web: bump smol-toml from 1.6.0 to 1.6.1 #51066
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI - Outpost | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - next | |
| - version-* | |
| pull_request: | |
| branches: | |
| - main | |
| - version-* | |
| env: | |
| POSTGRES_DB: authentik | |
| POSTGRES_USER: authentik | |
| POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77" | |
| jobs: | |
| lint-golint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5 | |
| - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: "go.mod" | |
| - name: Prepare and generate API | |
| run: | | |
| # Create folder structure for go embeds | |
| mkdir -p web/dist | |
| mkdir -p website/help | |
| touch web/dist/test website/help/test | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v8 | |
| with: | |
| version: latest | |
| args: --timeout 5000s --verbose | |
| skip-cache: true | |
| test-unittest: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5 | |
| - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: "go.mod" | |
| - name: Setup authentik env | |
| uses: ./.github/actions/setup | |
| - name: prepare database | |
| run: | | |
| uv run make migrate | |
| - name: Go unittests | |
| run: | | |
| go test -timeout 0 -v -race -coverprofile=coverage.out -covermode=atomic -cover ./... | |
| ci-outpost-mark: | |
| if: always() | |
| needs: | |
| - lint-golint | |
| - test-unittest | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # release/v1 | |
| with: | |
| jobs: ${{ toJSON(needs) }} | |
| build-container: | |
| timeout-minutes: 120 | |
| needs: | |
| - ci-outpost-mark | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| type: | |
| - proxy | |
| - ldap | |
| - radius | |
| - rac | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # Needed to upload container images to ghcr.io | |
| packages: write | |
| # Needed for attestation | |
| id-token: write | |
| attestations: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 | |
| - name: prepare variables | |
| uses: ./.github/actions/docker-push-variables | |
| id: ev | |
| env: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_CORP_USERNAME }} | |
| with: | |
| image-name: ghcr.io/goauthentik/dev-${{ matrix.type }} | |
| - name: Login to Container Registry | |
| if: ${{ steps.ev.outputs.shouldPush == 'true' }} | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Docker Image | |
| id: push | |
| uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 | |
| with: | |
| tags: ${{ steps.ev.outputs.imageTags }} | |
| file: lifecycle/container/${{ matrix.type }}.Dockerfile | |
| push: ${{ steps.ev.outputs.shouldPush == 'true' }} | |
| build-args: | | |
| GIT_BUILD_HASH=${{ steps.ev.outputs.sha }} | |
| platforms: linux/amd64,linux/arm64 | |
| context: . | |
| cache-from: type=registry,ref=ghcr.io/goauthentik/dev-${{ matrix.type }}:buildcache | |
| cache-to: ${{ steps.ev.outputs.shouldPush == 'true' && format('type=registry,ref=ghcr.io/goauthentik/dev-{0}:buildcache,mode=max', matrix.type) || '' }} | |
| - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v3 | |
| id: attest | |
| if: ${{ steps.ev.outputs.shouldPush == 'true' }} | |
| with: | |
| subject-name: ${{ steps.ev.outputs.attestImageNames }} | |
| subject-digest: ${{ steps.push.outputs.digest }} | |
| push-to-registry: true | |
| build-binary: | |
| timeout-minutes: 120 | |
| needs: | |
| - ci-outpost-mark | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| type: | |
| - proxy | |
| - ldap | |
| - radius | |
| - rac | |
| goos: [linux] | |
| goarch: [amd64, arm64] | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v5 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: "go.mod" | |
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v5 | |
| with: | |
| node-version-file: web/package.json | |
| cache: "npm" | |
| cache-dependency-path: web/package-lock.json | |
| - name: Build web | |
| working-directory: web/ | |
| run: | | |
| npm ci | |
| npm run build-proxy | |
| - name: Build outpost | |
| run: | | |
| set -x | |
| export GOOS=${{ matrix.goos }} | |
| export GOARCH=${{ matrix.goarch }} | |
| export CGO_ENABLED=0 | |
| go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }} |