Skip to content

build(deps): bump github/codeql-action from 3.26.9 to 3.26.10 #2284

build(deps): bump github/codeql-action from 3.26.9 to 3.26.10

build(deps): bump github/codeql-action from 3.26.9 to 3.26.10 #2284

Workflow file for this run

on:
push:
branches:
- main
pull_request:
branches:
- main
release:
types:
- published
name: build
permissions: read-all
jobs:
build-arch:
name: Build ZOT multiarch
permissions:
contents: write
packages: write
runs-on: ubuntu-latest
strategy:
matrix:
os: [linux, darwin, freebsd]
arch: [amd64, arm64]
steps:
- name: Check out source code
uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
with:
cache: false
go-version: 1.22.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
with:
path: |
~/go/pkg/mod
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-mod-
- name: Cache go build output
id: cache-go-build
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
key: ${{ matrix.os }}-${{ matrix.arch }}-go-build-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ matrix.os }}-${{ matrix.arch }}-go-build-
- name: Install go dependencies
if: steps.cache-go-dependencies.outputs.cache-hit != 'true'
run: |
cd $GITHUB_WORKSPACE
go mod download
- name: Install other dependencies
run: |
cd $GITHUB_WORKSPACE
go install github.com/swaggo/swag/cmd/[email protected]
sudo apt-get update
sudo apt-get install rpm
sudo apt-get install snapd
sudo apt-get install libgpgme-dev libassuan-dev libbtrfs-dev libdevmapper-dev pkg-config
git clone https://github.com/containers/skopeo -b v1.12.0 $GITHUB_WORKSPACE/src/github.com/containers/skopeo
cd $GITHUB_WORKSPACE/src/github.com/containers/skopeo && \
make bin/skopeo && \
sudo cp bin/skopeo /usr/bin && \
rm -rf $GITHUB_WORKSPACE/src/github.com/containers/skopeo
cd $GITHUB_WORKSPACE
curl -Lo notation.tar.gz https://github.com/notaryproject/notation/releases/download/v1.0.0-rc.4/notation_1.0.0-rc.4_linux_amd64.tar.gz
sudo tar xvzf notation.tar.gz -C /usr/bin notation
rm -f notation.tar.gz
- name: Run build
timeout-minutes: 10
run: |
echo "Building for $OS:$ARCH"
cd $GITHUB_WORKSPACE
make binary binary-minimal binary-debug cli bench exporter-minimal
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Generate GraphQL Introspection JSON on Release
if: github.event_name == 'release' && github.event.action == 'published' && matrix.os == 'linux' && matrix.arch == 'amd64'
run: |
bin/zot-linux-amd64 serve examples/config-search.json &
sleep 10
curl -X POST -H "Content-Type: application/json" -d @.pkg/debug/githubWorkflows/introspection-query.json http://localhost:5000/v2/_zot/ext/search | jq > bin/zot-gql-introspection-result.json
pkill zot
- if: github.event_name == 'release' && github.event.action == 'published'
name: Publish artifacts on releases
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: bin/z*
tag: ${{ github.ref }}
overwrite: true
file_glob: true
release-checksums:
name: Release Artifact Checksums
needs: build-arch
if: github.event_name == 'release' && github.event.action == 'published'
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- name: Download Release Artifacts
uses: robinraju/[email protected]
with:
tag: ${{ github.ref_name }}
fileName: "z*"
- name: Generate checksum
uses: jmgilman/actions-generate-checksum@v1
with:
patterns: z*
method: sha256
output: checksums.sha256.txt
- name: Add wildcard character prefix to filenames in checksum file
run: sed -i 's! ! \*!g' checksums.sha256.txt
- name: Publish checksums on releases
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: checksums.sha256.txt
tag: ${{ github.ref }}
overwrite: true