build(deps): bump github.com/fsnotify/fsnotify from 1.5.4 to 1.8.0 #345
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test | |
on: | |
push: | |
tags: | |
- v* | |
branches: | |
- main | |
- release-* | |
pull_request: | |
env: | |
GO_VERSION: '1.19' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v3 | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-build-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-build- | |
- run: scripts/github-actions-packages | |
- run: make | |
- run: bin/crio version | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: build | |
path: | | |
bin/crio | |
bin/crio-status | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: docs | |
path: | | |
docs/crio-status.8 | |
docs/crio.8 | |
docs/crio.conf.5 | |
docs/crio.conf.d.5 | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: config | |
path: crio.conf | |
build-386: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-build-386-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-build-386- | |
- name: Build 386 binary in container | |
run: | | |
mkdir -p ~/.cache/go-build ~/go/pkg/mod | |
sudo podman run \ | |
-v ~/go/pkg/mod:/go/pkg/mod \ | |
-v ~/.cache/go-build:/root/.cache/go-build \ | |
-v $PWD:/build \ | |
-w /build \ | |
-it i386/golang:${{ env.GO_VERSION }}-alpine \ | |
sh -c \ | |
"apk --no-cache add \ | |
bash \ | |
build-base \ | |
git \ | |
gpgme-dev \ | |
libseccomp-dev \ | |
libselinux-dev \ | |
linux-headers \ | |
tzdata && \ | |
make bin/crio && \ | |
bin/crio version" | |
validate-docs: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build | |
path: bin | |
- run: | | |
chmod -R +x bin | |
sudo rm /etc/containers/storage.conf | |
- run: | | |
sudo -E make docs-generation | |
hack/tree_status.sh | |
validate-completions: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build | |
path: bin | |
- run: | | |
chmod -R +x bin | |
sudo rm /etc/containers/storage.conf | |
- run: | | |
sudo -E make completions-generation | |
hack/tree_status.sh | |
build-static-amd64: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: cachix/install-nix-action@v17 | |
- uses: cachix/cachix-action@v10 | |
with: | |
name: cri-o-static | |
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
pushFilter: cri-o | |
- run: nix-build nix | |
- run: result/bin/crio version | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: build-static-amd64 | |
path: | | |
result/bin/crio | |
result/bin/crio-status | |
result/bin/pinns | |
build-static-arm64: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: cachix/install-nix-action@v17 | |
- uses: cachix/cachix-action@v10 | |
with: | |
name: cri-o-static | |
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
pushFilter: cri-o | |
- run: nix-build nix/default-arm64.nix | |
- run: file result/bin/crio | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: build-static-arm64 | |
path: | | |
result/bin/crio | |
result/bin/crio-status | |
result/bin/pinns | |
bundles: | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
- build-static-amd64 | |
- build-static-arm64 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
/tmp/spdx # default bom cache directory | |
key: go-bundles-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-bundles- | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-static-amd64 | |
path: bin/static-amd64 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-static-arm64 | |
path: bin/static-arm64 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: docs | |
path: docs | |
- uses: actions/download-artifact@v3 | |
with: | |
name: config | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- run: chmod -R +x bin | |
- run: make bundles | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle/*.tar.gz* | |
bundle-test: | |
runs-on: ubuntu-latest | |
needs: bundles | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- run: make bundle-test | |
bundle-test-e2e: | |
runs-on: ubuntu-latest | |
needs: bundles | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- run: make bundle-test-e2e | |
bundle-test-e2e-conmonrs: | |
runs-on: ubuntu-latest | |
needs: bundles | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- run: make bundle-test-e2e-conmonrs | |
sign-artifacts: | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags') | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
env: | |
COSIGN_EXPERIMENTAL: 1 | |
needs: bundle-test | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: sigstore/cosign-installer@v2 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- run: make sign-artifacts | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: signatures | |
path: | | |
build/bundle/*.sig | |
build/bundle/*.cert | |
upload-artifacts: | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags') | |
runs-on: ubuntu-latest | |
needs: sign-artifacts | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- uses: actions/download-artifact@v3 | |
with: | |
name: signatures | |
path: build/bundle | |
- run: make upload-artifacts | |
env: | |
GCS_CRIO_SA: ${{ secrets.GCS_CRIO_SA }} | |
create-release: | |
if: contains(github.ref, 'refs/tags') | |
runs-on: ubuntu-latest | |
needs: | |
- upload-artifacts | |
- release-notes | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: bundle | |
path: build/bundle | |
- uses: actions/download-artifact@v3 | |
with: | |
name: signatures | |
path: build/bundle | |
- uses: actions/download-artifact@v3 | |
with: | |
name: release-notes | |
path: build/release-notes | |
- name: Get release version | |
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
- uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: build/bundle/*.tar.gz* | |
bodyFile: build/release-notes/${{ env.RELEASE_VERSION }}.md | |
token: ${{ secrets.GH_TOKEN }} | |
unit: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v3 | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-unit-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-unit- | |
- run: scripts/github-actions-packages | |
- run: | | |
make mockgen -j $(nproc) | |
hack/tree_status.sh | |
- run: sudo PATH="$PATH" make testunit | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: unit | |
path: build/coverage | |
coverage: | |
needs: unit | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: unit | |
path: build/coverage | |
- run: make codecov | |
release-notes: | |
permissions: | |
contents: none | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags') | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.GH_TOKEN }} | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-build-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-build- | |
- run: make release-notes | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: release-notes | |
path: build/release-notes | |
if-no-files-found: ignore | |
dependencies: | |
permissions: | |
contents: none | |
if: github.ref == 'refs/heads/main' | |
needs: release-notes | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.GH_TOKEN }} | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-build-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-build- | |
- run: make dependencies | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: dependencies | |
path: build/dependencies | |
release-branch-forward: | |
permissions: | |
contents: none | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.GH_TOKEN }} | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: go-build-${{ hashFiles('**/go.sum') }} | |
restore-keys: go-build- | |
- run: make release-branch-forward | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
DRY_RUN: false | |
codeql-build: | |
runs-on: ubuntu-latest | |
permissions: | |
security-events: write | |
actions: read | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: github/codeql-action/init@v2 | |
with: | |
languages: go | |
- uses: github/codeql-action/autobuild@v2 | |
- uses: github/codeql-action/analyze@v2 |