Merge pull request #1371 from wolfi-dev/dependabot/go_modules/chaingu… #3197
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
pull_request: | |
branches: ['main'] | |
push: | |
branches: ['main'] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
permissions: | |
contents: read | |
name: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 | |
with: | |
go-version-file: 'go.mod' | |
check-latest: true | |
- uses: chainguard-dev/actions/goimports@2cadca168a422313df94f6169691a86498ae51b1 # main | |
- run: make wolfictl | |
- run: make test | |
wolfictl-text: | |
permissions: | |
contents: read | |
name: wolfictl text on wolfi-dev/os | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 | |
with: | |
go-version-file: 'go.mod' | |
check-latest: true | |
- run: make wolfictl | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: 'wolfi-dev/os' | |
path: 'wolfi-os' | |
# This command is not itself used by Wolfi directly, but it demonstrates that we're able to construct a graph of packages | |
# without cycles or unsatisfied deps, which prevents a class of build failures. | |
# This check is here to ensure that graph construction changes in this repo don't break graph resolution on the Wolfi OS repo. | |
- name: Test Wolfi OS repo | |
run: | | |
./wolfictl text -d wolfi-os \ | |
--type=name \ | |
--pipeline-dir=wolfi-os/pipelines/ \ | |
--repository-append=https://packages.wolfi.dev/os \ | |
--keyring-append=https://packages.wolfi.dev/os/wolfi-signing.rsa.pub \ | |
--keyring-append=https://packages.wolfi.dev/bootstrap/stage3/wolfi-signing.rsa.pub \ | |
--repository-append=https://packages.wolfi.dev/bootstrap/stage3 | |
- name: Test nested repo structure | |
run: | | |
./wolfictl text -d testdata/text/ | grep foo-0.0.2-r0 | |
./wolfictl text -d testdata/text/ | grep bar-0.0.1-r0 | |
./wolfictl text -d testdata/text/ | grep root-0.0.1-r0 | |
docs: | |
permissions: | |
contents: read | |
name: check generated docs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 | |
with: | |
go-version-file: 'go.mod' | |
check-latest: true | |
- run: rm -rf docs/**/*.md docs/**/*.1 | |
- run: make docs | |
- run: git diff --exit-code |