From 8627f11d0a0bf530929c1c08ef02934f06bef4f9 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Wed, 17 Jul 2024 12:08:25 +0300 Subject: [PATCH] update deps --- .github/workflows/analysis.yml | 27 ++++++------------- .github/workflows/cla.yml | 26 ++++-------------- .../workflows/frogbot-scan-pull-request.yml | 3 +++ .github/workflows/frogbot-scan-repository.yml | 3 +++ .github/workflows/test.yml | 15 ++--------- 5 files changed, 21 insertions(+), 53 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 4820c18..a8d82a9 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -13,30 +13,19 @@ jobs: - name: Checkout Source uses: actions/checkout@v4 - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: 1.22.x - - - name: Static Code Analysis - uses: golangci/golangci-lint-action@v3 - with: - args: | - --timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars - + - name: Setup Go with cache + uses: jfrog/.github/actions/install-go-with-cache@main + - name: Run golangci lint + uses: jfrog/.github/actions/golangci-lint@main Go-Sec: runs-on: ubuntu-latest steps: - name: Checkout Source uses: actions/checkout@v4 - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: 1.22.x + - name: Setup Go with cache + uses: jfrog/.github/actions/install-go-with-cache@main - - name: Run Gosec Security Scanner - uses: securego/gosec@master - with: - args: -exclude G204,G304,G404,G401,G505 -tests -exclude-dir \.*test\.* ./... \ No newline at end of file + - name: Run Go-Sec scanner + uses: jfrog/.github/actions/gosec-scanner@main \ No newline at end of file diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 541512e..8096e39 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -10,26 +10,10 @@ jobs: CLAssistant: runs-on: ubuntu-latest steps: - - uses: actions-ecosystem/action-regex-match@v2 - id: sign-or-recheck + - name: Run CLA Check + uses: jfrog/.github/actions/cla@main with: - text: ${{ github.event.comment.body }} - regex: '\s*(I have read the CLA Document and I hereby sign the CLA)|(recheck)\s*' - - - name: "CLA Assistant" - if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }} - # Alpha Release - uses: cla-assistant/github-action@v2.3.0 - env: - # Generated and maintained by GitHub + event_comment_body: ${{ github.event.comment.body }} + event_name: ${{ github.event_name }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # JFrog's organization secret - PERSONAL_ACCESS_TOKEN : ${{ secrets.CLA_SIGN_TOKEN }} - with: - path-to-signatures: 'signed_clas.json' - path-to-document: 'https://jfrog.com/cla/' - remote-organization-name: 'jfrog' - remote-repository-name: 'jfrog-signed-clas' - # branch should not be protected - branch: 'master' - allowlist: bot* + CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml index 998c8c9..6479787 100644 --- a/.github/workflows/frogbot-scan-pull-request.yml +++ b/.github/workflows/frogbot-scan-pull-request.yml @@ -12,6 +12,9 @@ jobs: # "frogbot" GitHub environment can approve the pull request to be scanned. environment: frogbot steps: + - name: Setup Go with cache + uses: jfrog/.github/actions/install-go-with-cache@main + - uses: jfrog/frogbot@v2 env: JFROG_CLI_LOG_LEVEL: "DEBUG" diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml index 2342d4d..9a230bb 100644 --- a/.github/workflows/frogbot-scan-repository.yml +++ b/.github/workflows/frogbot-scan-repository.yml @@ -16,6 +16,9 @@ jobs: # The repository scanning will be triggered periodically on the following branches. branch: [ "master" ] steps: + - name: Setup Go with cache + uses: jfrog/.github/actions/install-go-with-cache@main + - uses: jfrog/frogbot@v2 env: JFROG_CLI_LOG_LEVEL: "DEBUG" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e5aa357..95f199b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,19 +17,8 @@ jobs: - name: Checkout Source uses: actions/checkout@v4 - - name: Go Cache - uses: actions/cache@v4 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version: 1.22.x - cache: false + - name: Setup Go with cache + uses: jfrog/.github/actions/install-go-with-cache@main - name: Tests run: go test -v -race -covermode atomic -coverprofile=covprofile ./...