additions to bump_go1.19 (#97)

Update 
* GitHub actions to address deprecations (node 12-16, set-output, save-state)
* Dockefile
* developer dependencies (Depfile)

.github/workflows/ci.yaml

@@ -33,13 +33,13 @@ jobs:
           token: ${{ secrets.VAULT_TOKEN }}
           secrets: |
             kv/data/github  "SSH_PRIVATE_KEY"     | SSH_PRIVATE_KEY;
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ env.GO_VERSION }}
       - name: Setup caching
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
@@ -71,7 +71,7 @@ jobs:
     if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') )
     steps:
       - name: Read Configuration
-        uses: hashicorp/[email protected].1
+        uses: hashicorp/[email protected].3
         id: vault
         with:
           url: ${{ env.VAULT_ADDR }}
@@ -80,11 +80,11 @@ jobs:
             kv/data/github  "SSH_PRIVATE_KEY"     | SSH_PRIVATE_KEY;
             kv/data/github  "USERNAME"            | DOCKER_USERNAME;
             kv/data/github  "DOCKER_PUSH_TOKEN"   | DOCKER_PASSWORD;
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ env.GO_VERSION }}
       - name: Setup caching
@@ -95,7 +95,7 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-go-
       - name: Login to GitHub Packages Docker Registry
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           registry: https://ghcr.io
           username: ${{ env.DOCKER_USERNAME }}
@@ -122,22 +122,22 @@ jobs:
     # Only release when ref is a tag
     if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ env.GO_VERSION }}
       - name: Setup caching
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
             ${{ runner.os }}-go-
       - name: Read Configuration
-        uses: hashicorp/[email protected].1
+        uses: hashicorp/[email protected].3
         id: vault
         with:
           url: ${{ env.VAULT_ADDR }}
@@ -166,11 +166,11 @@ jobs:
     runs-on: windows-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Read Configuration
-        uses: hashicorp/[email protected].1
+        uses: hashicorp/[email protected].3
         id: vault
         with:
           url: ${{ env.VAULT_ADDR }}
@@ -182,7 +182,7 @@ jobs:
         shell: bash
         run: |
           hub release download "${GITHUB_REF#refs/tags/}" -i '*windows_x86_64*.zip'
-          printf "::set-output name=zip::%s\n" *.zip
+          printf "zip=%s\n" *.zip >> $GITHUB_OUTPUT
           unzip -o *.zip && rm -v *.zip
         env:
           GITHUB_TOKEN: ${{ steps.vault.outputs.ROOT_TOKEN }}
@@ -201,7 +201,7 @@ jobs:
         run: |
           mkdir -p build
           msi="$(basename "$ZIP_FILE" ".zip").msi"
-          printf "::set-output name=msi::%s\n" "$msi"
+          printf "msi=${msi}" >> $GITHUB_OUTPUT
           go-msi make --arch amd64 --msi "$PWD/$msi" --out "$PWD/build" --version "${GITHUB_REF#refs/tags/}"
       - name: Upload MSI
         shell: bash

.github/workflows/codeql-analysis.yml

@@ -28,11 +28,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -43,7 +43,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -57,4 +57,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2

.github/workflows/gitleaks-check.yml

@@ -6,7 +6,7 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: gitleaks-check

.golangci.yaml

@@ -95,7 +95,7 @@ linters:
     - misspell
     - nakedret
     - noctx
-    - rowserrcheck
+    # - rowserrcheck disabled https://github.com/golangci/golangci-lint/issues/2649.
     - staticcheck
     - stylecheck
     - testpackage

Depfile

@@ -2,29 +2,31 @@
 bin:
   vault:
     url: "https://releases.hashicorp.com/vault/{{.Version}}/vault_{{.Version}}_{{.OS}}_{{.Arch}}.zip"
-    version: "1.8.1"
+    version: "1.8.12"
     zipPaths:
     - "./vault"
     sha:
-      linux-amd64: "bb411f2bbad79c2e4f0640f1d3d5ef50e2bda7d4f40875a56917c95ff783c2db"
-      darwin-amd64: "f87221e4f56b3da41f0a029bf2b48896ec3be84dd7075bdb9466def1e056f809"
-      darwin-arm64: "571985c34990a2a7b913cee8c50be42b34c8d8cb751a2aed2c80121ad4b4e44b"
+      linux-amd64: "88c280945db62b118435ec1bf0086a719f6b6551cba052e5f8d1e25a80884bca"
+      linux-arm64: "e57e719e1eec9bce9057751e2583907210d3ac99c0a01897479506fbb2af828d"
+      darwin-amd64: "b398481bf33ebf9563cf69d7639014f0d652a2d5e26c0a9a424e2a39bb853354"
+      darwin-arm64: "20aead134ef8e77cb70efcfe047fc2e381793004fba103e7692b7dab00fe5131"
+
 go:
-  mockgen:
-    importPath: github.com/golang/mock/mockgen
-    version: "v1.6.0"
-  goreleaser:
-    importPath: github.com/goreleaser/goreleaser
-    version: "v1.0.0"
+  sver:
+    importPath: "github.com/aserto-dev/sver/cmd/sver"
+    version: "v1.3.11"
   wire:
     importPath: "github.com/google/wire/cmd/wire"
     version: "v0.5.0"
-  sver:
-    importPath: "github.com/aserto-dev/sver/cmd/sver"
-    version: "v1.3.9"
+  goreleaser:
+    importPath: github.com/goreleaser/goreleaser
+    version: "v1.12.3"
   gotestsum:
     importPath: "gotest.tools/gotestsum"
     version: "v1.8.2"
   golangci-lint:
     importPath: "github.com/golangci/golangci-lint/cmd/golangci-lint"
     version: "v1.50.1"
+  mockgen:
+    importPath: github.com/golang/mock/mockgen
+    version: "v1.6.0"

Dockerfile

@@ -26,7 +26,7 @@ LABEL org.opencontainers.image.url="https://openpolicyregistry.io"
 
 RUN apk add --no-cache bash
 WORKDIR /app
-COPY --from=build /src/dist/build_linux_amd64/policy /app/
+COPY --from=build /src/dist/build_linux_amd64_v1/policy /app/
 
 COPY --from=build /src/scripts /app/
 RUN  chmod +x /app/*.sh