chore(deps): Update node.js deps (#2100) #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Snapshots | |
| on: | |
| push: | |
| paths-ignore: | |
| - "docs/**" | |
| branches: | |
| - main | |
| jobs: | |
| tests: | |
| name: Run tests | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| lfs: true | |
| - name: Install Go and cache dependencies | |
| uses: ./.github/actions/setup-go | |
| with: | |
| cross_compiling: true | |
| write_build_cache: true | |
| - name: Generate | |
| run: make generate | |
| - name: Check repo status | |
| run: |- | |
| REPO_STATUS="$(git status --porcelain)" | |
| if [[ ! -z $REPO_STATUS ]]; then | |
| echo "::error::Uncommitted changes detected" | |
| echo "$REPO_STATUS" | |
| exit 1 | |
| fi | |
| - name: Test | |
| run: make test-all | |
| env: | |
| CERBOS_LOG_LEVEL: "debug" | |
| - name: Upload unit coverage to Coveralls | |
| uses: shogo82148/actions-goveralls@v1 | |
| with: | |
| path-to-profile: unit.cover | |
| flag-name: unit-main | |
| - name: Upload integration coverage to Coveralls | |
| uses: shogo82148/actions-goveralls@v1 | |
| with: | |
| path-to-profile: integration.cover | |
| flag-name: integration-main | |
| publishContainers: | |
| name: Publish Dev Containers | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| needs: ["tests"] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: false # this might remove tools that are actually needed, if set to "true" but frees about 6 GB | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| docker-images: true | |
| swap-storage: true | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| lfs: true | |
| - name: Set up QEMU | |
| id: qemu | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| image: tonistiigi/binfmt:latest | |
| platforms: arm64 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: docker.io | |
| username: ${{ secrets.DOCKER_HUB_USER }} | |
| password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
| - name: Install Go and cache dependencies | |
| uses: ./.github/actions/setup-go | |
| with: | |
| cross_compiling: true | |
| write_build_cache: true | |
| - name: Install cosign | |
| uses: sigstore/[email protected] | |
| - name: GoReleaser | |
| uses: goreleaser/goreleaser-action@v5 | |
| with: | |
| version: latest | |
| args: release --config=.goreleaser.yml --clean --snapshot --skip=publish | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| TELEMETRY_WRITE_KEY: ${{ secrets.TELEMETRY_WRITE_KEY }} | |
| TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }} | |
| - name: Push Cerbos dev images | |
| run: | | |
| docker push ghcr.io/cerbos/cerbos:dev-amd64 | |
| docker push ghcr.io/cerbos/cerbos:dev-arm64 | |
| docker manifest create ghcr.io/cerbos/cerbos:${{ github.sha }} ghcr.io/cerbos/cerbos:dev-arm64 ghcr.io/cerbos/cerbos:dev-amd64 | |
| docker manifest push ghcr.io/cerbos/cerbos:${{ github.sha }} | |
| docker manifest create ghcr.io/cerbos/cerbos:dev ghcr.io/cerbos/cerbos:dev-arm64 ghcr.io/cerbos/cerbos:dev-amd64 | |
| docker manifest push ghcr.io/cerbos/cerbos:dev | |
| - name: Push Cerbosctl dev images | |
| run: | | |
| docker push ghcr.io/cerbos/cerbosctl:dev-amd64 | |
| docker push ghcr.io/cerbos/cerbosctl:dev-arm64 | |
| docker manifest create ghcr.io/cerbos/cerbosctl:${{ github.sha }} ghcr.io/cerbos/cerbosctl:dev-arm64 ghcr.io/cerbos/cerbosctl:dev-amd64 | |
| docker manifest push ghcr.io/cerbos/cerbosctl:${{ github.sha }} | |
| docker manifest create ghcr.io/cerbos/cerbosctl:dev ghcr.io/cerbos/cerbosctl:dev-arm64 ghcr.io/cerbos/cerbosctl:dev-amd64 | |
| docker manifest push ghcr.io/cerbos/cerbosctl:dev | |
| - name: Push Cerbos dev images to Docker Hub | |
| run: | | |
| docker push docker.io/cerbos/cerbos:dev-amd64 | |
| docker push docker.io/cerbos/cerbos:dev-arm64 | |
| docker manifest create docker.io/cerbos/cerbos:dev docker.io/cerbos/cerbos:dev-arm64 docker.io/cerbos/cerbos:dev-amd64 | |
| docker manifest push docker.io/cerbos/cerbos:dev | |
| - name: Push Cerbosctl dev images to Docker Hub | |
| run: | | |
| docker push docker.io/cerbos/cerbosctl:dev-amd64 | |
| docker push docker.io/cerbos/cerbosctl:dev-arm64 | |
| docker manifest create docker.io/cerbos/cerbosctl:dev docker.io/cerbos/cerbosctl:dev-arm64 docker.io/cerbos/cerbosctl:dev-amd64 | |
| docker manifest push docker.io/cerbos/cerbosctl:dev | |
| publishProtos: | |
| name: Publish Protobufs | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: ["tests"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Buf | |
| uses: bufbuild/[email protected] | |
| with: | |
| github_token: ${{ github.token }} | |
| - name: Push public API to BSR | |
| uses: bufbuild/[email protected] | |
| with: | |
| buf_token: ${{ secrets.BUF_TOKEN }} | |
| input: api/public | |
| - name: Push private API to BSR | |
| uses: bufbuild/[email protected] | |
| with: | |
| buf_token: ${{ secrets.BUF_TOKEN }} | |
| input: api/private |