STAC-0: add locked parameter to import api #351
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
tags: | |
- v* | |
# Allows to run this via the Actions tab | |
workflow_dispatch: | |
env: | |
REGISTRY: quay.io | |
jobs: | |
lint: | |
permissions: | |
# Required: allow read access to the content for analysis. | |
contents: read | |
# Optional: allow read access to pull request. Use with `only-new-issues` option. | |
pull-requests: read | |
# Optional: Allow write access to checks to allow the action to annotate code in the PR. | |
checks: write | |
name: Linter | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: '1.21' | |
cache: false | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v4 | |
with: | |
# Require: The version of golangci-lint to use. | |
# When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version. | |
# When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit. | |
version: v1.54 | |
check-license: | |
name: License scan | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
env: | |
REPORT_FILE: gl-license-scanning-report.json | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.22 | |
- name: License scanning | |
run: | | |
go install github.com/google/go-licenses@latest | |
go-licenses check . --disallowed_types=forbidden,restricted | |
- name: Generate license report | |
run: | | |
go-licenses report . > licenses.csv | |
- name: Save license scan report | |
uses: actions/upload-artifact@v3 | |
with: | |
name: license_scanning | |
path: licenses.csv | |
check-go-releaser: | |
name: Go releaser check | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.22 | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v5 | |
with: | |
# either 'goreleaser' (default) or 'goreleaser-pro' | |
distribution: goreleaser | |
# 'latest', 'nightly', or a semver | |
version: v1.25.1 | |
args: check | |
test: | |
name: Tests | |
needs: | |
- lint | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.22 | |
- name: Run tests | |
run: go test -v ./... | |
publish: | |
name: Publish the release | |
if: ${{ github.ref_type == 'tag' }} | |
needs: | |
- test | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
env: | |
TAG: ${{ github.ref_name }} | |
S3_BUCKET: "s3://cli-dl.stackstate.com/stackstate-cli/" | |
QUAY_USER: ${{ secrets.QUAY_USER }} | |
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version: 1.22 | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_USER }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
- name: Generate release notes | |
uses: ./.github/actions/quay | |
with: | |
image: quay.io/stackstate/go-rk:v0.2.4 | |
options: > | |
-e RK_JIRA_PROJECT=STAC | |
-e RK_JIRA_URL=https://stackstate.atlassian.net | |
-e RK_JIRA_USER=${{ secrets.JIRA_USER }} | |
-e RK_JIRA_TOKEN=${{ secrets.JIRA_TOKEN }} | |
entrypoint: go-rk | |
run: > | |
release-notes | |
--fix-version cli2-${{ env.TAG }} | |
--output-file /workspace/release-notes.md | |
--title "CLI ${{ env.TAG }}" | |
- name: Save release notes | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-notes | |
path: release-notes.md | |
- name: Generate JSON release notes | |
uses: ./.github/actions/quay | |
with: | |
image: quay.io/stackstate/go-rk:v0.2.4 | |
options: > | |
-e RK_JIRA_PROJECT=STAC | |
-e RK_JIRA_URL=https://stackstate.atlassian.net | |
-e RK_JIRA_USER=${{ secrets.JIRA_USER }} | |
-e RK_JIRA_TOKEN=${{ secrets.JIRA_TOKEN }} | |
entrypoint: go-rk | |
run: > | |
release-notes | |
--fix-version cli2-${{ env.TAG }} | |
-o json | |
--output-file /workspace/release-notes.json | |
--title "CLI ${{ env.TAG }}" | |
- name: Save JSON release notes | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-notes-json | |
path: release-notes.json | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
registry: docker.io | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Go releaser publish | |
uses: goreleaser/goreleaser-action@v5 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
with: | |
# either 'goreleaser' (default) or 'goreleaser-pro' | |
distribution: goreleaser | |
# 'latest', 'nightly', or a semver | |
version: v1.25.1 | |
args: release --release-notes release-notes.md | |
- name: Write latest version to file | |
run: mkdir -p dist && echo "${{ env.TAG }}" > dist/LATEST_VERSION | |
- name: Publish latest version to S3 | |
uses: keithweaver/aws-s3-github-action@v1.0.0 | |
with: | |
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws_region: ${{ secrets.AWS_DEFAULT_REGION }} | |
command: cp | |
source: dist/LATEST_VERSION | |
destination: ${{ env.S3_BUCKET }} | |
- name: Publish installers to S3 | |
uses: keithweaver/aws-s3-github-action@v1.0.0 | |
with: | |
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID}} | |
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws_region: ${{ secrets.AWS_DEFAULT_REGION }} | |
command: cp | |
source: scripts/publish/installers/ | |
destination: ${{ env.S3_BUCKET }} | |
flags: --recursive |