feat: replace golang.sbom with common.sbom with js support #1243
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # THIS FILE WAS AUTOMATICALLY GENERATED BY KRES, PLEASE DO NOT EDIT. | |
| # | |
| # Generated on 2026-05-28T10:32:12Z by kres 100288b-dirty. | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| "on": | |
| push: | |
| branches: | |
| - main | |
| - release-* | |
| tags: | |
| - v* | |
| pull_request: | |
| branches: | |
| - main | |
| - release-* | |
| name: default | |
| jobs: | |
| default: | |
| permissions: | |
| actions: read | |
| contents: write | |
| id-token: write | |
| issues: read | |
| packages: write | |
| pull-requests: read | |
| runs-on: | |
| group: generic | |
| if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/')) | |
| steps: | |
| - name: gather-system-info | |
| id: system-info | |
| uses: kenchan0130/actions-system-info@59699597e84e80085a750998045983daa49274c4 # version: v1.4.0 | |
| continue-on-error: true | |
| - name: print-system-info | |
| run: | | |
| MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) | |
| OUTPUTS=( | |
| "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" | |
| "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" | |
| "Hostname: ${{ steps.system-info.outputs.hostname }}" | |
| "NodeName: ${NODE_NAME}" | |
| "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" | |
| "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" | |
| "Name: ${{ steps.system-info.outputs.name }}" | |
| "Platform: ${{ steps.system-info.outputs.platform }}" | |
| "Release: ${{ steps.system-info.outputs.release }}" | |
| "Total memory: ${MEMORY_GB} GB" | |
| ) | |
| for OUTPUT in "${OUTPUTS[@]}";do | |
| echo "${OUTPUT}" | |
| done | |
| continue-on-error: true | |
| - name: checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # version: v6.0.2 | |
| - name: Unshallow | |
| run: | | |
| git fetch --prune --unshallow | |
| - name: Set up Docker Buildx | |
| id: setup-buildx | |
| uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0 | |
| with: | |
| driver: remote | |
| endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 | |
| timeout-minutes: 10 | |
| - name: CI temp release tag | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| make ci-temp-release-tag | |
| - name: Check dirty | |
| if: github.event_name == 'pull_request' | |
| run: | | |
| make check-dirty | |
| - name: base | |
| run: | | |
| make base | |
| - name: kres | |
| run: | | |
| make kres | |
| - name: Login to registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # version: v4.2.0 | |
| with: | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| - name: image-kres | |
| run: | | |
| make image-kres | |
| - name: push-kres | |
| if: github.event_name != 'pull_request' | |
| env: | |
| PLATFORM: linux/amd64,linux/arm64 | |
| PUSH: "true" | |
| run: | | |
| make image-kres | |
| - name: push-kres-latest | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| env: | |
| PLATFORM: linux/amd64,linux/arm64 | |
| PUSH: "true" | |
| run: | | |
| make image-kres IMAGE_TAG=latest | |
| - name: Sign artifacts | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| find _out -type f -name _out/kres-* -exec cosign sign-blob --yes --bundle {}.bundle {} \; | |
| - name: Generate Checksums | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| cd _out | |
| sha256sum kres-* > sha256sum.txt | |
| sha512sum kres-* > sha512sum.txt | |
| - name: release-notes | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| make release-notes | |
| - name: Release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # version: v3.0.0 | |
| with: | |
| body_path: _out/RELEASE_NOTES.md | |
| draft: "true" | |
| files: |- | |
| _out/kres-* | |
| _out/sha*.txt | |
| _out/*.bundle | |
| lint: | |
| runs-on: | |
| group: generic | |
| if: github.event_name == 'pull_request' | |
| needs: | |
| - default | |
| steps: | |
| - name: gather-system-info | |
| id: system-info | |
| uses: kenchan0130/actions-system-info@59699597e84e80085a750998045983daa49274c4 # version: v1.4.0 | |
| continue-on-error: true | |
| - name: print-system-info | |
| run: | | |
| MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) | |
| OUTPUTS=( | |
| "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" | |
| "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" | |
| "Hostname: ${{ steps.system-info.outputs.hostname }}" | |
| "NodeName: ${NODE_NAME}" | |
| "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" | |
| "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" | |
| "Name: ${{ steps.system-info.outputs.name }}" | |
| "Platform: ${{ steps.system-info.outputs.platform }}" | |
| "Release: ${{ steps.system-info.outputs.release }}" | |
| "Total memory: ${MEMORY_GB} GB" | |
| ) | |
| for OUTPUT in "${OUTPUTS[@]}";do | |
| echo "${OUTPUT}" | |
| done | |
| continue-on-error: true | |
| - name: checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # version: v6.0.2 | |
| - name: Unshallow | |
| run: | | |
| git fetch --prune --unshallow | |
| - name: Set up Docker Buildx | |
| id: setup-buildx | |
| uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0 | |
| with: | |
| driver: remote | |
| endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 | |
| timeout-minutes: 10 | |
| - name: lint | |
| run: | | |
| make lint | |
| unit-tests: | |
| runs-on: | |
| group: generic | |
| if: github.event_name == 'pull_request' | |
| needs: | |
| - default | |
| steps: | |
| - name: gather-system-info | |
| id: system-info | |
| uses: kenchan0130/actions-system-info@59699597e84e80085a750998045983daa49274c4 # version: v1.4.0 | |
| continue-on-error: true | |
| - name: print-system-info | |
| run: | | |
| MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) | |
| OUTPUTS=( | |
| "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" | |
| "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" | |
| "Hostname: ${{ steps.system-info.outputs.hostname }}" | |
| "NodeName: ${NODE_NAME}" | |
| "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" | |
| "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" | |
| "Name: ${{ steps.system-info.outputs.name }}" | |
| "Platform: ${{ steps.system-info.outputs.platform }}" | |
| "Release: ${{ steps.system-info.outputs.release }}" | |
| "Total memory: ${MEMORY_GB} GB" | |
| ) | |
| for OUTPUT in "${OUTPUTS[@]}";do | |
| echo "${OUTPUT}" | |
| done | |
| continue-on-error: true | |
| - name: checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # version: v6.0.2 | |
| - name: Unshallow | |
| run: | | |
| git fetch --prune --unshallow | |
| - name: Set up Docker Buildx | |
| id: setup-buildx | |
| uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # version: v4.1.0 | |
| with: | |
| driver: remote | |
| endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 | |
| timeout-minutes: 10 | |
| - name: unit-tests | |
| run: | | |
| make unit-tests | |
| - name: unit-tests-race | |
| run: | | |
| make unit-tests-race | |
| - name: coverage | |
| uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # version: v6.0.1 | |
| with: | |
| files: _out/coverage-unit-tests.txt | |
| flags: unit-tests | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| timeout-minutes: 3 |