Skip to content

Update ossf/scorecard-action action to v2.4.1 #3359

Update ossf/scorecard-action action to v2.4.1

Update ossf/scorecard-action action to v2.4.1 #3359

Workflow file for this run

name: Continuous Integration
on:
push:
branches:
- main
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- main
schedule:
- cron: "0 5 * * *" # runs every day at 5am UTC
merge_group:
types:
- checks_requested
defaults:
run:
shell: bash
concurrency:
group: ${{ github.ref_name }}-ci
cancel-in-progress: true
permissions:
contents: read
jobs:
unit-test:
name: Unit Test
runs-on: ubuntu-24.04
permissions:
contents: read
strategy:
fail-fast: false
matrix:
go-version: ["1.21", "1.22", stable]
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Golang Environment
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: ${{ matrix.go-version }}
- name: Run Unit Tests
run: make unit-test
build:
name: Build Client
runs-on: ubuntu-24.04
permissions:
contents: write
issues: write
if: ${{ github.event.repository.fork == false }}
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Switch Repository (Nightly)
if: (github.event_name == 'schedule')
run: |
sed -i 's|pkgs.nginx.com|pkgs-test.nginx.com|g' docker/Dockerfile
sed -i '16d' docker/Dockerfile
sed -i "17i sed -i 's|pkgs|pkgs-test|g' /etc/apt/apt.conf.d/90pkgs-nginx" docker/Dockerfile
sed -i 's|deb https|deb [trusted=yes] https|g' docker/Dockerfile
sed -i 's|\${NGINX_PLUS_VERSION}/||g' docker/Dockerfile
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
- name: Build Plus Docker Image
uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
with:
file: docker/Dockerfile
tags: nginx-plus
cache-from: type=gha
cache-to: type=gha,mode=max
load: true
secrets: |
"nginx-repo.crt=${{ secrets.NGINX_CRT }}"
"nginx-repo.key=${{ secrets.NGINX_KEY }}"
- name: Test Client
run: docker compose up test --exit-code-from test
- name: Test Client No Stream
run: docker compose up test-no-stream --exit-code-from test-no-stream
- name: Create/Update Draft
uses: lucacome/draft-release@5d29432a46bff6c122cd4b07a1fb94e1bb158d34 # v1.1.1
id: release-notes
with:
minor-label: "enhancement"
major-label: "change"
publish: ${{ github.ref_type == 'tag' }}
collapse-after: 50
if: ${{ github.event_name == 'push' }}
- name: Setup Golang Environment
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: stable
if: ${{ github.ref_type == 'tag' }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
with:
version: v2.6.1 # renovate: datasource=github-tags depName=goreleaser/goreleaser
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_COMMUNITY }}
if: ${{ github.ref_type == 'tag' }}