mirror of
https://github.com/project-zot/zot.git
synced 2026-06-17 12:58:02 +08:00
chore: fix dependabot alerts (#4048)
* chore: fix dependabot alerts Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: fix dependabot alerts Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: fix dependabot alerts Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: fix golangci-lint findings from CI Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: fix golangci-lint gosec warnings Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update code to use slices package and address gosec linting issues Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * build: fix makefile target Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update tests to use context in HTTP requests and add gosec annotations Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update tests to use context in HTTP requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update tests to use context in HTTP requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update tests to use context in HTTP requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update tests to use context in HTTP requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: bump zui version Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: update test helpers and improve security settings in tests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * chore: add gosec linting directive for test path construction Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
This commit is contained in:
Ramkumar Chinchani
committed by
GitHub
GitHub
parent
9757f7cf41
commit
9aff5b8d08
@@ -21,13 +21,13 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
# Run benchmark with `go test -bench` and stores the output to a file
|
||||
- name: Run benchmark
|
||||
run: make BENCH_OUTPUT=ci-cd run-bench
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark
|
||||
|
||||
@@ -21,7 +21,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
|
||||
@@ -33,10 +33,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -45,7 +45,7 @@ jobs:
|
||||
${{ runner.os }}-go-mod-
|
||||
- name: Cache go build output
|
||||
id: cache-go-build
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/go-build
|
||||
@@ -117,7 +117,7 @@ jobs:
|
||||
packages: write
|
||||
steps:
|
||||
- name: Download Release Artifacts
|
||||
uses: robinraju/release-downloader@daf26c55d821e836577a15f77d86ddc078948b05 # v1
|
||||
uses: robinraju/release-downloader@28fc21f50d76778e7023361aa1f863e717d3d56f # v1
|
||||
with:
|
||||
tag: ${{ github.ref_name }}
|
||||
fileName: "z*"
|
||||
|
||||
@@ -22,7 +22,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Check out source code
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
with:
|
||||
|
||||
@@ -23,7 +23,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -164,7 +164,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-bolt
|
||||
@@ -206,7 +206,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-bolt
|
||||
@@ -241,7 +241,7 @@ jobs:
|
||||
zip logs-src-ips-bolt.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-bolt
|
||||
@@ -250,7 +250,7 @@ jobs:
|
||||
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster
|
||||
@@ -281,7 +281,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -431,7 +431,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for push-pull tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-push-pull-redis
|
||||
@@ -473,7 +473,7 @@ jobs:
|
||||
rm /tmp/*.log
|
||||
|
||||
- name: Upload zot logs for cidr tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-cidr-redis
|
||||
@@ -508,7 +508,7 @@ jobs:
|
||||
zip logs-src-ips-redis.zip /tmp/*.log -r
|
||||
|
||||
- name: Upload zot logs for src-ips tests
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: logs-src-ips-redis
|
||||
@@ -517,7 +517,7 @@ jobs:
|
||||
|
||||
# Download previous benchmark result from cache (if exists)
|
||||
- name: Download previous benchmark data
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: ./cache
|
||||
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster-redis
|
||||
|
||||
@@ -53,11 +53,11 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||
@@ -68,7 +68,7 @@ jobs:
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
@@ -81,4 +81,4 @@ jobs:
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
|
||||
@@ -17,7 +17,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Checkout zot (main branch)
|
||||
run: |
|
||||
mkdir -p $GITHUB_WORKSPACE/zot_main
|
||||
|
||||
@@ -23,7 +23,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -95,7 +95,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload DynamoDB zot logs as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -133,7 +133,7 @@ jobs:
|
||||
run: |
|
||||
find /tmp/zot-ft-logs/redis -name '*.log' -print0 | xargs -0 cat
|
||||
- name: Upload Redis zot logs as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -158,7 +158,7 @@ jobs:
|
||||
echo "Redis scale-out tests failed"
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: zb-cloud-scale-out-functional-results-${{ github.sha }}
|
||||
|
||||
@@ -23,7 +23,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
|
||||
- name: Run zb
|
||||
id: bench
|
||||
@@ -41,7 +41,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-local
|
||||
@@ -65,7 +65,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
|
||||
- name: Run zb
|
||||
id: bench
|
||||
@@ -83,7 +83,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-local
|
||||
@@ -107,7 +107,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- uses: ./.github/actions/setup-localstack
|
||||
- name: Setup minio service
|
||||
run: |
|
||||
@@ -168,7 +168,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: gc-referrers-bench-s3
|
||||
@@ -194,7 +194,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- uses: ./.github/actions/setup-localstack
|
||||
- name: Setup minio service
|
||||
run: |
|
||||
@@ -255,7 +255,7 @@ jobs:
|
||||
continue-on-error: true
|
||||
|
||||
- name: Upload zot logs
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: gc-bench-s3
|
||||
|
||||
@@ -19,7 +19,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
with:
|
||||
persist-credentials: false
|
||||
@@ -27,7 +27,7 @@ jobs:
|
||||
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
|
||||
with:
|
||||
# Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
|
||||
version: v2.6.2
|
||||
version: v2.12.2
|
||||
|
||||
# Optional: working directory, useful for monorepos
|
||||
# working-directory: somedir
|
||||
|
||||
@@ -28,7 +28,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
|
||||
@@ -25,7 +25,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install go-licenses
|
||||
run: go install github.com/google/go-licenses@latest
|
||||
- name: Check for forbidden licenses
|
||||
|
||||
@@ -24,7 +24,7 @@ jobs:
|
||||
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
||||
with:
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -60,7 +60,7 @@ jobs:
|
||||
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
||||
with:
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -81,7 +81,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- uses: ./.github/actions/setup-localstack
|
||||
- name: Create zot-storage bucket on LocalStack
|
||||
run: |
|
||||
@@ -127,7 +127,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- uses: ./.github/actions/setup-localstack
|
||||
- name: Create zot-storage bucket on LocalStack
|
||||
run: |
|
||||
@@ -188,7 +188,7 @@ jobs:
|
||||
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
||||
with:
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -225,7 +225,7 @@ jobs:
|
||||
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
||||
with:
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -254,7 +254,7 @@ jobs:
|
||||
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
||||
with:
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install crane
|
||||
run: |
|
||||
go install github.com/google/go-containerregistry/cmd/crane@latest
|
||||
@@ -273,7 +273,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -298,7 +298,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-dynamodb-logs
|
||||
@@ -327,7 +327,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: zb-cloud-scale-out-perf-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
@@ -344,7 +344,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
@@ -369,7 +369,7 @@ jobs:
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
continue-on-error: true
|
||||
- name: Upload zot logs as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
if: always()
|
||||
with:
|
||||
name: zot-scale-out-redis-logs
|
||||
@@ -398,7 +398,7 @@ jobs:
|
||||
exit 1
|
||||
- name: Upload zb test results zip as build artifact
|
||||
if: steps.scale.outcome == 'success'
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: zb-cloud-scale-out-redis-results-${{ github.sha }}
|
||||
path: ./zb-results/
|
||||
|
||||
@@ -25,7 +25,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Checkout this PR
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
with:
|
||||
@@ -63,7 +63,7 @@ jobs:
|
||||
- run: mkdir -p .out/ && mv {report.html,junit.xml} .out/
|
||||
if: always()
|
||||
- name: Upload test results zip as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: oci-test-results-${{ github.sha }}
|
||||
path: .out/
|
||||
|
||||
@@ -275,7 +275,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
@@ -312,7 +312,7 @@ jobs:
|
||||
TRIVY_USERNAME: ${{ github.actor }}
|
||||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
|
||||
@@ -346,13 +346,13 @@ jobs:
|
||||
git config --global user.name 'github-actions'
|
||||
git config --global user.email 'github-actions@users.noreply.github.com'
|
||||
- name: Update appVersion
|
||||
uses: mikefarah/yq@0f4fb8d35ec1a939d78dd6862f494d19ec589f19 # v4.52.5
|
||||
uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2
|
||||
with:
|
||||
cmd: yq -i '.appVersion = strenv(RELEASE_TAG)' 'helm-charts/charts/zot/Chart.yaml'
|
||||
env:
|
||||
RELEASE_TAG: ${{ github.event.release.tag_name }}
|
||||
- name: Update image tag
|
||||
uses: mikefarah/yq@0f4fb8d35ec1a939d78dd6862f494d19ec589f19 # v4.52.5
|
||||
uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2
|
||||
with:
|
||||
cmd: |
|
||||
yq e '.image.tag = strenv(RELEASE_TAG)' 'helm-charts/charts/zot/values.yaml' > values-updated.yaml
|
||||
|
||||
@@ -49,7 +49,7 @@ jobs:
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
@@ -57,6 +57,6 @@ jobs:
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
|
||||
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
+14
-14
@@ -24,10 +24,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -50,7 +50,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: coverage-minimal
|
||||
path: coverage-minimal.txt
|
||||
@@ -66,10 +66,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -92,7 +92,7 @@ jobs:
|
||||
AWS_ACCESS_KEY_ID: fake
|
||||
AWS_SECRET_ACCESS_KEY: fake
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: coverage-extended
|
||||
path: coverage-extended.txt
|
||||
@@ -108,10 +108,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -126,7 +126,7 @@ jobs:
|
||||
- name: run zot development-mode unit tests (possibly using failure injection)
|
||||
run: make test-devmode
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: coverage-devmode
|
||||
path: coverage-dev-*.txt
|
||||
@@ -141,10 +141,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
@@ -168,7 +168,7 @@ jobs:
|
||||
GCSMOCK_ENDPOINT: http://localhost:9000/
|
||||
STORAGE_EMULATOR_HOST: localhost:9000
|
||||
- name: upload coverage
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: coverage-needprivileges
|
||||
path: coverage-needprivileges-*.txt
|
||||
@@ -186,7 +186,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: download all workflow coverage files
|
||||
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
|
||||
- name: merge code coverage
|
||||
@@ -200,7 +200,7 @@ jobs:
|
||||
mkdir unified-coverage
|
||||
cp coverage.txt coverage.html unified-coverage/
|
||||
- name: upload unified-coverage as build artifact
|
||||
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
||||
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
|
||||
with:
|
||||
name: unified-coverage
|
||||
path: unified-coverage/*
|
||||
|
||||
@@ -29,7 +29,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
cd $GITHUB_WORKSPACE
|
||||
|
||||
@@ -27,10 +27,10 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Cache go dependencies
|
||||
id: cache-go-dependencies
|
||||
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
|
||||
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
|
||||
with:
|
||||
path: |
|
||||
~/go/pkg/mod
|
||||
|
||||
@@ -26,7 +26,7 @@ jobs:
|
||||
with:
|
||||
cache: false
|
||||
check-latest: true
|
||||
go-version: 1.25.x
|
||||
go-version: 1.26.x
|
||||
- name: Checkout
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
with:
|
||||
|
||||
Reference in New Issue
Block a user