diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d959b24..d82f3d7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,27 +10,12 @@ jobs: build-binary: name: 👷 Build binary runs-on: ubuntu-latest - container: golang:1.20 steps: - name: Check out repository code uses: actions/checkout@v4 - - name: Mark source directory as safe. - run: git config --global --add safe.directory $GITHUB_WORKSPACE - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: "linux/amd64,linux/arm64" - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: ./.github/workflows/goreleaser with: - args: release --snapshot - env: - BUGSNAG_API_KEY: "REAL_KEY_NOT_NEEDED_HERE" - REPOSITORY_URL: "ghcr.io/spacelift-io/vcs-agent" + repository_url: "ghcr.io/spacelift-io/vcs-agent" diff --git a/.github/workflows/goreleaser/action.yml b/.github/workflows/goreleaser/action.yml new file mode 100644 index 0000000..84b6c64 --- /dev/null +++ b/.github/workflows/goreleaser/action.yml @@ -0,0 +1,50 @@ +name: Run GoReleaser +description: Sets up the proper Go version, Docker Buildx, QEMU, and runs GoReleaser + +inputs: + snapshot: + description: Whether to create a snapshot release or real one + default: "true" + bugsnag_api_key: + description: The Bugsnag API key + default: "NOT_SET" + repository_url: + description: The repository URL that GoReleaser will use to create the Docker images + required: true + github_token: + description: The GitHub token + required: false + disable_github_release: + description: Whether to disable publishing the GitHub release + default: "true" + +runs: + using: composite + steps: + - name: Setup Go + uses: actions/setup-go@v4 + with: { go-version: "1.20" } + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: "linux/amd64,linux/arm64" + + - name: Run GoReleaser + id: goreleaser + uses: goreleaser/goreleaser-action@v5 + with: + args: release --snapshot=${{ inputs.snapshot }} + env: + BUGSNAG_API_KEY: ${{ inputs.bugsnag_api_key }} + REPOSITORY_URL: ${{ inputs.repository_url }} + GITHUB_TOKEN: ${{ inputs.github_token }} + DISABLE_GITHUB_RELEASE: ${{ inputs.DISABLE_GITHUB_RELEASE }} + +outputs: + metadata: + description: The release metadata of GoReleaser + value: ${{ steps.goreleaser.outputs.metadata }} diff --git a/.github/workflows/publish/action.yml b/.github/workflows/publish/action.yml index 78e5e27..15d7751 100644 --- a/.github/workflows/publish/action.yml +++ b/.github/workflows/publish/action.yml @@ -33,9 +33,8 @@ inputs: runs: using: composite steps: - - name: Setup Go - uses: actions/setup-go@v4 - with: { go-version: "1.20" } + - name: Setup Go and Docker + uses: ./.github/workflows/setup - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v4 @@ -49,14 +48,6 @@ runs: if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') }} shell: bash run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: linux/amd64,linux/arm64 - name: Run GoReleaser uses: goreleaser/goreleaser-action@v5 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 60e7fc7..7423541 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -29,7 +29,6 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 - gosec: name: 👮‍♀️ GoSec runs-on: ubuntu-latest diff --git a/.github/workflows/setup/action.yml b/.github/workflows/setup/action.yml new file mode 100644 index 0000000..f9b2baa --- /dev/null +++ b/.github/workflows/setup/action.yml @@ -0,0 +1,17 @@ +name: Setup Go and Docker +description: Setup the proper Go versions and the Docker environment + +runs: + using: composite + steps: + - name: Setup Go + uses: actions/setup-go@v4 + with: { go-version: "1.20" } + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: "linux/amd64,linux/arm64" \ No newline at end of file diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 8337ec6..36f1d0d 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -20,28 +20,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - with: { fetch-depth: 0 } - - - name: Setup Go - uses: actions/setup-go@v4 - with: { go-version: "1.20" } - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: "linux/amd64,linux/arm64" - name: Run GoReleaser + uses: ./.github/workflows/goreleaser id: goreleaser - uses: goreleaser/goreleaser-action@v5 with: - args: release --snapshot - env: - BUGSNAG_API_KEY: "REAL_KEY_NOT_NEEDED_HERE" - REPOSITORY_URL: "ghcr.io/spacelift-io/vcs-agent" + repository_url: "ghcr.io/spacelift-io/vcs-agent" - name: Run Trivy vulnerability scanner (amd64) uses: aquasecurity/trivy-action@master diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 5d9024e..a1682e8 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -14,6 +14,9 @@ builds: changelog: use: github-native +release: + disable: "{{ .Env.DISABLE_GITHUB_RELEASE }}" + archives: - format: zip name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"