Bump github/codeql-action from 2.21.7 to 2.21.8 (#402) #995
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v[0-9]+.[0-9]+.[0-9]+" | |
| pull_request: | |
| branches: | |
| - main | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| contents: read | |
| jobs: | |
| binary: | |
| name: Build Binary | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | |
| - name: Setup Golang Environment | |
| uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
| with: | |
| go-version-file: go.mod | |
| - name: Determine GOPATH | |
| id: go | |
| run: echo "go_path=$(go env GOPATH)" >> $GITHUB_OUTPUT | |
| - name: Build binary | |
| uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | |
| with: | |
| version: latest | |
| args: build --snapshot --clean --single-target | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GOPATH: ${{ steps.go.outputs.go_path }} | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | |
| - name: Setup Golang Environment | |
| uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
| with: | |
| go-version-file: go.mod | |
| - name: Run Tests | |
| run: make test | |
| build: | |
| name: Build Packages | |
| runs-on: ubuntu-22.04 | |
| needs: [binary, unit-tests] | |
| permissions: | |
| contents: write | |
| id-token: write | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Golang Environment | |
| uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
| with: | |
| go-version-file: go.mod | |
| - name: Determine GOPATH | |
| id: go | |
| run: echo "go_path=$(go env GOPATH)" >> $GITHUB_OUTPUT | |
| - name: Draft Release Notes | |
| uses: lucacome/draft-release@3ed3808cb75e4398e021a19a171ce62f4943f2f7 # v1.0.0 | |
| with: | |
| minor-label: "enhancement" | |
| major-label: "change" | |
| publish: ${{ github.ref_type == 'tag' }} | |
| collapse-after: 50 | |
| notes-footer: | | |
| ## Resources | |
| - Documentation -- https://github.com/nginxinc/nginx-asg-sync/blob/{{version}}/README.md | |
| if: github.event_name != 'pull_request' | |
| - name: Download Syft | |
| uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 | |
| if: github.ref_type == 'tag' | |
| - name: Install Cosign | |
| uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2 | |
| if: github.ref_type == 'tag' | |
| - name: Build binaries | |
| uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | |
| with: | |
| version: latest | |
| args: ${{ github.ref_type == 'tag' && 'release' || 'build --snapshot' }} --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GOPATH: ${{ steps.go.outputs.go_path }} | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_COMMUNITY }} |