Skip to content

Bump golang.org/x/crypto from 0.7.0 to 0.11.0 #1216

Bump golang.org/x/crypto from 0.7.0 to 0.11.0

Bump golang.org/x/crypto from 0.7.0 to 0.11.0 #1216

Workflow file for this run

on:
push:
branches:
- "main"
tags:
- "v*"
pull_request:
name: Test and publish
permissions:
contents: write
deployments: write
issues: write
packages: write
env:
CC_BINARY_URL: https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v3
with:
go-version: '1.20.3'
- uses: actions/checkout@v3
- name: Setup Code Climate test-reporter
run: |
curl -L "$CC_BINARY_URL" > ./cc-test-reporter
chmod +x ./cc-test-reporter
- name: Run tests
run: |
export GIT_COMMIT_SHA='${{ github.sha }}'
export GIT_BRANCH="$(echo '${{ github.ref }}' | sed -E -e 's/.*\/(.*)/\1/')"
export CC_TEST_REPORTER_ID='${{ secrets.CC_TEST_REPORTER_ID }}'
./cc-test-reporter before-build
echo "Running tests..."
go test $(go list ./... | grep -v integration_test) -coverprofile c.out ./...
mod="$(cat go.mod | awk '/^module/ {print $2}')"
if [[ ! -z "$CC_TEST_REPORTER_ID" ]]; then
echo "Generating coverage report..."
./cc-test-reporter after-build -p "${mod}/" -t gocov
fi
publish:
name: Goreleaser
runs-on: ubuntu-latest
needs: test
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Write .env file
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
touch .env
echo GITHUB_TOKEN="$GITHUB_TOKEN" >> .env
- name: Login to GHCR
uses: docker/login-action@v2
if: "!startsWith(github.ref, 'refs/tags/v')"
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v2
if: startsWith(github.ref, 'refs/tags/v')
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: goreleaser release preview
run: make release-preview
if: "!startsWith(github.ref, 'refs/tags/v')"
- name: Tag Docker images appropriately
run: >
docker tag ghcr.io/ecadlabs/signatory:${{ github.sha }}-amd64 ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-amd64;
docker tag ghcr.io/ecadlabs/signatory:${{ github.sha }}-arm64 ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-arm64;
docker tag ghcr.io/ecadlabs/signatory:${{ github.sha }}-armv7 ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-armv7;
if: "!startsWith(github.ref, 'refs/tags/v')"
- name: Push Signatory preview images to GH Container Registry
run: >
docker push ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-amd64;
docker push ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-arm64;
docker push ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-armv7;
if: "!startsWith(github.ref, 'refs/tags/v')"
- name: goreleaser release
run: make release
if: startsWith(github.ref, 'refs/tags/v')
integration-tests:
if: "!startsWith(github.ref, 'refs/tags/v')"
needs: publish
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
testenvs:
- current
- next
steps:
- uses: actions/checkout@v2
- name: Login to DockerHub
uses: docker/login-action@v2
if: "!startsWith(github.ref, 'refs/tags/v')"
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run tests
env:
IMAGE: ghcr.io/ecadlabs/signatory:${{ github.head_ref || github.ref_name }}-amd64
VAULT_AWS_USER: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_USER }}
VAULT_AWS_KEY: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_KEY }}
VAULT_AWS_SECRET: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_SECRET }}
VAULT_AWS_REGION: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_REGION }}
VAULT_AWS_PKH_TZ2: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ2 }}
VAULT_AWS_PKH_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_AWS_TZ3 }}
VAULT_AZ_CLIENTCERTTHUMB: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTCERTTHUMB }}
VAULT_AZ_CLIENTID: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_CLIENTID }}
VAULT_AZ_RESGROUP: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_RESGROUP }}
VAULT_AZ_SP_KEY: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_SP_KEY }}
VAULT_AZ_SUBID: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_SUBID }}
VAULT_AZ_TENANTID: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TENANTID }}
VAULT_AZ_VAULT: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_VAULT }}
VAULT_AZ_TZ2: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ2 }}
VAULT_AZ_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_AZ_TZ3 }}
VAULT_GCP_PROJECTID: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PROJECTID }}
VAULT_GCP_PRIVATEKEYID: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PRIVATEKEYID }}
VAULT_GCP_PRIVATEKEY: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_PRIVATEKEY }}
VAULT_GCP_CLIENTEMAIL: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_CLIENTEMAIL }}
VAULT_GCP_CLIENTID: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_CLIENTID }}
VAULT_GCP_X509_URL: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_X509_URL }}
VAULT_GCP_KEYRING: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_KEYRING }}
VAULT_GCP_LOCATION: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_LOCATION }}
VAULT_GCP_TZ3: ${{ secrets.INTEGRATIONTEST_VAULT_GCP_TZ3 }}
run: >
cd integration_test;
export ARCH=amd64;
. ./.env.${{ matrix.testenvs }};
envsubst < gcp-token-template.json > gcp-token.json;
echo $VAULT_AZ_SP_KEY |base64 -d >service-principal.key;
docker compose up -d --wait --pull always;
docker exec octez sudo chown -R tezos /home/tezos/.tezos-client;
go test ./...;
docker compose kill;
rm -f gcp-token.json;
rm -f service-principal.key;
go tool covdata textfmt -i=./coverage -o=./coverage/cov.txt;
sed -i 's/\/go\/src\/github.com/github.com/g' ./coverage/cov.txt;
go tool cover -html=./coverage/cov.txt -o=./coverage/integrationtestcoverage.html;
- uses: actions/upload-artifact@v3
with:
name: integrationtest-coverage-env${{ matrix.testenvs }}
path: ./integration_test/coverage/integrationtestcoverage.html