Skip to content

CVE-2024-45338, CVE-2024-45337 #122

CVE-2024-45338, CVE-2024-45337

CVE-2024-45338, CVE-2024-45337 #122

Workflow file for this run

name: ci
on:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
push:
# Publish `main` as Docker `latest` image.
branches:
- main
- release-*
# Run tests for PRs
pull_request:
branches:
- main
- release-*
env:
VAULT_ADDR: https://vault.eng.aserto.com/
PRE_RELEASE: ${{ github.ref == 'refs/heads/main' && 'development' || '' }}
GO_VERSION: "1.23"
GO_RELEASER_VERSION: "v2.3.2"
GO_LANGCI_LINT_VERSION: "v1.61.0"
GO_TESTSUM_VERSION: "1.11.0"
jobs:
test:
runs-on: ubuntu-latest
steps:
-
name: Read Configuration
uses: hashicorp/vault-action@v3
id: vault
with:
url: ${{ env.VAULT_ADDR }}
token: ${{ secrets.VAULT_TOKEN }}
secrets: |
kv/data/github "SSH_PRIVATE_KEY" | SSH_PRIVATE_KEY;
-
uses: actions/checkout@v4
with:
fetch-depth: 0
-
name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
-
name: Lint
uses: golangci/golangci-lint-action@v6
with:
version: ${{ env.GO_LANGCI_LINT_VERSION }}
args: --timeout=2m
-
name: Test Setup
uses: gertd/[email protected]
with:
gotestsum_version: ${{ env.GO_TESTSUM_VERSION }}
-
name: Test
run: |
gotestsum --format short-verbose -- -count=1 -v -timeout=240s -coverprofile=cover.out -coverpkg=./... ./...
-
name: Build Examples
uses: goreleaser/goreleaser-action@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
distribution: goreleaser
version: ${{ env.GO_RELEASER_VERSION }}
args: build --clean --snapshot --single-target
-
name: Upload code coverage
uses: shogo82148/actions-goveralls@v1
continue-on-error: true
with:
path-to-profile: cover.out
release:
needs: [test]
runs-on: ubuntu-latest
# Only release when ref is a tag
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
steps:
-
name: Read Configuration
uses: hashicorp/vault-action@v3
id: vault
with:
url: https://vault.eng.aserto.com/
token: ${{ secrets.VAULT_TOKEN }}
secrets: |
kv/data/github "SSH_PRIVATE_KEY" | SSH_PRIVATE_KEY;
kv/data/github "READ_WRITE_TOKEN" | READ_WRITE_TOKEN;
-
uses: actions/checkout@v4
with:
fetch-depth: 0
-
name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
-
name: Setup QEMU
uses: docker/setup-qemu-action@v3
-
name: Release
uses: goreleaser/goreleaser-action@v5
env:
# A PAT is required to work around
# https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token
GITHUB_TOKEN: ${{ steps.vault.outputs.READ_WRITE_TOKEN }}
with:
distribution: goreleaser
version: ${{ env.GO_RELEASER_VERSION }}
args: release --clean