Skip to content

chore(deps): update aquasecurity/trivy-action action to v0.29.0 #357

chore(deps): update aquasecurity/trivy-action action to v0.29.0

chore(deps): update aquasecurity/trivy-action action to v0.29.0 #357

Workflow file for this run

name: Continous Integration
on:
push:
branches:
- main
tags:
- v*
pull_request:
branches:
- main
permissions:
contents: read
jobs:
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: latest
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Task
uses: arduino/setup-task@v1
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Run tests
run: |
task install:gotestsum
task test
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v4
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
trivy:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
actions: read
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Download Go modules
run: go mod download
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/[email protected]
with:
scan-type: "fs"
format: "sarif"
output: "trivy-results.sarif"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: "trivy-results.sarif"
build:
runs-on: ubuntu-latest
needs:
- golangci-lint
- test
strategy:
matrix:
goos:
- linux
- darwin
goarch:
- amd64
- arm64
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create GitHub App Token
uses: actions/create-github-app-token@v1
id: token
with:
app-id: ${{ secrets.RELEASE_PLEASE_APP_ID }}
private-key: ${{ secrets.RELEASE_PLEASE_PRIVATE_KEY }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Build
run: go build -buildvcs=true -o ./bin/${{ matrix.goarch }}/${{ matrix.goos }}/kubectl-mapr-ticket ./
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 0
- name: Compress
run: |
# Copy LICENSE and README.md to artifact directory
mkdir -p ./bin/${{ matrix.goarch }}/${{ matrix.goos }}
cp ./LICENSE ./bin/${{ matrix.goarch }}/${{ matrix.goos }}/
cp ./README.md ./bin/${{ matrix.goarch }}/${{ matrix.goos }}/
cp ./hack/kubectl_complete-mapr_ticket ./bin/${{ matrix.goarch }}/${{ matrix.goos }}/
# Compress artifact directory contents
tar -czvf \
./kubectl-mapr-ticket-${{ matrix.goarch }}-${{ matrix.goos }}.tar.gz \
-C ./bin/${{ matrix.goarch }}/${{ matrix.goos }}/ .
- name: Upload artifact
if: contains(github.ref, 'tags')
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ steps.token.outputs.token }}
file: ./kubectl-mapr-ticket-${{ matrix.goarch }}-${{ matrix.goos }}.tar.gz
tag: ${{ github.ref }}
overwrite: true
- name: Upload artifact for PRs
if: ${{ !contains(github.ref, 'tags') }}
uses: actions/upload-artifact@v4
with:
name: kubectl-mapr-ticket-${{ matrix.goarch }}-${{ matrix.goos }}.tar.gz
path: ./kubectl-mapr-ticket-${{ matrix.goarch }}-${{ matrix.goos }}.tar.gz
krew-release:
runs-on: ubuntu-latest
needs: build
if: contains(github.ref, 'tags')
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Update new version in krew-index
uses: rajatjindal/[email protected]