: ${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
restore-keys: |
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('internal/**', 'api/**', 'powershell/**') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}-${{ hashFiles('**/go.sum') }}
${{ runner.os }}-go-build-${{ hashFiles('.github/workflows/release.yml') }}
${{ runner.os }}-go-build
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- if: steps.cache-go-pkg-mod.outputs.cache-hit != 'true' || steps.cache-go-pkg-mod.outcome == 'failure'
name: go mod download
run: go mod download
- uses: Bpazy/setup-git-chglog@v1
with:
git-chglog-version: ${{ env.GIT_CHGLOG_VERSION}}
- uses: obfu5c8/action-svu@v1
id: install_svu
with:
type: none
svu-version: ${{ env.SVU_VERSION}}
- name: get version
id: get_version
run: |
current_version="$(svu current --tag-mode current-branch --strip-prefix)"
previous_version="$(git tag -l --sort=-version:refname | grep -E '^v.*' | head -n2 | sed -n 2p | cut -c 2-)"
prerelease_version="$(svu prerelease --tag-mode all-branches --strip-prefix --pre-release prerelease)"
release_version="$(svu next --tag-mode all-branches --strip-prefix)"
echo "CURRENT_VERSION=${current_version}" >> $GITHUB_OUTPUT
echo "PREVIOUS_VERSION=${previous_version}" >> $GITHUB_OUTPUT
echo "PRERELEASE_VERSION=${prerelease_version}" >> $GITHUB_OUTPUT
echo "RELEASE_VERSION=${release_version}" >> $GITHUB_OUTPUT
echo "current version: ${current_version}"
echo "previous version: ${previous_version}"
echo "prerelease version: ${prerelease_version}"
echo "release version: ${release_version}"
- name: goreleaser check
continue-on-error: true
uses: goreleaser/goreleaser-action@v5
with:
args: check
- name: Import GPG key
id: import_gpg
uses: crazy-max/[email protected]
if: startsWith(github.ref, 'refs/tags/v')
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
#passphrase: ${{ secrets.PASSPHRASE }}
- name: goreleaser release
uses: goreleaser/goreleaser-action@v5
if: startsWith(github.ref, 'refs/tags/v')
with:
version: latest
args: release --clean --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=CHANGELOG.md
env:
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GORELEASER_CURRENT_TAG: "v${{ steps.get_version.outputs.RELEASE_VERSION }}"
GORELEASER_PREVIOUS_TAG: "v${{ steps.get_version.outputs.PREVIOUS_VERSION }}"
- name: generate change log for prerelease
if: "!(startsWith(github.ref, 'refs/tags/v'))"
run: |
git-chglog --next-tag "v${{ steps.get_version.outputs.PRERELEASE_VERSION }}" > CHANGELOG.md
- name: goreleaser snapshot
uses: goreleaser/goreleaser-action@v5
if: "!(startsWith(github.ref, 'refs/tags/v'))"
with:
args: release --clean --skip=sign --snapshot --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=CHANGELOG.md
env:
GORELEASER_CURRENT_TAG: "v${{ steps.get_version.outputs.RELEASE_VERSION }}"
GORELEASER_PREVIOUS_TAG: "v${{ steps.get_version.outputs.CURRENT_VERSION }}"
- name: snapshot artifact naming
id: naming
if: "!(startsWith(github.ref, 'refs/tags/v'))"
run: |
case $GITHUB_REF in
refs/heads/*)
ARTIFACT="${GITHUB_REF#refs/heads/}";;
refs/pull/*)
ARTIFACT="pr-${GITHUB_REF#refs/pull/}"
ARTIFACT="${ARTIFACT%/merge}";;
*)
ARTIFACT="${GITHUB_REF}";;
esac
ARTIFACT="${ARTIFACT}-$(date -u +'%Y-%m-%dT%H-%M')"
echo "ARTIFACT=${ARTIFACT}" >> $GITHUB_OUTPUT
- name: upload snapshot artifact
uses: actions/upload-artifact@v4
if: "!(startsWith(github.ref, 'refs/tags/v'))"
with:
name: ${{steps.naming.outputs.ARTIFACT}}
path: dist/*.zip
- name: Add updated changelog
uses: EndBug/add-and-commit@v9
if: "startsWith(github.ref, 'refs/heads/master')"
with:
default_author: github_actions
message: "chore(release): v${{ steps.get_version.outputs.PRERELEASE_VERSION }}"
add: "CHANGELOG.md"