build(deps): Bump golang.org/x/crypto from 0.29.0 to 0.31.0 #2826
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# - When a third-party action is added (i.e., `uses`), please also add it to `download-licenses` in Makefile. | |
# - When a job is added/removed/renamed, please make corresponding changes in ci-docs.yaml. | |
name: CI | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- '**.go' | |
- 'go.mod' | |
- 'go.sum' | |
- '.github/workflows/e2e-macos.yaml' | |
- '.github/workflows/e2e-windows.yaml' | |
- '.github/workflows/e2e-linux.yaml' | |
- 'contrib/packaging/**' | |
- 'deps/**' | |
- 'finch.yaml.d/**' | |
- 'winres' | |
- 'Makefile*' | |
- '!contrib/hello-finch/**' | |
pull_request: | |
branches: | |
- main | |
paths: | |
- '**.go' | |
- 'go.mod' | |
- 'go.sum' | |
- '.github/workflows/e2e-macos.yaml' | |
- '.github/workflows/e2e-windows.yaml' | |
- '.github/workflows/e2e-linux.yaml' | |
- 'contrib/packaging/**' | |
- 'deps/**' | |
- 'finch.yaml.d/**' | |
- 'winres' | |
- 'Makefile*' | |
- '!contrib/hello-finch/**' | |
workflow_dispatch: | |
permissions: | |
id-token: write | |
contents: write | |
env: | |
DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }} | |
GO_VERSION: '1.22.8' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
git-secrets: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Pull latest awslabs/git-secrets repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: awslabs/git-secrets | |
ref: 1.3.0 | |
fetch-tags: true | |
path: git-secrets | |
- name: Install git secrets from source | |
run: sudo make install | |
working-directory: git-secrets | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Scan repository for git secrets | |
run: | | |
git secrets --register-aws | |
git secrets --scan-history | |
gen-code-no-diff: | |
strategy: | |
matrix: | |
os: [macos-latest, windows-latest, ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: false | |
- run: make gen-code | |
- run: git diff --exit-code | |
unit-tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-latest, windows-latest, ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Configure git CRLF settings | |
run: | | |
git config --global core.autocrlf false | |
git config --global core.eol lf | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: false | |
- run: make test-unit | |
# It's recommended to run golangci-lint in a job separate from other jobs (go test, etc) because different jobs run in parallel. | |
go-linter: | |
name: lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: false | |
- name: set GOOS env to windows | |
run: | | |
echo "GOOS=windows" >> $GITHUB_ENV | |
- name: golangci-lint - windows | |
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 | |
with: | |
# Pin the version in case all the builds start to fail at the same time. | |
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, | |
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). | |
version: v1.56.1 | |
args: --fix=false --timeout=5m | |
- name: set GOOS env to darwin | |
run: | | |
echo "GOOS=darwin" >> $GITHUB_ENV | |
- name: golangci-lint - darwin | |
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 | |
with: | |
# Pin the version in case all the builds start to fail at the same time. | |
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, | |
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). | |
version: v1.56.1 | |
args: --fix=false --timeout=5m --skip-dirs="(^|/)deps($|/)" | |
shellcheck: | |
name: ShellCheck | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Run ShellCheck | |
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0 | |
with: | |
version: v0.9.0 | |
continue-on-error: true | |
go-mod-tidy-check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: false | |
# TODO: Use `go mod tidy --check` after https://github.com/golang/go/issues/27005 is fixed. | |
- run: go mod tidy | |
- run: git diff --exit-code | |
check-licenses: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: false | |
- run: make check-licenses | |
macos-e2e-tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
version: ['13', '14'] | |
test-command: ['test-e2e-vm-serial', 'test-e2e-container'] | |
arch: ['X64', 'arm64'] | |
runner-type: ['test'] | |
uses: ./.github/workflows/e2e-macos.yaml | |
secrets: inherit | |
with: | |
arch: ${{ matrix.arch }} | |
version: ${{ matrix.version }} | |
runner-type: ${{ matrix.runner-type }} | |
test-command: ${{ matrix.test-command }} | |
windows-e2e-tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
test-command: ['test-e2e-vm-serial', 'test-e2e-container'] | |
arch: ['amd64'] | |
runner-type: ['test'] | |
uses: ./.github/workflows/e2e-windows.yaml | |
secrets: inherit | |
with: | |
arch: ${{ matrix.arch }} | |
runner-type: ${{ matrix.runner-type }} | |
test-command: ${{ matrix.test-command }} | |
linux-e2e-tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: ['amazonlinux'] | |
arch: ['X64', 'arm64'] | |
version: ['2023', '2'] | |
runner-type: ['test'] | |
uses: ./.github/workflows/e2e-linux.yaml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
version: ${{ matrix.version }} | |
runner-type: ${{ matrix.runner-type }} | |
mdlint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0 | |
with: | |
args: '**/*.md' | |
# CHANGELOG.md is only updated by release-please bot. | |
ignore: 'CHANGELOG.md' |