Skip to content

Bump go-jose and viper to address Blackduck (#432) #954

Bump go-jose and viper to address Blackduck (#432)

Bump go-jose and viper to address Blackduck (#432) #954

Workflow file for this run

name: Test
on:
push:
branches:
- master
pull_request:
env:
GOPROXY: ${{ vars.GOPROXY }}
DOCKER_BUILD_ARGS: "${{ vars.DOCKER_BUILD_ARGS }}"
jobs:
test:
name: Test
runs-on: ${{ vars.RUNNER_UBUNTU && fromJSON(vars.RUNNER_UBUNTU) || 'ubuntu-latest' }}
steps:
- name: Check out the repo
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build docker container image
uses: docker/build-push-action@v3
with:
context: .
file: builder.Dockerfile
pull: true
load: true
push: false
tags: ci-builder
build-args: |
${{ env.DOCKER_BUILD_ARGS }}
- name: "go work"
run: docker run --rm -v $(pwd):/work -w /work --entrypoint "/usr/bin/make" ci-builder go-work
- name: "make all"
run: docker run --rm -v $(pwd):/work -w /work --entrypoint "/usr/bin/make" ci-builder all
- name: "hack - workaround github actions runner filesystem permission issue"
# This hack should not be necessary, but if we don't do it, the
# next step fails during docker build as docker does not have
# permission to read files included in the github workspace that
# were written by the previous step. This is pretty daft as we
# don't even want or need docker to attempt to read these files
# during the image build. Github actions appears to give us no way
# to customise the build context to exclude it trying to read these
# files.
#
# Refs:
# https://docs.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user
# https://docs.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners#filesystems-on-github-hosted-runners
# https://github.com/actions/checkout/issues/211
run: |
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- name: "make check-tidy"
run: docker run --rm -v $(pwd):/work -w /work --entrypoint "/usr/bin/make" ci-builder check-tidy