chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
permissions: | |
contents: read | |
pull-requests: read | |
actions: read | |
env: | |
VERSION: "${{ github.ref_name }}" | |
BUILD_PLATFORMS: "linux/amd64,linux/arm64,darwin/amd64,darwin/arm64,windows/amd64" | |
PARALLELIZE: "false" | |
GO_VERSION: "1.21.6" | |
defaults: | |
run: | |
shell: bash | |
on: | |
workflow_dispatch: { } | |
push: | |
tags: | |
- "v*.*.*" | |
branches: | |
- "main" | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- "**.mdx" | |
- "**.png" | |
- "**.jpg" | |
pull_request: | |
branches: | |
- "main" | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- "**.mdx" | |
- "**.png" | |
- "**.jpg" | |
jobs: | |
build: | |
timeout-minutes: 60 | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
# checkout the whole histories for commitsar, | |
# currently commitsar needs full git objects to work correctly. | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Setup Go | |
timeout-minutes: 15 | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "${{ env.GO_VERSION }}" | |
cache-dependency-path: | | |
**/go.sum | |
- name: Setup Toolbox | |
timeout-minutes: 5 | |
uses: actions/cache@v3 | |
with: | |
# restore/save service binaries, e.g. goimports, golangci-lint, commitsar. | |
key: toolbox-${{ runner.os }} | |
path: | | |
${{ github.workspace }}/.sbin | |
- name: Build | |
run: make ci | |
env: | |
LINT_DIRTY: "true" | |
- name: Archive Publish Result | |
uses: actions/cache/save@v3 | |
with: | |
# save package resources, e.g. go build result, downloaded UI, entrypoint script. | |
key: archive-${{ runner.os }}-${{ github.sha }} | |
path: | | |
${{ github.workspace }}/.dist/build | |
release: | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
needs: | |
- build | |
permissions: | |
contents: write | |
actions: read | |
id-token: write | |
timeout-minutes: 20 | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
persist-credentials: false | |
- name: Unarchive Publish Result | |
timeout-minutes: 5 | |
uses: actions/cache/restore@v3 | |
with: | |
# restore package resources, e.g. go build result, downloaded UI, entrypoint script. | |
key: archive-${{ runner.os }}-${{ github.sha }} | |
path: | | |
${{ github.workspace }}/.dist/build | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v5 | |
with: | |
gpg_private_key: ${{ secrets.CI_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.CI_GPG_PASSPHRASE }} | |
- name: Sign Checksum | |
run: make release | |
env: | |
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
- name: Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
token: ${{ github.token }} | |
fail_on_unmatched_files: true | |
tag_name: ${{ steps.metadata.outputs.version }} | |
prerelease: ${{ contains(github.ref, 'rc') }} | |
files: | | |
.dist/build/kubecia/* |