chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 #873
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test and Release Go CLI | |
on: [push] | |
# The list of permissions is explained on the GitHub doc: | |
# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs | |
permissions: | |
# Write permissions is needed to create a new release | |
contents: write | |
# allow read access to pull request. Use with `only-new-issues` option. | |
pull-requests: read | |
jobs: | |
linter-pull-request: | |
name: golangci-lint on a PR or from a tag | |
runs-on: ubuntu-22.04 | |
if: github.ref != 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# We need to define the fetch-depth to 0 so that we can get the commit ID of the master branch | |
fetch-depth: 0 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
check-latest: true | |
- name: Get golangci-lint configuration file | |
run: wget --output-document=$(pwd)/.golangci.yml https://sc-devtools.s3.eu-west-1.amazonaws.com/golang-ci/golangci.yml | |
- name: Get master branch commit ID | |
id: new-from-rev | |
run: echo "NEW_FROM_REV=$( git rev-parse origin/master )" >> "$GITHUB_OUTPUT" | |
- name: "Execute golangci-lint on a pull request" | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
# The `only-new-issues` flag is not working (https://github.com/golangci/golangci-lint-action/issues/531). | |
# We rather decided to use the suggestion from the FAQ (https://golangci-lint.run/usage/faq/#how-to-integrate-golangci-lint-into-large-project-with-thousands-of-issues) and use `--new-from-rev` | |
# only-new-issues: false | |
args: "--config=$(pwd)/.golangci.yml --new-from-rev=${{ steps.new-from-rev.outputs.NEW_FROM_REV }}" | |
linter-master: | |
name: golangci-lint on master branch | |
runs-on: ubuntu-22.04 | |
if: github.ref == 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# We need to define the fetch-depth to 2 so that we can get new offenses since HEAD~1 | |
fetch-depth: 2 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
check-latest: true | |
- name: Get golangci-lint configuration file | |
run: wget --output-document=$(pwd)/.golangci.yml https://sc-devtools.s3.eu-west-1.amazonaws.com/golang-ci/golangci.yml | |
- name: "Execute golangci-lint on the master branch" | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
# The `only-new-issues` flag is not working (https://github.com/golangci/golangci-lint-action/issues/531). | |
# We rather decided to use the suggestion from the FAQ (https://golangci-lint.run/usage/faq/#how-to-integrate-golangci-lint-into-large-project-with-thousands-of-issues) and use `--new-from-rev` | |
# only-new-issues: false | |
args: "--config=$(pwd)/.golangci.yml --new-from-rev=HEAD~1" | |
tests: | |
name: Unit Tests | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
check-latest: true | |
- name: Execute the tests | |
run: go test -race ./... | |
releases: | |
needs: [linter-master, linter-pull-request, tests] | |
name: GoReleaser Build on All OS but Windows | |
# Usage of needs implies that the job will only run if all the jobs it depends on are successful. | |
# But in our case, either linter-master or linter-pull-request will be skipped. | |
# So we need to add a condition to check if the linter-master or linter-pull-request job is successful. | |
# To do so, we use the `if` condition but we also need to add `always()` to make sure the job is run | |
# related to https://github.com/actions/runner/issues/2205 | |
# since a success() is added by default and skipped jobs make success to fail we need this workaround | |
if: always() && startsWith(github.ref, 'refs/tags/') && (needs.linter-master.result == 'success' || needs.linter-pull-request.result == 'success') | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # See: https://goreleaser.com/ci/actions/ | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
check-latest: true | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v6 | |
with: | |
version: "~> v2" | |
args: release --clean | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CGO_ENABLED: 0 | |
releases-windows: | |
needs: [linter-master, linter-pull-request, tests] | |
name: GoReleaser Build on Windows | |
# Usage of needs implies that the job will only run if all the jobs it depends on are successful. | |
# But in our case, either linter-master or linter-pull-request will be skipped. | |
# So we need to add a condition to check if the linter-master or linter-pull-request job is successful. | |
# To do so, we use the `if` condition but we also need to add `always()` to make sure the job is run | |
# related to https://github.com/actions/runner/issues/2205 | |
# since a success() is added by default and skipped jobs make success to fail we need this workaround | |
if: always() && startsWith(github.ref, 'refs/tags/') && (needs.linter-master.result == 'success' || needs.linter-pull-request.result == 'success') | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # See: https://goreleaser.com/ci/actions/ | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: "go.mod" | |
check-latest: true | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v6 | |
with: | |
version: "~> v2" | |
args: release --config .goreleaser-windows.yaml --clean | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |