diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e933fcf..b79ed76 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,109 +1,72 @@ -name: Build +name: Build Docker Image on: push: tags: - 'v*' + workflow_run: + workflows: ["Tests"] + branches: [master] + types: + - completed + jobs: - push_to_registry: - name: Push Docker image to GitHub - runs-on: ubuntu-latest + release: + name: Release GitHub tag + runs-on: 'ubuntu-latest' + if: ${{ github.event.workflow_run.conclusion == 'success' }} + permissions: + contents: write + outputs: + new_tag: ${{ steps.tag_version.outputs.new_tag }} steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - name: Import Secrets - id: secrets - uses: hashicorp/vault-action@v2.6.0 + - name: Bump version and push tag + id: tag_version + uses: mathieudutour/github-tag-action@v6.1 with: - url: ${{ secrets.VAULT_ADDR }} - method: github - githubToken: ${{ secrets.GT_VAULT_AUTH_TOKEN }} - secrets: | - github/data/token registry_write | GITHUB_REGISTRY_TOKEN ; + default_bump: minor + github_token: ${{ secrets.GITHUB_TOKEN }} - - name: Get the version - id: get_version - run: echo ::set-output name=VERSION::$(echo $GITHUB_REF | cut -d / -f 3) - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + - name: Release with Notes + uses: softprops/action-gh-release@v1 + with: + tag_name: ${{ steps.tag_version.outputs.new_tag }} + name: Release ${{ steps.tag_version.outputs.new_tag }} + body: ${{ steps.tag_version.outputs.changelog }} + draft: false + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + push: + name: Push Docker image to Docker Hub + runs-on: ubuntu-latest + needs: [ release ] + steps: + - name: Check out the repo + uses: actions/checkout@v4 - name: Login to GitHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} - password: ${{ steps.secrets.outputs.GITHUB_REGISTRY_TOKEN }} + password: ${{ secrets.GH_REGISTRY_TOKEN }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Build and push to GitHub - id: github_build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: ./ file: ./Dockerfile push: true - tags: ghcr.io/omegion/ssh-manager:latest,ghcr.io/omegion/ssh-manager:${{ steps.get_version.outputs.VERSION }} + tags: ghcr.io/omegion/ssh-manager:latest,ghcr.io/omegion/ssh-manager:${{ needs.release.outputs.new_tag }} platforms: linux/amd64,linux/arm64 - - release: - name: Create Release - runs-on: 'ubuntu-latest' - strategy: - matrix: - # List of GOOS and GOARCH pairs from `go tool dist list` - goosarch: - - 'darwin/amd64' - - 'darwin/arm64' - - 'linux/amd64' - - 'linux/arm64' - - 'windows/amd64' - - 'windows/arm64' - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Get the version - run: | - VERSION=$(echo $GITHUB_REF | cut -d / -f 3) - echo "VERSION=$VERSION" >> $GITHUB_ENV - - uses: actions/setup-go@v4 - with: - go-version: '1.18' - - name: Get OS and arch info - run: | - GOOSARCH=${{matrix.goosarch}} - GOOS=${GOOSARCH%/*} - GOARCH=${GOOSARCH#*/} - BINARY_NAME=ssh-manager-$GOOS-$GOARCH - VERSION=$(echo $GITHUB_REF | cut -d / -f 3) - echo "BINARY_NAME=$BINARY_NAME" >> $GITHUB_ENV - echo "GOOS=$GOOS" >> $GITHUB_ENV - echo "GOARCH=$GOARCH" >> $GITHUB_ENV - echo "VERSION=$VERSION" >> $GITHUB_ENV - - name: Build - run: | - make build TARGETOS="$GOOS" TARGETARCH="$GOARCH" VERSION="$VERSION" BINARY_NAME="$BINARY_NAME" - - name: Release Notes - run: | - export VERSION=${{env.VERSION}} - - git log $(git describe HEAD~ --tags --abbrev=0)..HEAD --pretty='format:* %h %s%n * %an <%ae>' --no-merges >> .github/RELEASE_TEMPLATE.md - - curl -o /usr/local/bin/gomplate -sSL https://github.com/hairyhenderson/gomplate/releases/download/v3.10.0/gomplate_linux-amd64 - chmod 755 /usr/local/bin/gomplate - - gomplate --file .github/RELEASE_TEMPLATE.md --out .github/RELEASE_NOTES.md - - name: Release with Notes - uses: softprops/action-gh-release@v1 - with: - name: Release ${{env.VERSION}} - body_path: ".github/RELEASE_NOTES.md" - draft: false - files: ${{env.BINARY_NAME}} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + build-args: VERSION=${{ needs.release.outputs.new_tag }} \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b9f9724..459574d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,6 +1,7 @@ -name: Code Check +name: Tests on: + push: pull_request: jobs: @@ -11,19 +12,17 @@ jobs: - name: Set up Go 1.x uses: actions/setup-go@v4 with: - go-version: 1.18.0 + go-version: ^1.21 id: go - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get dependencies run: | go get -v -t -d ./... - - - name: Run Unit tests - run: | - go test -race -covermode atomic -coverprofile=covprofile ./... + - name: go test + run: go test -race -covermode atomic -coverprofile=covprofile ./... - name: Install goveralls run: go install github.com/mattn/goveralls@latest @@ -34,43 +33,32 @@ jobs: run: goveralls -coverprofile=covprofile -service=github vet: - name: go vet and statuscheck + name: go vet and lint runs-on: ubuntu-latest steps: - name: Set up Go 1.x uses: actions/setup-go@v4 with: - go-version: 1.18.0 + go-version: ^1.21 id: go - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - - name: go vet + - name: Get dependencies run: | go get -v -t -d ./... - go vet ./... - - - name: go staticcheck - uses: dominikh/staticcheck-action@v1.3.0 - with: - version: "2022.1" - install-go: false + - name: go vet + run: go vet ./... golangci: name: golangci lint check runs-on: ubuntu-latest steps: - - name: Set up Go 1.x - uses: actions/setup-go@v4 - with: - go-version: 1.18.0 - id: go - - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.45.2 \ No newline at end of file + version: v1.54.2 \ No newline at end of file diff --git a/README.md b/README.md index efd9a01..00d19b4 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ SSH Key Manager for 1Password, Bitwarden and AWS S3.

- Check + Check Coverall Report Doc diff --git a/renovate.json b/renovate.json index 6b614d0..612bfa3 100644 --- a/renovate.json +++ b/renovate.json @@ -12,6 +12,7 @@ { "description": "Automerge non-major updates", "matchUpdateTypes": [ + "major", "minor", "patch" ],