Skip to content

🧹 Bump cnspec to v11.30.0 #353

🧹 Bump cnspec to v11.30.0

🧹 Bump cnspec to v11.30.0 #353

Workflow file for this run

name: Build Packer Plugin
## Only trigger tests if source is changing
on:
push:
paths:
- "**.go"
- "**.mod"
- "go.sum"
jobs:
license-check:
name: License Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/[email protected]
- name: Setup Copywrite
uses: hashicorp/[email protected]
- name: Check Header Compliance
run: copywrite headers --plan
goreleaser:
name: GoReleaser
runs-on: self-hosted
env:
RUNNER_TYPE: "self-hosted"
timeout-minutes: 120
steps:
- name: Checkout
uses: actions/[email protected]
- name: Unshallow
run: git fetch --prune --unshallow
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Set up Go
uses: actions/[email protected]
with:
go-version: ">=${{ env.golang-version }}"
cache: false
- name: Check go mod
run: |
go mod tidy
git diff --exit-code go.mod
- name: Run golangci-lint
uses: golangci/[email protected]
with:
version: latest
skip-cache: true
- name: "Install required tooling"
if: ${{ env.RUNNER_TYPE != 'self-hosted' }}
run: |
# Only use sudo on self-hosted runners
sudo apt install -y zip
- name: Set cnspec version
run: echo "CNSPEC_VERSION=$(go list -json -m go.mondoo.com/cnspec/v11 | jq -r '.Version')" >> $GITHUB_ENV
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
version: latest
args: release --snapshot --skip=publish --clean
env:
API_VERSION: x5.0
CNSPEC_VERSION: ${{ env.CNSPEC_VERSION }}
debug:
runs-on: ubuntu-latest
steps:
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: |
echo "$GITHUB_CONTEXT"
go-auto-approve:
runs-on: ubuntu-latest
needs: [goreleaser, license-check]
# For now, we only auto approve and merge cnspec bump PRs created by mondoo-tools.
# We have to check the commit author, because the PR is created by "github-actions[bot]"
# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#startswith
if: ${{ startsWith(github.ref, 'refs/heads/version/cnspec_update_v') && github.event.commits[0].author.name == 'mondoo-tools' }}
permissions:
contents: write
pull-requests: write
steps:
# figure out the PR for this commit
- uses: cloudposse-github-actions/[email protected]
id: pr
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
filterOutClosed: true
filterOutDraft: true
- name: Approve a PR
uses: fastify/github-action-merge-dependabot@v3
with:
pr-number: ${{ steps.pr.outputs.number }}