Skip to content

fix: vulnerabilities (#264) #200

fix: vulnerabilities (#264)

fix: vulnerabilities (#264) #200

Workflow file for this run

name: Release
on:
workflow_dispatch:
push:
branches: [master]
jobs:
test:
name: Test
runs-on: ubuntu-latest
outputs:
git_tag: ${{ steps.semantic_release_info.outputs.git_tag }}
version: ${{ steps.semantic_release_info.outputs.version }}
notes: ${{ steps.semantic_release_info.outputs.notes }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0 # Required for 2ms to have visibility to all commit history
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "^1.22"
- name: Go Linter
run: docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:v1.61.0 golangci-lint run -v -E gofmt --timeout=5m
- name: Unit Tests
run: go test ./...
- name: Gets release info
id: semantic_release_info
if: github.event_name == 'workflow_dispatch'
uses: jossef/action-semantic-release-info@277fc891fc5ac40ed0e8d6bf59a0e24a25dfdeac #v3.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
name: Build and Release
runs-on: ubuntu-latest
needs: test
if: ${{ needs.test.outputs.git_tag }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "^1.22"
- name: Go Mod Tidy
run: go mod tidy
- name: Compile for Linux amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: linux
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/linux-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-amd64.zip dist/2ms
rm dist/2ms
- name: Compile for MacOS arm64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: darwin
GOARCH: arm64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms main.go
zip -j dist/macos-arm64.zip dist/2ms
rm dist/2ms
- name: Compile for Windows amd64
env:
VERSION: ${{ needs.test.outputs.version }}
CGO_ENABLED: 0
GOOS: windows
GOARCH: amd64
run: |
go build -ldflags "-s -w -X github.com/checkmarx/2ms/cmd.Version=$VERSION" -a -installsuffix cgo -o dist/2ms.exe main.go
zip -j dist/windows-amd64.zip dist/2ms.exe
rm dist/2ms.exe
- name: Set up QEMU
uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v2
with:
image: tonistiigi/binfmt:latest
platforms: linux/amd64,linux/arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #v3.3.0
- name: Login to DockerHub
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 #v3.1.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Creating Release
uses: softprops/action-gh-release@975c1b265e11dd76618af1c374e7981f9a6ff44a
with:
tag_name: ${{ needs.test.outputs.git_tag }}
name: ${{ needs.test.outputs.git_tag }}
body: ${{ needs.test.outputs.notes }}
target_commitish: ${{ steps.commit_and_push.outputs.latest_commit_hash }}
files: |
dist/*.zip
- name: Build and push
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
checkmarx/2ms:latest
checkmarx/2ms:${{ needs.test.outputs.version }}
- name: Update Docker repo description
uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: checkmarx/2ms