Skip to content

feat: Use osv-scalibr SBOM extractors #2732

feat: Use osv-scalibr SBOM extractors

feat: Use osv-scalibr SBOM extractors #2732

Workflow file for this run

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Checks
on:
push:
branches: [main, v2]
pull_request:
# The branches below must be a subset of the branches above
branches: [main, v2]
concurrency:
# Pushing new changes to a branch will cancel any in-progress CI runs
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# Restrict jobs in this workflow to have no permissions by default; permissions
# should be granted per job as needed using a dedicated `permissions` block
permissions: {}
jobs:
ensure_snapshots_are_being_cleaned:
permissions:
contents: read # to fetch code (actions/checkout)
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
persist-credentials: false
- run: scripts/report_uncleaned_snapshots.py
format:
permissions:
contents: read # to fetch code (actions/checkout)
name: prettier
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
persist-credentials: false
- name: Run lint action
uses: ./.github/workflows/format-action
lint:
permissions:
contents: read # to fetch code (actions/checkout)
name: golangci-lint
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
persist-credentials: false
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: stable
check-latest: true
- name: Run lint action
uses: ./.github/workflows/lint-action
prepare_test_image_fixtures:
permissions:
contents: read # to fetch code (actions/checkout)
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
persist-credentials: false
- run: scripts/build_test_images.sh
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: image-fixtures-${{ github.run_number }}-${{ github.run_attempt }}
path: internal/image/fixtures/*.tar
retention-days: 1
tests:
permissions:
contents: read # to fetch code (actions/checkout)
needs:
- prepare_test_image_fixtures
name: Run unit tests
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Check out code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
persist-credentials: false
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: image-fixtures-${{ github.run_number }}-${{ github.run_attempt }}
path: internal/image/fixtures/
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: stable
check-latest: true
- name: Run test action
uses: ./.github/workflows/test-action
with:
codecov_token: ${{ secrets.CODECOV_TOKEN }}