This repository was archived by the owner on Aug 11, 2025. It is now read-only.

Update dependency go #780

	name: lint, test and build image
	on: [pull_request, push]

	jobs:
	lint-test:
	runs-on: ubuntu-latest
	steps:
	- name: Install Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'
	- name: Checkout code
	uses: actions/checkout@v4
	- name: golangci-lint
	uses: golangci/golangci-lint-action@v7
	with:
	skip-cache: true
	args: --config .golangci.yml --timeout 2m
	version: v2.1.2
	- name: Test
	run: go test ./...
	build:
	runs-on: ubuntu-latest
	needs: [lint-test]
	steps:
	- name: Install Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'

	- name: Checkout code
	uses: actions/checkout@v4

	- name: build binary
	run: make build

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build Docker image - no push
	id: docker-build
	uses: docker/build-push-action@v6
	with:
	context: .
	push: false
	tags: ghcr.io/metal-toolbox/bomservice:latest
	file: Dockerfile

	- name: Scan image
	id: scan-image
	uses: anchore/scan-action@v6
	with:
	image: ghcr.io/metal-toolbox/bomservice:latest
	# XXX: this generates a warning => acs-report-enable: true
	# TODO(joel): Fail build once we migrate off CentOS.
	fail-build: false

	# TODO(joel): Uncomment once we migrate off CentOS.
	# - name: upload Anchore scan SARIF report
	# uses: github/codeql-action/upload-sarif@v2
	# with:
	# sarif_file: ${{ steps.scan.outputs.sarif }}
	# # This should run even if we fail the container scan
	# if: always()

	- name: Inspect action SARIF report
	run: cat ${{ steps.scan.outputs.sarif }}
	# This should run even if we fail the container scan
	if: always()

Provide feedback