Skip to content

gha: bump sigstore/cosign-installer from 3.1.1 to 3.1.2 #1043

gha: bump sigstore/cosign-installer from 3.1.1 to 3.1.2

gha: bump sigstore/cosign-installer from 3.1.1 to 3.1.2 #1043

Workflow file for this run

name: Build
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
env:
GO_VERSION: 1.21.x
STATICCHECK_VERSION: 2023.1.5
permissions: read-all
jobs:
lint:
name: Lint
runs-on: ubuntu-22.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v1
with:
egress-policy: block
disable-telemetry: true
allowed-endpoints: >
artifactcache.actions.githubusercontent.com:443
frsnacprodeus2file1.blob.core.windows.net:443
github.com:443
golang.org:443
objects.githubusercontent.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
storage.googleapis.com:443
sum.golang.org:443
- name: Check out code into the Go module directory
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v2.4.0
- name: golangci-lint
uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v2
with:
version: latest
#args: --enable maligned
build:
name: Build
strategy:
matrix:
platform: [ubuntu-22.04, windows-2022, macos-13]
runs-on: ${{ matrix.platform }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v1
with:
egress-policy: audit
disable-telemetry: false
allowed-endpoints: >
api.github.com:443
artifactcache.actions.githubusercontent.com:443
frsnacprodeus2file1.blob.core.windows.net:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
storage.googleapis.com:443
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v2.1.5
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v2.4.0
with:
fetch-depth: 0
# https://github.com/marketplace/actions/cache
- name: Cache Go modules
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Check and get dependencies
run: |
go mod download
go mod tidy
git diff --exit-code go.mod
git diff --exit-code go.sum
- name: Build
run: go build -v -trimpath -ldflags="-s -w" ./cmd/bl3auto.go
- name: Test
run: go test -v -race ./...
- name: Staticcheck
uses: dominikh/staticcheck-action@ba605356b4b29a60e87ab9404b712f3461e566dc # v1.1.0
with:
version: ${{ env.STATICCHECK_VERSION }}
install-go: false
cache-key: ${{ matrix.platform }}