Skip to content

chore(deps): update anchore/sbom-action digest to 7191336 #5667

chore(deps): update anchore/sbom-action digest to 7191336

chore(deps): update anchore/sbom-action digest to 7191336 #5667

Workflow file for this run

name: build
on:
push:
branches:
- feature/workflows
- main
paths-ignore:
- "README.md"
- "docs/**"
pull_request:
branches:
- main
paths-ignore:
- "README.md"
- "docs/**"
env:
GO_VERSION: '1.20'
jobs:
lint:
runs-on: ubuntu-latest
env:
GOPATH: /home/runner/work/open-feature/flagd
GOBIN: /home/runner/work/open-feature/flagd/bin
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- name: Setup go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
with:
go-version: ${{ env.GO_VERSION }}
- run: make workspace-init
- run: make lint
docs-check:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- name: Setup go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
with:
go-version: ${{ env.GO_VERSION }}
- run: make workspace-init
- run: make generate-docs
- name: Check no diff
run: |
if [ ! -z "$(git status --porcelain)" ]; then echo "Doc generation produced diff. Run 'make generate-docs' and commit results."; exit 1; fi
test:
runs-on: ubuntu-latest
env:
GOPATH: /home/runner/work/open-feature/flagd
GOBIN: /home/runner/work/open-feature/flagd/bin
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- name: Setup go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
with:
go-version: ${{ env.GO_VERSION }}
- run: make workspace-init
- run: make test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3
docker-local:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
submodules: recursive
- name: Setup go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Set up QEMU
uses: docker/setup-qemu-action@master
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
- name: Build
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5
with:
context: .
file: ./flagd/build.Dockerfile
outputs: type=docker,dest=${{ github.workspace }}/flagd-local.tar
tags: flagd-local:test
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
input: /github/workspace/flagd-local.tar
format: "template"
template: "@/contrib/sarif.tpl"
output: "trivy-results.sarif"
severity: "CRITICAL,HIGH"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3
with:
sarif_file: "trivy-results.sarif"
integration-test: # caching tests are disabled due to slow file I/O in github actions
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
submodules: recursive
- name: Setup go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Workspace init
run: make workspace-init
- name: Build flagd binary
run: make build
- name: Run flagd binary in background
run: |
./bin/flagd start \
-f file:${{ github.workspace }}/test-harness/flags/testing-flags.json \
-f file:${{ github.workspace }}/test-harness/flags/custom-ops.json \
-f file:${{ github.workspace }}/test-harness/flags/evaluator-refs.json \
-f file:${{ github.workspace }}/test-harness/flags/zero-flags.json &
- name: Run evaluation test suite
run: go clean -testcache && go test -cover ./test/integration