maintain(deps): bump golang.org/x/crypto from 0.10.0 to 0.31.0 #2559
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci / core | |
on: | |
pull_request: | |
paths: | |
- go.mod | |
- go.sum | |
- '**/*.go' | |
- 'test/**' | |
- '.github/workflows/ci-core.yaml' | |
- '.golangci.yml' | |
push: | |
branches: | |
- main | |
paths: | |
- go.mod | |
- go.sum | |
- '**/*.go' | |
- 'test/**' | |
- '.github/workflows/*-core.yaml' | |
- '.golangci.yml' | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.19" | |
cache: true | |
- name: run lint | |
# disable auto-fix, and enable verbose | |
run: LINT_ARGS=-v make lint | |
go-test: | |
runs-on: ubuntu-latest | |
name: "go-test (postgres ${{matrix.version}})" | |
strategy: | |
matrix: | |
version: [12, 14] | |
services: | |
postgres: | |
image: postgres:${{ matrix.version }}-alpine | |
env: | |
POSTGRES_PASSWORD: password123 | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 5s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: ["127.0.0.1:5432:5432"] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.19" | |
cache: true | |
- run: go mod download -x | |
- run: go install gotest.tools/[email protected] | |
- name: Conditionally enable -race | |
if: ${{ github.ref_name == 'main' || contains(github.event.pull_request.labels.*.name, 'action/race') }} | |
run: echo "GO_TEST_RACE=-race" >> $GITHUB_ENV | |
- name: go test | |
run: ~/go/bin/gotestsum -ftestname -- ${GO_TEST_RACE:-} ./... | |
env: | |
POSTGRESQL_CONNECTION: "host=localhost port=5432 user=postgres dbname=postgres password=password123" | |
- name: go test querylinter | |
working-directory: ./internal/tools/querylinter | |
run: ~/go/bin/gotestsum -ftestname ./... | |
- name: Check that tests leave a clean git checkout | |
run: | | |
# show and check changes to committed files | |
git diff --exit-code | |
# show and check for uncommitted files | |
git status --short; [[ "$(git status --short)" == "" ]] | |
test: | |
runs-on: ubuntu-latest | |
needs: [go-test] | |
if: ${{ always() }} | |
steps: | |
- run: | | |
RESULT="${{ needs.go-test.result }}" | |
[ "$RESULT" = 'success' ] || [ "$RESULT" = 'skipped' ] || exit 1 | |
check-generated: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.19" | |
cache: true | |
- run: go mod download -x | |
- run: go build -debug-actiongraph=compile.json . | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: build-log | |
path: compile.json | |
- name: Check go mod is tidy | |
run: | | |
go mod tidy | |
git diff --exit-code go.mod go.sum | |
- name: Check generated code is updated | |
run: | | |
go generate ./... | |
git diff --exit-code | |
test-acceptance: | |
runs-on: ubuntu-latest | |
if: ${{ github.ref_name == 'main' || contains(github.event.pull_request.labels.*.name, 'action/test-acceptance') }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: "1.19" | |
cache: true | |
- run: sudo apt-get update && sudo apt-get install -y checkpolicy semodule-utils | |
- run: go install gotest.tools/[email protected] | |
- name: Filter goreleaser config to linux only | |
run: go run ./test/bin/goreleaser-filter.go > .goreleaser.linux.yml | |
- uses: goreleaser/goreleaser-action@v4 | |
with: | |
distribution: goreleaser | |
version: latest | |
args: release --rm-dist --snapshot --skip-publish --config .goreleaser.linux.yml | |
env: | |
RELEASE_NAME: 0.0.0 | |
# the ./test module uses the main module, this is an easy way to use the | |
# dependencies from the main module | |
- name: Setup workspace | |
run: go work init . ./test | |
- name: Start containers | |
run: | | |
head -c 32 < /dev/urandom > test/root.key | |
docker compose -f test/docker-compose.yaml up -d --wait | |
- name: Setup destinations | |
run: ./test/setup.sh | |
- name: Run tests | |
working-directory: test | |
run: ~/go/bin/gotestsum -ftestname -- ./... | |
- name: Container output | |
if: always() | |
run: | | |
set +e | |
docker compose --ansi always -f test/docker-compose.yaml logs | |
echo "systemd logs from ubuntu" | |
docker exec test-destination_ubuntu-1 journalctl -t infra -t sshd -t infra-ssh |