[Snyk] Security upgrade golang from 1.21 to 1.23.4 #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Router CI | |
on: | |
pull_request: | |
paths: | |
- "composition-go/**/*" | |
- "demo/**/*" | |
- "router/**/*" | |
- "router-tests/**/*" | |
- "connect/**/*" | |
- ".github/workflows/router-ci.yaml" | |
concurrency: | |
group: ${{github.workflow}}-${{github.head_ref}} | |
cancel-in-progress: true | |
env: | |
CI: true | |
ROUTER_REGISTRATION: false | |
# Both jobs need to kept in sync. We need to distinguish between forks and people with write access to the repository. | |
jobs: | |
# Runs for forks without access to repository secrets | |
build_test_fork: | |
if: github.event.pull_request.head.repo.full_name != github.repository | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
redis: | |
# Docker Hub image | |
image: redis:7 | |
# Set health checks to wait until redis has started | |
options: >- | |
--health-cmd "redis-cli ping" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 6379:6379 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/go-build | |
~/go/pkg/mod | |
# The go install / version instructions are inside the Makefile, so we need to cache the Makefile. | |
key: ${{ runner.os }}-go-${{ hashFiles('router/go.sum') }}-makefile-${{ hashFiles('Makefile') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- uses: ./.github/actions/go | |
with: | |
cache-dependency-path: router/go.sum | |
- uses: ./.github/actions/go-mod-tidy | |
with: | |
working-directory: ./router | |
- name: Install tools | |
run: make setup-build-tools | |
- name: Generate code | |
run: make generate-go | |
- name: Check if git is not dirty after generating files | |
run: git diff --no-ext-diff --exit-code | |
- name: Install dependencies | |
working-directory: ./router | |
run: go mod download | |
- name: Run linters on router-tests | |
uses: ./.github/actions/go-linter | |
with: | |
working-directory: ./router-tests | |
- name: Run linters on router | |
uses: ./.github/actions/go-linter | |
with: | |
working-directory: ./router | |
- name: Test | |
working-directory: ./router | |
run: make test | |
- name: Run Integration tests | |
working-directory: ./router-tests | |
run: make test | |
- name: Build | |
working-directory: ./router | |
run: make build | |
# Runs for people with write access to the repository | |
# that have access to the secrets | |
build_test: | |
if: github.event.pull_request.head.repo.full_name == github.repository | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
services: | |
redis: | |
# Docker Hub image | |
image: redis:7 | |
# Set health checks to wait until redis has started | |
options: >- | |
--health-cmd "redis-cli ping" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
credentials: | |
username: ${{secrets.DOCKER_USERNAME}} | |
password: ${{secrets.DOCKER_PASSWORD}} | |
ports: | |
- 6379:6379 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Log in to Docker Container registry (With write access) | |
uses: docker/login-action@v3 | |
with: | |
registry: docker.io | |
username: ${{secrets.DOCKER_USERNAME}} | |
password: ${{secrets.DOCKER_PASSWORD}} | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/go-build | |
~/go/pkg/mod | |
# The go install / version instructions are inside the Makefile, so we need to cache the Makefile. | |
key: ${{ runner.os }}-go-${{ hashFiles('router/go.sum') }}-makefile-${{ hashFiles('Makefile') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- uses: ./.github/actions/go | |
with: | |
cache-dependency-path: router/go.sum | |
- uses: ./.github/actions/go-mod-tidy | |
with: | |
working-directory: ./router | |
- name: Install tools | |
run: make setup-build-tools | |
- name: Generate code | |
run: make generate-go | |
- name: Check if git is not dirty after generating files | |
run: git diff --no-ext-diff --exit-code | |
- name: Install dependencies | |
working-directory: ./router | |
run: go mod download | |
- name: Run linters on router-tests | |
uses: ./.github/actions/go-linter | |
with: | |
working-directory: ./router-tests | |
- name: Run linters on router | |
uses: ./.github/actions/go-linter | |
with: | |
working-directory: ./router | |
- name: Test | |
working-directory: ./router | |
run: make test | |
- name: Run Integration tests | |
working-directory: ./router-tests | |
run: make test | |
- name: Build | |
working-directory: ./router | |
run: make build | |
build_push_image: | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: ./.github/actions/build-push-image | |
with: | |
docker_username: ${{secrets.DOCKER_USERNAME}} | |
docker_password: ${{secrets.DOCKER_PASSWORD}} | |
docker_context: router | |
dockerfile: router/Dockerfile | |
token: ${{secrets.GITHUB_TOKEN}} | |
image_name: router | |
image_description: "Cosmo Router" |