Skip to content

Upgrade golang.org/x/crypto to v0.31.0 #806

Upgrade golang.org/x/crypto to v0.31.0

Upgrade golang.org/x/crypto to v0.31.0 #806

Workflow file for this run

name: CI
on:
push:
branches: [main]
tags: ["*"]
pull_request:
jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- os: linux
image: ubuntu-latest
arch: 386
setup: sudo apt-get update && sudo apt-get install -qq gcc-i686-linux-gnu
env:
CC: i686-linux-gnu-gcc
CXX: i686-linux-gnu-g++
- os: linux
image: ubuntu-latest
arch: amd64
env: {}
- os: linux
image: ubuntu-latest
arch: arm
setup: sudo apt-get update && sudo apt-get install -qq gcc-arm-linux-gnueabi
env:
CC: arm-linux-gnueabi-gcc
CXX: arm-linux-gnueabi-g++
GOARM: 6
- os: linux
image: ubuntu-latest
arch: arm64
setup: sudo apt-get update && sudo apt-get install -qq gcc-aarch64-linux-gnu
env:
CC: aarch64-linux-gnu-gcc
CXX: aarch64-linux-gnu-g++
- os: macos
image: macos-latest
arch: amd64
env: {}
- os: macos
image: macos-latest
arch: arm64
env: {}
- os: windows
image: windows-latest
arch: amd64
setup: choco install sqlite
env: {}
name: Build (${{ matrix.os }}/${{ matrix.arch }})
runs-on: ${{ matrix.image }}
env: ${{ matrix.env }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup environment
run: ${{ matrix.setup }}
- run: go mod download
- run: make build ls
env:
GOARCH: ${{ matrix.arch }}
OUTPUT: dbmate-${{ matrix.os }}-${{ matrix.arch }}
- run: make test
if: ${{ matrix.arch == 'amd64' }}
env:
GOARCH: ${{ matrix.arch }}
- run: dist/dbmate-${{ matrix.os }}-${{ matrix.arch }} --help
if: ${{ matrix.arch == 'amd64' }}
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: dbmate-${{ matrix.os }}-${{ matrix.arch }}
path: dist/dbmate-*
- name: Publish binaries
uses: softprops/action-gh-release@v2
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
with:
files: dist/dbmate-*
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
docker:
name: Docker Test (linux/amd64)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure QEMU
uses: docker/setup-qemu-action@v3
- name: Configure Buildx
uses: docker/setup-buildx-action@v3
- name: Check Docker environment
run: |
set -x
docker version
docker buildx version
docker compose version
- name: Build Docker image
run: |
set -x
docker compose build
docker compose run --rm --no-deps dbmate --version
- name: Run make build
run: docker compose run --rm --no-deps dev make build ls
- name: Run make lint
run: docker compose run --rm --no-deps dev make lint
- name: Start test dependencies
run: |
set -x
docker compose pull --ignore-buildable --quiet
docker compose up --detach
docker compose run --rm dev make wait
- name: Run make test
run: docker compose run --rm dev make test
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') }}
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate Docker image tags
id: meta
uses: docker/metadata-action@v5
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') }}
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Publish Docker image
uses: docker/build-push-action@v6
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') }}
with:
context: .
target: release
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
npm:
name: NPM
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
registry-url: https://registry.npmjs.org
cache: npm
cache-dependency-path: typescript/package-lock.json
- uses: actions/download-artifact@v4
with:
path: dist
- run: find dist
- run: npm ci
working-directory: typescript
- run: npm run lint:ci
working-directory: typescript
- run: npm run generate
working-directory: typescript
- run: npm run publish
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
working-directory: typescript
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
dependabot:
name: Dependabot
runs-on: ubuntu-latest
permissions:
pull-requests: write
if: github.event.pull_request.user.login == 'dependabot[bot]'
steps:
- name: Automatically approve dependabot PRs
uses: octokit/[email protected]
with:
route: POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews
owner: ${{ github.event.repository.owner.login }}
repo: ${{ github.event.repository.name }}
pull_number: ${{ github.event.pull_request.number }}
event: APPROVE
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}