build(deps): bump golang.org/x/net from 0.13.0 to 0.23.0 #74
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test Go | |
| on: | |
| pull_request: | |
| branches: [main] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: checkly/checkly-operator | |
| USE_EXISTING_CLUSTER: true | |
| GO_MODULES: on | |
| jobs: | |
| golang: | |
| name: Golang build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out source code | |
| uses: actions/checkout@v1 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: "go.mod" | |
| # We need kind to test the code | |
| - name: Start kind cluster | |
| uses: helm/[email protected] | |
| with: | |
| version: "v0.12.0" | |
| - name: Test code | |
| env: | |
| USE_EXISTING_CLUSTER: true | |
| run: | | |
| make test-ci | |
| # Sonarcloud | |
| # - name: SonarCloud Scan | |
| # uses: SonarSource/sonarcloud-github-action@master | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| # GO_MODULES: "on" | |
| # Docker buildx does not allow for multi architecture builds and loading the docker container locally, | |
| # this way we can not run trivy against the containers, one solution is to run multiple jobs for each arch | |
| # ARM builds are really slow, we're only doing it in the `main-merge` workflow. | |
| docker: | |
| name: Docker build | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| # arch: ["amd64", "arm64", "arm"] | |
| arch: ["amd64"] | |
| steps: | |
| - name: Check out source code | |
| uses: actions/checkout@v1 | |
| # For multi-arch docker builds | |
| # https://github.com/docker/setup-qemu-action | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| # https://github.com/docker/setup-buildx-action | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| # Docker build specifics | |
| - name: Docker meta | |
| id: docker_meta # you'll use this in the next step | |
| uses: docker/metadata-action@v3 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| # Docker tags based on the following events/attributes | |
| tags: | | |
| type=sha | |
| # Check Dockerfile with hadolint | |
| - uses: hadolint/[email protected] | |
| with: | |
| dockerfile: Dockerfile | |
| - name: Build multi-platform images | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.arch }} | |
| load: true | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| - name: Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| env: | |
| IMAGE: ${{ steps.docker_meta.outputs.tags }} | |
| with: | |
| image-ref: ${{ env.IMAGE }} | |
| format: "table" | |
| exit-code: "1" |