go.mod: fix security issues reported by dependabot #233
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
branches: ["master"] | |
pull_request: | |
branches: ["**"] | |
jobs: | |
build: | |
name: Executes a full build | |
runs-on: ubuntu-latest | |
services: | |
mysql: | |
image: mysql:5.6 | |
env: | |
MYSQL_ROOT_PASSWORD: ctldbpw | |
MYSQL_DATABASE: ctldb | |
MYSQL_USER: ctldb | |
MYSQL_PASSWORD: ctldbpw | |
ports: | |
- 3306:3306 | |
steps: | |
- name: checkout | |
uses: actions/checkout@v3 | |
- name: setup go 1.20 | |
uses: actions/setup-go@v3 | |
with: | |
go-version: '1.20' | |
- name: Deps | |
run: | | |
make deps | |
- name: Test | |
run: | | |
make test | |
- name: build | |
run: | | |
make build | |
publish-amd-production: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
if: ${{ (github.ref_name == 'master') && (github.event_name == 'push')}} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: setup env variables | |
id: vars | |
run: | | |
SHA=${GITHUB_SHA:0:7} | |
echo "SHA=$SHA" >> $GITHUB_ENV | |
echo "IMAGE=ghcr.io/segmentio/ctlstore:$SHA" >> $GITHUB_ENV | |
- name: "Image Name" | |
run: echo "publishing ${IMAGE}" | |
- name: Log in to the Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
logout: true | |
- name: Build and push image for master | |
run: | | |
docker context create buildx-build | |
docker buildx create --use buildx-build | |
docker buildx build \ | |
--platform=linux/amd64 \ | |
-t ${IMAGE} \ | |
--build-arg VERSION=${SHA} \ | |
--push \ | |
. | |
publish-amd-pr: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
if: ${{ (github.event_name == 'pull_request') }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: setup env variables | |
id: vars | |
run: | | |
SHA=$(git rev-parse --short ${{ github.event.pull_request.head.sha }}) | |
echo "SHA=$SHA" >> $GITHUB_ENV | |
echo "IMAGE=ghcr.io/segmentio/ctlstore:$(echo ${GITHUB_HEAD_REF:0:119} | sed 's/[^a-zA-Z0-9]/-/g' )-$SHA" >> $GITHUB_ENV | |
- name: "Image Name" | |
run: echo "publishing ${IMAGE}" | |
- name: Log in to the Container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
logout: true | |
- name: Build and push image for pull request | |
run: | | |
docker context create buildx-build | |
docker buildx create --use buildx-build | |
docker buildx build \ | |
--platform=linux/amd64 \ | |
-t ${IMAGE} \ | |
--build-arg VERSION=${SHA} \ | |
--push \ | |
. | |
- run: echo "GHCR PUBLISH SUCCESSFUL" |