Skip to content
Local CI

feat: test secure image publishing #25

Sign in to view logs

feat: test secure image publishing

feat: test secure image publishing #25

Workflow file for this run

.github/workflows/ci_local.yml at 501667f
name: Local CI
on:
push:
branches:
- 'main'
pull_request:
branches:
- 'main'
permissions:
contents: none
issues: none
pull-requests: none
actions: none
security-events: none
env:
GO_VERSION: 1.24
GOLANGCI_LINT_VERSION: v2.1
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: "${{ env.GO_VERSION }}"
- name: Run all tests
run: make test
- name: Build all binaries
run: make build
weave-check:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Install weaver
run: |
WEAVER_VERSION="$(curl -s https://api.github.com/repos/open-telemetry/weaver/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')"
curl -L -o /tmp/weaver.tar.xz "https://github.com/open-telemetry/weaver/releases/download/${WEAVER_VERSION}/weaver-x86_64-unknown-linux-gnu.tar.xz"
mkdir -p "${HOME}/bin"
tar -xJf /tmp/weaver.tar.xz
mv weaver-x86_64-unknown-linux-gnu/weaver "${HOME}/bin/weaver"
chmod +x "${HOME}/bin/weaver"
echo "${HOME}/bin" >> "${GITHUB_PATH}"
rm -rf "weaver-x86_64-unknown-linux-gnu/"
- name: Install jq
run: sudo apt-get update && sudo apt-get install -y jq
- name: Setup Go workspace
run: make workspace
- name: Run weaver check
run: make weaver-check
- name: Generate test OCSF and Gemara logs and validate with weaver live-check
run: make weaver-semantic-check
detect-modules:
runs-on: ubuntu-latest
outputs:
modules: "${{ steps.set-modules.outputs.modules }}"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: "${{ env.GO_VERSION }}"
- id: setup-workspace
run: make workspace
- id: set-modules
run: echo "modules=$(go list -m -json | jq -s '.' | jq -c '[.[].Dir]')" >> "${GITHUB_OUTPUT}"
verify-codegen:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: "${{ env.GO_VERSION }}"
- name: Install weaver
run: |
WEAVER_VERSION="$(curl -s https://api.github.com/repos/open-telemetry/weaver/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')"
curl -L -o /tmp/weaver.tar.xz "https://github.com/open-telemetry/weaver/releases/download/${WEAVER_VERSION}/weaver-x86_64-unknown-linux-gnu.tar.xz"
mkdir -p "${HOME}/bin"
tar -xJf /tmp/weaver.tar.xz
mv weaver-x86_64-unknown-linux-gnu/weaver "${HOME}/bin/weaver"
chmod +x "${HOME}/bin/weaver"
echo "${HOME}/bin" >> "${GITHUB_PATH}"
rm -rf weaver-x86_64-unknown-linux-gnu/
- name: Install oapi-codegen
run: go install github.com/oapi-codegen/oapi-codegen/v2/cmd/oapi-codegen@latest
- name: Add Go bin to PATH
run: echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH"
- name: Setup workspace
run: make workspace
- name: Install dependencies
run: |
for m in "./compass" "./proofwatch" "./truthbeam"; do
(cd "${m}" && go mod download)
done
- name: Run code generation
run: |
make api-codegen
make weaver-codegen
- name: Check for diffs
run: |
if [ -n "$(git status --porcelain)" ]; then
echo "ERROR: Code generation produced diffs. Please run 'make api-codegen' and 'make weaver-codegen' and commit the changes."
echo ""
echo "Changes detected:"
git status --porcelain
echo ""
echo "Diff:"
git diff
exit 1
else
echo "SUCCESS: No diffs detected. Code generation is up to date."
fi