tsccr: pin action refs to latest trusted #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: test | |
| on: | |
| pull_request: | |
| jobs: | |
| test: | |
| name: packaging | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| # Make sure it handles running in workflows that haven't set up a Go toolchain | |
| go_toolchain_preinstalled: | |
| - true | |
| - false | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| path: build | |
| - if: matrix.go_toolchain_preinstalled == true | |
| uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
| with: | |
| cache: false | |
| go-version-file: build/go.mod | |
| - name: build binary | |
| id: build | |
| working-directory: build | |
| run: | | |
| go build -o template . | |
| echo "binary-path=build/template" | tee -a "$GITHUB_OUTPUT" | |
| ls -la | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| path: action | |
| - uses: ./action | |
| with: | |
| name: template | |
| description: Test packing the binary | |
| arch: amd64 | |
| version: 1.0.0 | |
| maintainer: HashiCorp | |
| homepage: https://github.com/hashicorp/actions-packaging-linux | |
| license: MPL-2.0 | |
| binary: ${{ steps.build.outputs.binary-path }} | |
| bin_path: /usr/local/bin | |
| file_permissions: 0o027 | |
| user_owner: root | |
| group_owner: vault | |
| rpm_depends: bash | |
| rpm_recommends: dmidecode | |
| deb_depends: bash | |
| deb_recommends: dmidecode | |
| - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| if: matrix.go_toolchain_preinstalled == true # only need one set of artifacts | |
| with: | |
| name: artifacts | |
| path: out | |
| if-no-files-found: 'error' | |
| # Note: "suggested" is always empty, as nFPM does not (yet?) support it. | |
| - name: dump RPM | |
| run: | | |
| /bin/ls -l out/ | |
| echo "::group::maybe install rpm" 1>&2 | |
| # runner is ubuntu, install rpm if it's not already available | |
| which rpm || apt-get install -y rpm | |
| echo "::endgroup::" 1>&2 | |
| echo "::group::package contents" 1>&2 | |
| rpm -qplv out/*.rpm | |
| echo "::endgroup::" 1>&2 | |
| echo "::group::dependencies" 1>&2 | |
| rpm -qpv --requires out/*.rpm | |
| echo "::endgroup::" 1>&2 | |
| echo "::group::weak dependencies: recommended packages" 1>&2 | |
| rpm -qpv --recommends out/*.rpm | |
| echo "::endgroup::" 1>&2 | |
| echo "::group::weak dependencies: suggested packages" 1>&2 | |
| rpm -qpv --suggests out/*.rpm | |
| echo "::endgroup::" 1>&2 | |
| - name: dump deb | |
| run: | | |
| /bin/ls -l out/ | |
| echo "::group::package contents" 1>&2 | |
| dpkg -c ./out/*.deb | |
| echo "::endgroup::" 1>&2 | |
| echo "::group::dependencies and recommended packages" 1>&2 | |
| apt-cache show ./out/*.deb | grep -E '^(Depends|Recommends|Suggests):' || true | |
| echo "::endgroup::" 1>&2 |