-
Notifications
You must be signed in to change notification settings - Fork 18
136 lines (117 loc) · 4.13 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: Release
on:
workflow_dispatch:
push:
branches: [ master ]
jobs:
test:
name: Test
runs-on: ubuntu-latest
outputs:
git_tag: ${{ steps.semantic_release_info.outputs.git_tag }}
version: ${{ steps.semantic_release_info.outputs.version }}
notes: ${{ steps.semantic_release_info.outputs.notes }}
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0 # Required for 2ms to have visibility to all commit history
- uses: actions/setup-go@v4
with:
go-version: "^1.20"
- name: Go Linter
run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.52.0 golangci-lint run -v -E gofmt --timeout=5m
- name: Run 2ms Scan
run: docker run -v $(pwd):/repo checkmarx/2ms:2.8.1 git /repo --config /repo/.2ms.yml
- name: Unit Tests
run: go test ./...
- name: Gets release info
id: semantic_release_info
if: github.event_name == 'workflow_dispatch'
uses: jossef/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
name: Build and Release
runs-on: ubuntu-latest
needs: test
if: ${{ needs.test.outputs.git_tag }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: "^1.20"
- name: Go Mod Tidy
run: go mod tidy
- name: Compile for Linux amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: linux
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/linux-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS arm64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: arm64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-arm64.zip dist/2ms
rm dist/2ms
- name: Compile for Windows amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: windows
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms.exe main.go
zip -j dist/windows-amd64.zip dist/2ms.exe
rm dist/2ms.exe
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Creating Release
uses: softprops/[email protected]
with:
tag_name: ${{ needs.test.outputs.git_tag }}
name: ${{ needs.test.outputs.git_tag }}
body: ${{ needs.test.outputs.notes }}
target_commitish: ${{ steps.commit_and_push.outputs.latest_commit_hash }}
files: |
dist/*.zip
- name: Build and push
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
checkmarx/2ms:latest
checkmarx/2ms:${{ needs.test.outputs.version }}
- name: Update Docker repo description
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: checkmarx/2ms