ci #490

	name: ci

	on:
	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:
	inputs:
	proto_ref:
	proto_sha:
	push:
	branches:
	- main
	- v*
	# Publish `v1.2.3` tags as releases.
	tags:
	- v*
	# Run tests for PRs
	pull_request:

	env:
	VAULT_ADDR: https://vault.eng.aserto.com/
	GO_VERSION: "1.22"

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- name: Read Configuration
	uses: hashicorp/vault-action@v3
	id: vault
	with:
	url: ${{ env.VAULT_ADDR }}
	token: ${{ secrets.VAULT_TOKEN }}
	secrets: \|
	kv/data/github "SSH_PRIVATE_KEY" \| SSH_PRIVATE_KEY;
	kv/data/buf.build "ASERTO_BUF_TOKEN" \| ASERTO_BUF_TOKEN;

	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Setup Go
	uses: actions/setup-go@v5
	with:
	go-version: ${{ env.GO_VERSION }}

	- name: Install dependencies
	run: \|
	mkdir -p $HOME/.ssh
	umask 0077 && echo -e "${SSH_PRIVATE_KEY}" > $HOME/.ssh/id_rsa
	ssh-keyscan github.com >> $HOME/.ssh/known_hosts

	git config --global url."[email protected]:".insteadOf https://github.com/
	git config --global user.email "[email protected]"
	git config --global user.name "Aserto Bot"

	eval `ssh-agent`
	ssh-add $HOME/.ssh/id_rsa

	go run mage.go deps

	- name: Clean generated code
	run: go run mage.go clean

	- name: Setup Buf Registry
	run: echo -e "machine buf.build\npassword ${ASERTO_BUF_TOKEN}" >> ~/.netrc

	- name: Generate
	run: go run mage.go generate

	- name: Commit changes
	if: github.event_name == 'workflow_dispatch'
	uses: EndBug/add-and-commit@v9
	with:
	default_author: github_actions
	add: 'aserto'

Provide feedback