Skip to content

build(deps): bump the dependencies group with 3 updates #28380

build(deps): bump the dependencies group with 3 updates

build(deps): bump the dependencies group with 3 updates #28380

Workflow file for this run

name: ci
on:
push:
branches:
- main
- 7.1*
- 8.*
- 9.*
paths-ignore: # When updating the list of expressions also update ci-docs.yml
- '**.md'
- '**.asciidoc'
- '**.png'
- '**.svg'
pull_request:
paths-ignore: # When updating the list of expressions also update ci-docs.yml
- '**.md'
- '**.asciidoc'
- '**.png'
- '**.svg'
merge_group:
# limit the access of the generated GITHUB_TOKEN
permissions:
contents: read
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false
- uses: actions/cache@v4
with:
path: |
~/go/pkg/mod/cache
key: go-${{ hashFiles('go.mod') }}
restore-keys: |
go-
- run: make check-full
test:
strategy:
matrix:
os: ['macos-latest', 'ubuntu-latest', 'windows-2025']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false
- uses: actions/cache/restore@v4
with:
enableCrossOsArchive: true
path: |
~/go/pkg/mod/cache
key: go-${{ hashFiles('go.mod') }}
restore-keys: |
go-
- run: go test -v -race ./...
test-fips:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false
- uses: actions/cache@v4
with:
path: |
~/go/pkg/mod/cache
key: go-${{ hashFiles('go.mod') }}
restore-keys: |
go-
- env:
GOFIPS140: "latest"
# TODO: disable X25519MLKEM768 until upstream go issue is fixed https://github.com/golang/go/issues/74630#issuecomment-3224191006
GODEBUG: "fips140=only,tlsmlkem=0"
run: go test -v -race -tags=requirefips ./...
system-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: systemtest/go.mod
cache: false
- run: docker compose up -d
- uses: actions/cache@v4
with:
path: |
~/go/pkg/mod/cache
key: systemtest-go-${{ hashFiles('systemtest/go.mod', 'go.mod') }}
restore-keys: |
systemtest-go-
- env:
GOTESTFLAGS: "-v"
GH_TOKEN: ${{ github.token }}
run: make system-test
system-test-fips:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: systemtest/go.mod
cache: false
- run: docker compose up -d
- uses: actions/cache@v4
with:
path: |
~/go/pkg/mod/cache
key: systemtest-go-${{ hashFiles('systemtest/go.mod', 'go.mod') }}
restore-keys: |
systemtest-go-
- env:
GOTESTFLAGS: "-v -tags=requirefips"
GOFIPS140: "latest"
# TODO: disable X25519MLKEM768 until upstream go issue is fixed https://github.com/golang/go/issues/74630#issuecomment-3224191006
GODEBUG: "fips140=only,tlsmlkem=0"
GH_TOKEN: ${{ github.token }}
run: make system-test
test-package:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false
- run: make package-snapshot
env:
GH_TOKEN: ${{ github.token }}
test-package-and-push:
runs-on: ubuntu-latest
# If no PR event or if a PR event that's caused by a non-fork and non dependabot actor
if: github.event_name != 'pull_request' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]' )
env:
GENERATE_WOLFI_IMAGES: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false
- name: Log in to the Elastic Container registry
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }}
username: ${{ secrets.ELASTIC_DOCKER_USERNAME }}
password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }}
- run: make package-snapshot
env:
GH_TOKEN: ${{ github.token }}
- run: make publish-docker-images
# Only for forked PRs/dependabot, when changing the Go version in go.mod, we need to note that the
# wolfi docker image needs to be validated.
validate-wolfi-docker-image:
runs-on: ubuntu-latest
if: ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true ) || github.actor == 'dependabot[bot]'
steps:
- uses: actions/checkout@v6
- name: Compare Go version in go.mod with target branch
id: go-mod-changed
run: |
git fetch --no-tags --depth=1 origin "${GITHUB_BASE_REF}"
BASE_GO_VERSION="$(git show FETCH_HEAD:go.mod | awk '/^go / {print $2; exit}')"
PR_GO_VERSION="$(awk '/^go / {print $2; exit}' go.mod)"
if [[ -z "${BASE_GO_VERSION}" || -z "${PR_GO_VERSION}" ]]; then
echo "Unable to determine Go version from go.mod."
exit 1
fi
if [[ "${BASE_GO_VERSION}" == "${PR_GO_VERSION}" ]]; then
echo "changed=false" >> "$GITHUB_OUTPUT"
else
echo "base_go_version=${BASE_GO_VERSION}"
echo "pr_go_version=${PR_GO_VERSION}"
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: If go.mod changed validate wolfi docker image is available.
if: steps.go-mod-changed.outputs.changed == 'true'
run: |
GO_VERSION=$(awk '/^go / {print $2; exit}' go.mod)
echo "If you change the Go version in go.mod please use a branch in the upstream repository to validate the wolfi images with test-package-and-push."
echo "Otherwise, this validation will run and fail the CI build."
echo "Please validate the wolfi image is available by running the following command:"
echo "::notice::docker pull docker.elastic.co/wolfi/go:${GO_VERSION}"
echo "If they are available you could skip this validation."
echo "However, we recommend to use an upstream branch to run the CI specialised steps for the packaging system."
exit 1