chore(deps): bump golang.org/x/net from 0.18.0 to 0.26.0 #650
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pull Request Build | |
on: | |
pull_request: | |
branches: | |
- master | |
env: | |
REGISTRY: ghcr.io | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.19 | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/[email protected] | |
- name: Run GoReleaser | |
uses: goreleaser/[email protected] | |
with: | |
github_token: ${{ secrets.GH_PUBLISH_SECRETS }} | |
version: v1.14.0 | |
args: release --skip-publish --rm-dist --snapshot | |
- name: Test against the cmd | |
run: | | |
sudo cp ./release/http-downloader_linux_amd64_v1/hd /usr/local/bin | |
# test with fullpath | |
sudo hd install jenkins-zh/jenkins-cli/jcli | |
jcli version | |
# test with simple path | |
sudo hd i mde | |
# test with specific version | |
sudo hd i [email protected] -f | |
- name: Run Trivy vulnerability scanner | |
uses: aquasecurity/[email protected] | |
if: github.event_name == 'pull_request' | |
with: | |
scan-type: 'fs' | |
format: 'table' | |
exit-code: '1' | |
ignore-unfixed: true | |
vuln-type: 'os,library' | |
severity: 'CRITICAL,HIGH' | |
GoLint: | |
name: Lint | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.19 | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/[email protected] | |
- name: Go-linter-1 | |
uses: Jerome1337/[email protected] | |
with: | |
golint-path: ./... | |
Security: | |
name: Security | |
runs-on: ubuntu-20.04 | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
uses: actions/[email protected] | |
- name: Run Gosec Security Scanner | |
uses: securego/gosec@master | |
with: | |
args: '-exclude=G402,G204,G304,G110,G306,G107 ./...' | |
CodeQL: | |
name: CodeQL | |
runs-on: ubuntu-20.04 | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
uses: actions/[email protected] | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v1 | |
with: | |
languages: go | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v1 | |
MarkdownLinkCheck: | |
name: MarkdownLinkCheck | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/[email protected] | |
- uses: gaurav-nelson/[email protected] | |
with: | |
use-verbose-mode: 'yes' | |
image: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-tags: true | |
fetch-depth: 0 | |
- name: Setup Docker buildx | |
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf | |
- name: Extract Docker metadata | |
id: meta | |
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 | |
with: | |
images: ${{ env.REGISTRY }}/linuxsuren/hd | |
- name: Build and push Docker image | |
id: build-and-push | |
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a | |
with: | |
context: . | |
push: false | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
build-args: VERSION=${{ steps.vars.outputs.tag }} |