-
Notifications
You must be signed in to change notification settings - Fork 535
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
externally configured Go version for automation support #23
Comments
GitHub Actions aren't allowed to change any of the integrations in .github/workflows. So, we have to work around that by creating a new "versions" file that will be explicitly included in to be used in `actions/setup-go`. The current file is expected to be at .github/versions/go and the format is a single plaintext version to included. That's in order to support it being trivially `cat`'ed in the GitHub Action that is also using `actions/setup-go`. I made actions/setup-go#23 in hopes that I can give `actions/setup-go` a PR to make this a baked-in concept.
My setup-go config now looks like: - name: Read Go versions
run: echo "##[set-output name=go_version;]$(cat .github/versions/go)"
id: go_versions
- name: Set up Go
uses: actions/setup-go@v1
with:
go-version: ${{ steps.go_versions.outputs.go_version }}
id: go Example PR that came from it: jmhodges/howsmyssl#267 It'd be nice to get this baked in. The |
Having an option like this would also allow interoperability with goenv which stores local version in - name: Set up Go
uses: actions/setup-go@v1
with:
go-version-from-file: .go-version Picking up the version implicitly from there would be even better, but I suppose that would be better job for a more scoped Action with goenv, rather than generic Go one? At least it seems that there is no precedent for version managers in official |
@jmhodges on the set output, note that you should use @radeksimko - nice idea. Since go-version input is a string, I may just overload that and do special handling for the value |
Unfortunately, that regex deal wouldn’t give us an auditable version. It’d pick up whatever was the latest version when it happened to run, instead of when told to bump it. There’d be no way to track the PR it came in, etc |
@jmhodges : how I do it is I extract the Go version to use out of my Docker containers, print it and put it in a GitHub Actions variable. It works with dependabot for automatic updates that way. |
For reference my GitHub Action as seen on iron-go-project: name: benchmark
on: pull_request
jobs:
gobench:
name: benchmarking
runs-on: ubuntu-latest
steps:
-
uses: actions/checkout@v2
-
id: vars
run: |
echo ::set-output name=go_version::$(grep '^FROM go' .github/go/Dockerfile | cut -d ' ' -f 2 | cut -d ':' -f 2)
echo "Using Go version ${{ steps.vars.outputs.go_version }}"
-
name: Setup go
uses: actions/setup-go@v2
with:
go-version: ${{ steps.vars.outputs.go_version }} My file
And keeping the file updated automatically in version: 2
updates:
- package-ecosystem: docker
directory: "/.github/go"
schedule:
interval: daily
time: '04:00'
open-pull-requests-limit: 10
target-branch: dev |
I'm using this: jobs:
dist:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Determine Go version from go.mod
run: echo "GO_VERSION=$(grep "go 1." go.mod | cut -d " " -f 2)" >> $GITHUB_ENV
- uses: actions/setup-go@v2
with:
go-version: ${{ env.GO_VERSION }} So I only have to maintain go.mod. Only works if you don't need matrix builds ofc :) But it would be nice if this action could do that on its own, e.g. have a property |
Thanks @ccremer . Came here to see if reading from I've added that snippet to my Go / GH Actions cookbook section, with a link back here - Setup Go cookbook. I also did a dive into syntax and examples for both |
Thanks @hazcod for sharing your snippet and iron project. The CI flows there are extensive and I can use in my own projects. I've added a link in my own template to your template. Would you consider turning issues on to make it easier to discuss before making a PR? |
@MichaelCurrin Thank you! Enabled issues. |
Hi @jmhodges ! Sorry for the late response! |
@Sergey-Murtazin Speaking for myself and some of my colleagues, this is still actual. FYI There is also a PR addressing this problem #62 which was raised in July 2020. Would there be interest in merging it, or is there any particular reason not to merge it? |
Yeah, I'm still having this problem. |
Workaround actions/setup-go#23
Workaround actions/setup-go#23
I believe this can be closed now that v3 and v3.1.0 now include the Reference: https://github.com/actions/setup-go/releases/tag/v3.1.0 |
Hello guys, |
My hacky solution to actions/setup-go#23 has been addressed in actions/setup-go proper. And it can use go.mod directly!
My hacky solution to actions/setup-go#23 has been addressed in actions/setup-go proper. And it can use go.mod directly!
Ah, shoot, This is a bummer because I was hoping dependabot could help me here. (Though, dependabot's |
Hi, @jmhodges 👋 In your case, instead of specifying path to If you have any questions, feel free to ask me 📟 Cheers! |
I was able to verify that |
I've got a GitHub Action I wrote to update the Go versions in my various configuration files[1]. Especially, for my security projects, I'd like an auditable but automated way to keep the Go versions I use up to date.
(Using a
.x
version number isn't enough because doing that wouldn't kick off new builds when a new version is released and it's difficult to audit when a new Go version was brought in.)But, unfortunately (and totally understandably from a security perspective!), GitHub Actions can't modify integration configs. So, I've got a plan to keep my Go versions in a file outside of my workflow configs, have my workflows read in that file and use it for
go_version
, and then have my tool update that external file.Would y'all be open to me posting a PR to make that an explicitly supported thing in setup-go? Say, reading a file in something like
.github/versions/go.yml
or similar?[1] https://github.com/jmhodges/ensure-latest-go
The text was updated successfully, but these errors were encountered: