-
Notifications
You must be signed in to change notification settings - Fork 33
161 lines (141 loc) · 5.92 KB
/
Copy pathrelease.yml
File metadata and controls
161 lines (141 loc) · 5.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: Release
on:
workflow_dispatch:
inputs:
version_override:
description: 'Override semantic version (e.g., v4.3.0) - leave empty for automatic calculation'
required: false
type: string
push:
branches: [master]
jobs:
test:
name: Test
runs-on: cx-public-ubuntu-x64
outputs:
git_tag: ${{ steps.semantic_release_info.outputs.git_tag || steps.version_override.outputs.git_tag }}
version: ${{ steps.semantic_release_info.outputs.version || steps.version_override.outputs.version }}
notes: ${{ steps.semantic_release_info.outputs.notes || steps.version_override.outputs.notes }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0 # Required for 2ms to have visibility to all commit history
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version-file: go.mod
- name: Unit Tests
run: go test ./...
- name: Gets release info
id: semantic_release_info
if: github.event_name == 'workflow_dispatch' && github.event.inputs.version_override == ''
uses: jossef/action-semantic-release-info@277fc891fc5ac40ed0e8d6bf59a0e24a25dfdeac #v3.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Override version if specified
id: version_override
if: github.event_name == 'workflow_dispatch' && github.event.inputs.version_override != ''
run: |
echo "Using manual version override: ${{ github.event.inputs.version_override }}"
echo "git_tag=${{ github.event.inputs.version_override }}" >> $GITHUB_OUTPUT
echo "version=$(echo '${{ github.event.inputs.version_override }}' | sed 's/^v//')" >> $GITHUB_OUTPUT
echo "notes=Manual release with version override to ${{ github.event.inputs.version_override }}" >> $GITHUB_OUTPUT
build:
name: Build and Release
runs-on: cx-public-ubuntu-x64
needs: test
if: ${{ needs.test.outputs.git_tag }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version-file: go.mod
- name: Go Mod Tidy
run: go mod tidy
- name: Compile for Linux amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: linux
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/linux-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for Linux arm64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: linux
GOARCH: arm64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/linux-arm64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS arm64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: arm64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-arm64.zip dist/2ms
rm dist/2ms
- name: Compile for Windows amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: windows
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms.exe main.go
zip -j dist/windows-amd64.zip dist/2ms.exe
rm dist/2ms.exe
- name: Set up QEMU
uses: step-security/setup-qemu-action@109c6ed9f089be1a250c75fd6a534e30df44e030 # v4.0.0
with:
image: tonistiigi/binfmt:latest
platforms: linux/amd64,linux/arm64
- name: Set up Docker Buildx
uses: step-security/setup-buildx-action@f931205d68723ad9589fd2a7e2ece238bf9de341 # v4.0.0
- name: Login to DockerHub
uses: step-security/docker-login-action@870af644803bf9f204aed474adbad2958fec048b # v4.1.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Creating Release
uses: step-security/action-gh-release@277bfa82abcfdb73e5bbb19e213fd76532ee2be5 # v3.0.0
with:
tag_name: ${{ needs.test.outputs.git_tag }}
name: ${{ needs.test.outputs.git_tag }}
body: ${{ needs.test.outputs.notes }}
target_commitish: ${{ steps.commit_and_push.outputs.latest_commit_hash }}
files: |
dist/*.zip
- name: Build and push
uses: step-security/docker-build-push-action@846549baaf047e867d038826129a64d81df0f704 # v7.1.0
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
checkmarx/2ms:latest
checkmarx/2ms:${{ needs.test.outputs.version }}
- name: Update Docker repo description
uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: checkmarx/2ms