Skip to content

Commit

Permalink
use git hash instead of mutable tags and make sure we install latest …
Browse files Browse the repository at this point in the history
…go (open-telemetry#526)

Signed-off-by: cpanato <ctadeu@gmail.com>
  • Loading branch information
cpanato authored Apr 12, 2024
1 parent 79709ec commit 4984e23
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 36 deletions.
14 changes: 7 additions & 7 deletions .github/workflows/base-ci-goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,34 +36,34 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
with:
fetch-depth: 0

- name: Setup QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
with:
platforms: arm64,ppc64le,linux/arm/v7,s390x

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0

- name: Setup Go
uses: actions/setup-go@v5
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '~1.22.1'
go-version: '1.22'
check-latest: true

- name: Generate the sources
run: make generate-sources

- name: Run GoReleaser for ${{ inputs.distribution }}
uses: goreleaser/goreleaser-action@v5
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
with:
distribution: goreleaser-pro
version: latest
workdir: distributions/${{ inputs.distribution }}
args: --snapshot --clean --skip-sign --skip-sbom --timeout 2h --split
args: --snapshot --clean --skip=sign,sbom --timeout 2h --split
env:
GOOS: ${{ matrix.GOOS }}
GOARCH: ${{ matrix.GOARCH }}
Expand Down
49 changes: 25 additions & 24 deletions .github/workflows/base-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,36 +35,36 @@ jobs:
runs-on: ubuntu-20.04

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
with:
fetch-depth: 0

- uses: sigstore/cosign-installer@v3
- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0

- uses: anchore/sbom-action/download-syft@v0.15.10
- uses: anchore/sbom-action/download-syft@ab5d7b5f48981941c4c5d6bf33aeb98fe3bae38c # v0.15.10

- uses: docker/setup-qemu-action@v3
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
with:
platforms: arm64,ppc64le,linux/arm/v7,s390x

- uses: docker/setup-buildx-action@v3
- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0

- uses: actions/setup-go@v5
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '~1.22.1'
go-version: '1.22'
check-latest: true

- name: Generate distribution sources
run: make generate-sources

- name: Log into Docker.io
uses: docker/login-action@v3
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Login to GitHub Package Registry
uses: docker/login-action@v3
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
Expand All @@ -74,8 +74,7 @@ jobs:
run: |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- uses: goreleaser/goreleaser-action@v5
if: steps.cache.outputs.cache-hit != 'true' # do not run if cache hit
- uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
with:
distribution: goreleaser-pro
version: latest
Expand All @@ -88,7 +87,7 @@ jobs:
COSIGN_YES: true
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}

- uses: actions/upload-artifact@v4
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: artifacts-${{ inputs.distribution }}-${{ matrix.GOOS }}-${{ matrix.GOARCH }}
path: distributions/${{ inputs.distribution }}/dist/**/*
Expand All @@ -105,26 +104,26 @@ jobs:
contents: write

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
with:
fetch-depth: 0

- uses: sigstore/cosign-installer@v3
- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0

- uses: anchore/sbom-action/download-syft@v0.15.10
- uses: anchore/sbom-action/download-syft@ab5d7b5f48981941c4c5d6bf33aeb98fe3bae38c # v0.15.10

- uses: docker/setup-qemu-action@v3
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
with:
platforms: arm64,ppc64le,s390x

- uses: docker/setup-buildx-action@v3
- uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0

- uses: actions/setup-go@v5
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '~1.22.1'
go-version: '1.22'
check-latest: true

- uses: actions/download-artifact@v4
- uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
pattern: artifacts-${{ inputs.distribution }}-*
path: distributions/${{ inputs.distribution }}/dist
Expand All @@ -134,17 +133,19 @@ jobs:
run: ls -R distributions/${{ inputs.distribution }}/dist

- name: Log into Docker.io
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Login to GitHub Package Registry
uses: docker/login-action@v3
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- uses: goreleaser/goreleaser-action@v5
if: steps.cache.outputs.cache-hit != 'true' # do not run if cache hit
- uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
with:
distribution: goreleaser-pro
version: latest
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,14 @@ jobs:
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
with:
fetch-depth: 0

- name: Setup Go
uses: actions/setup-go@v5
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '~1.22.1'
go-version: '1.22'
check-latest: true

- name: Verify
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/shellcheck.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,6 @@ jobs:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.2
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@2.0.0
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0

0 comments on commit 4984e23

Please sign in to comment.