Skip to content

fix(deps): bump github.com/go-resty/resty/v2 from 2.15.1 to 2.15.3 #142

fix(deps): bump github.com/go-resty/resty/v2 from 2.15.1 to 2.15.3

fix(deps): bump github.com/go-resty/resty/v2 from 2.15.1 to 2.15.3 #142

# This workflow run linters and tests, and publishes a new image if there is a release or
# push to main. It is supposed to be run on each push to main branch, on each release, as
# well as for each push in pull request.
name: Code and Image workflow
on:
pull_request:
branches: [ '*' ]
push:
branches:
- "main"
tags:
- 'v*'
env:
REGISTRY: docker.io
REPOSITORY: linode
IMAGE: linode-cosi-driver
permissions:
contents: read
jobs:
commitlint:
name: Lint commit messages
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: wagoid/commitlint-github-action@v6
with:
configFile: .commitlintrc.mjs
golangci-lint:
name: Run golangci-lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
cache: false
- uses: golangci/golangci-lint-action@v6
with:
version: latest
skip-cache: true
shell-linter:
name: Run Shellcheck, Checkmake
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout@v4
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
- uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
cache: false
- name: Install Checkmake
run: go install github.com/mrtazz/checkmake/cmd/checkmake@latest
- name: Run Checkmake
run: checkmake Makefile
- name: Run Checkmake on tests
run: checkmake test/Makefile
tests:
name: Run unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
cache: false
- run: |
make test
docker:
name: Build dev image and run scans
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Login to registry
if: startsWith(github.ref, 'refs/tags/v') || (github.ref == 'refs/heads/main')
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Capture latest tag if exists
uses: actions-ecosystem/action-get-latest-tag@v1
id: get-latest-tag
with:
semver_only: true
with_initial_version: true
initial_version: v0.0.0
- name: Set proper tags
id: tags
run: |
./scripts/tags.sh \
"${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE }}" \
"${{ github.sha }}" \
"${{ github.ref_name }}" \
"${{ steps.get-latest-tag.outputs.tag }}" \
"${GITHUB_OUTPUT}"
- name: Build image
uses: docker/build-push-action@v6
with:
push: ${{ startsWith(github.ref, 'refs/tags/v') || (github.ref == 'refs/heads/main') }}
load: ${{ !(startsWith(github.ref, 'refs/tags/v') || (github.ref == 'refs/heads/main')) }}
tags: ${{ steps.tags.outputs.all }}
build-args: |
VERSION=${{ steps.tags.outputs.version }}
target: runtime
- name: Scan image using Grype
id: grype
uses: anchore/scan-action@v4
with:
image: ${{ steps.tags.outputs.full_version }}
output-format: table
- name: Scan image using Trivy
if: steps.grype.outcome == 'success' || steps.grype.outcome == 'failure'
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ steps.tags.outputs.full_version }}
format: table
exit-code: '1'
severity: 'CRITICAL,HIGH,MEDIUM'