[Snyk] Security upgrade golang from 1.20.3-alpine to 1.22rc2-alpine #575
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pre-Release | |
on: | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
- labeled | |
- unlabeled | |
env: | |
REGISTRY: quay.io | |
REPOSITORY: fiware | |
jobs: | |
generate-version: | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.out.outputs.version }} | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-java@v1 | |
with: | |
java-version: '11' | |
java-package: jdk | |
- id: bump | |
uses: zwaldowski/match-label-action@v1 | |
with: | |
allowed: major,minor,patch | |
- uses: zwaldowski/semver-release-action@v2 | |
with: | |
dry_run: true | |
bump: ${{ steps.bump.outputs.match }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Get PR Number | |
id: pr_number | |
run: echo "::set-output name=nr::$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')" | |
- name: Set version output | |
id: out | |
run: echo "::set-output name=version::$(echo ${VERSION}-PRE-${{ steps.pr_number.outputs.nr }})" | |
# image build&push | |
echo-server: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-java@v1 | |
with: | |
java-version: '11' | |
java-package: jdk | |
- name: Log into quay.io | |
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" ${{ env.REGISTRY }} | |
- name: Build&Push image | |
run: | | |
cd integration-test/echo-server/ | |
mvn versions:set -DnewVersion=${{ needs.generate-version.outputs.version }} | |
mvn clean install deploy -DskipTests -Dimage.tag=${{ needs.generate-version.outputs.version }} -Dimage.registry="${{ env.REGISTRY }}/" -Dimage.repository="${{ env.REPOSITORY }}" | |
iptables-init: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: init-iptables | |
tags: latest ${{ github.sha }} ${{ needs.generate-version.outputs.version }} | |
dockerfiles: | | |
./src/iptables-init/Dockerfile | |
context: ./src/iptables-init | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
envoy-configmap-updater: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: envoy-configmap-updater | |
tags: latest ${{ github.sha }} ${{needs.generate-version.outputs.version}} | |
dockerfiles: | | |
./src/envoy-configmap-updater/Dockerfile | |
context: ./src/envoy-configmap-updater | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
envoy-resource-updater: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: envoy-resource-updater | |
tags: latest ${{ github.sha }} ${{needs.generate-version.outputs.version}} | |
dockerfiles: | | |
./src/envoy-resource-updater/Dockerfile | |
context: ./src/envoy-resource-updater | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
mesh-extension-updater: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: mesh-extension-updater | |
tags: latest ${{ github.sha }} ${{needs.generate-version.outputs.version}} | |
dockerfiles: | | |
./src/mesh-extension-updater/Dockerfile | |
context: ./src/mesh-extension-updater | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
envoy: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: envoy | |
tags: latest ${{ github.sha }} ${{needs.generate-version.outputs.version}} | |
dockerfiles: | | |
./envoy/Dockerfile | |
context: . | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
ishare-auth-provider: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: ishare-auth-provider | |
tags: latest ${{ github.sha }} ${{needs.generate-version.outputs.version}} | |
dockerfiles: | | |
./src/ishare-auth-provider/Dockerfile | |
context: ./src/ishare-auth-provider | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
endpoint-configuration-service: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-java@v1 | |
with: | |
java-version: '17' | |
java-package: jdk | |
- name: Log into quay.io | |
run: docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" ${{ env.REGISTRY }} | |
- name: Build&Push image | |
run: | | |
cd src/endpoint-configuration-service/ | |
mvn versions:set -DnewVersion=${{ needs.generate-version.outputs.version }} | |
mvn clean install deploy -DskipTests -Dimage.tag=${{ needs.generate-version.outputs.version }} -Dimage.registry="${{ env.REGISTRY }}/" -Dimage.repository="${{ env.REPOSITORY }}" | |
service-mesh-extension: | |
needs: [ "generate-version" ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set extension version | |
run: | | |
sed -i 's/${cache-filter-wasm.version}/${{ needs.generate-version.outputs.version }}/g' ./service-mesh/openshift/manifest.yaml | |
cat ./service-mesh/openshift/manifest.yaml | |
- name: Build Image | |
id: build-image | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: cached-auth-filter-extension | |
tags: ${{ github.sha }} ${{ needs.generate-version.outputs.version }} | |
dockerfiles: | | |
./service-mesh/openshift/Dockerfile | |
context: . | |
- name: Push To quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ steps.build-image.outputs.image }} | |
tags: ${{ steps.build-image.outputs.tags }} | |
registry: ${{ env.REGISTRY }}/${{ env.REPOSITORY }} | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
cached-auth-filter: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build wasm | |
run: | | |
docker run -u root -v /etc/ssl/certs:/etc/ssl/certs -v $(pwd)/src/cached-auth-filter:/cached-auth-filter --workdir /cached-auth-filter tinygo/tinygo:0.26.0 tinygo build -o cached-auth-filter.wasm -target=wasi ./main.go | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: cached-auth-filter | |
path: src/cached-auth-filter/cached-auth-filter.wasm | |
git-release: | |
needs: | |
- generate-version | |
- endpoint-configuration-service | |
- ishare-auth-provider | |
- envoy | |
- envoy-resource-updater | |
- envoy-configmap-updater | |
- iptables-init | |
- echo-server | |
- cached-auth-filter | |
- service-mesh-extension | |
- mesh-extension-updater | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/download-artifact@v2 | |
with: | |
name: cached-auth-filter | |
path: ./ | |
- uses: "marvinpinto/action-automatic-releases@latest" | |
with: | |
repo_token: "${{ secrets.GITHUB_TOKEN }}" | |
automatic_release_tag: ${{ needs.generate-version.outputs.version }} | |
prerelease: true | |
title: ${{ needs.generate-version.outputs.version }} | |
files: | | |
LICENSE | |
cached-auth-filter.wasm |