Compare commits

..

1 Commits

Author SHA1 Message Date
Sascha Ronnie Daoudia
0c5e9201d4
Merge d158756e42 into 93397bea11 2023-08-06 18:39:05 +02:00
48 changed files with 19506 additions and 67086 deletions

View File

@ -2,7 +2,7 @@
name: Bug report
about: Create a bug report
title: ''
labels: bug
labels: bug, needs triage
assignees: ''
---
@ -35,4 +35,4 @@ A description with steps to reproduce the issue. If your have a public example o
A description of what you expected to happen.
**Actual behavior:**
A description of what is actually happening.
A description of what is actually happening.

View File

@ -1,10 +0,0 @@
---
name: Custom issue template
about: Describe this issue template's purpose here.
title: ''
labels: ''
assignees: ''
---

View File

@ -2,11 +2,9 @@
name: Feature request
about: Suggest an idea for this project
title: ''
labels: ''
labels: feature request, needs triage
assignees: ''
---
<!--- Please direct any generic questions related to actions to our support community forum at https://github.community/c/code-to-cloud/github-actions/41 --->
<!--- Before opening up a new feature request, please make sure to check for similar existing issues and pull requests -->
@ -17,4 +15,4 @@ Describe your proposal.
Justification or a use case for your proposal.
**Are you willing to submit a PR?**
<!--- We accept contributions! -->
<!--- We accept contributions! -->

View File

@ -14,5 +14,3 @@ jobs:
call-basic-validation:
name: Basic validation
uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main
with:
node-version: '20'

View File

@ -15,5 +15,3 @@ jobs:
call-check-dist:
name: Check dist/
uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main
with:
node-version: '20'

View File

@ -1,84 +0,0 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '20 14 * * 5'
jobs:
analyze:
name: Analyze
# Runner size impacts CodeQL analysis time. To learn more, please see:
# - https://gh.io/recommended-hardware-resources-for-running-codeql
# - https://gh.io/supported-runners-and-hardware-resources
# - https://gh.io/using-larger-runners
# Consider using larger runners for possible analysis time improvements.
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read
strategy:
fail-fast: false
matrix:
language: [ 'javascript-typescript' ]
# CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
# Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
# Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"

View File

@ -1,59 +0,0 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will initiate a Veracode Static Analysis Pipeline scan, return a results.json and convert to SARIF for upload as a code scanning alert
name: Veracode Static Analysis Pipeline Scan
on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '36 18 * * 4'
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
permissions:
contents: read
jobs:
# This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter
build-and-pipeline-scan:
# The type of runner that the job will run on
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps
- uses: actions/checkout@v3
with:
repository: ''
- run: zip -r veracode-scan-target.zip ./
# download the Veracode Static Analysis Pipeline scan jar
- run: curl --silent --show-error --fail -O https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
- run: unzip -o pipeline-scan-LATEST.zip
- uses: actions/setup-java@v3
with:
java-version: 8
distribution: 'temurin'
- run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip
continue-on-error: true
- name: Convert pipeline scan output to SARIF format
id: convert
uses: veracode/veracode-pipeline-scan-results-to-sarif@ff08ae5b45d5384cb4679932f184c013d34da9be
with:
pipeline-results-json: results.json
- uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: veracode-results.sarif

View File

@ -20,7 +20,7 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go Stable
uses: ./
with:
@ -35,7 +35,7 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go oldStable
uses: ./
with:
@ -55,7 +55,7 @@ jobs:
- os: macos-latest
architecture: x32
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go ${{ matrix.version }} ${{ matrix.architecture }}
uses: ./
with:
@ -74,7 +74,7 @@ jobs:
go: [1.17, 1.18, 1.19]
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v3
- name: setup-go ${{ matrix.go }}
uses: ./
@ -93,7 +93,7 @@ jobs:
os: [ubuntu-latest, windows-latest, macos-latest]
go-version: [1.16, 1.17]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go and check latest
uses: ./
with:
@ -109,7 +109,7 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go and check latest
uses: ./
with:
@ -125,7 +125,7 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go and check latest
uses: ./
with:
@ -144,7 +144,7 @@ jobs:
go: [1.12.16, 1.13.11, 1.14.3]
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v3
- name: setup-go ${{ matrix.go }}
uses: ./
@ -165,7 +165,7 @@ jobs:
go: [1.9, 1.8.6]
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v3
- name: setup-go ${{ matrix.go }}
uses: ./
@ -184,7 +184,7 @@ jobs:
os: [ubuntu-latest, windows-latest, macos-latest]
go-version: [1.16, 1.17]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup Go and check latest
uses: ./
with:

View File

@ -19,7 +19,7 @@ jobs:
cache: [false, true]
go: [1.20.1]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: 'Setup ${{ matrix.cache }}, cache: ${{ matrix.go }}'
uses: ./
@ -61,7 +61,7 @@ jobs:
echo 'which go should return "/c/hostedtoolcache/windows/go/${{ matrix.go }}/x64/bin/go"'
exit 1
fi
if [ $(go env GOROOT) != 'C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64' ];then
if [ $(go env GOROOT) != 'C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64' ];then
echo 'go env GOROOT should return "C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64"'
exit 1
fi
@ -88,7 +88,7 @@ jobs:
matrix:
cache: [false, true]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: 'Setup default go, cache: ${{ matrix.cache }}'
uses: ./
@ -105,32 +105,10 @@ jobs:
fi
shell: bash
- name: 'Drive D: should not have Go installation, cache: ${{ matrix.cache }}'
- name: 'Drive D: should not have Go installation, cache: ${{ matrix.cache}}'
run: |
if [ -e 'D:\hostedtoolcache\windows\go\${{ needs.find-default-go.outputs.version }}\x64' ];then
echo 'D:\hostedtoolcache\windows\go\${{ needs.find-default-go.outputs.version }}\x64 should not exist for hosted version of go';
exit 1
fi
shell: bash
hostedtoolcache:
name: 'Validate if hostedtoolcache works as expected'
runs-on: windows-latest
strategy:
matrix:
cache: [false]
go: [1.20.1]
steps:
- uses: actions/checkout@v4
- name: 'Setup ${{ matrix.go }}, cache: ${{ matrix.cache }}'
uses: ./
with:
go-version: ${{ matrix.go }}
cache: ${{ matrix.cache }}
- name: 'Setup ${{ matrix.go }}, cache: ${{ matrix.cache }} (from hostedtoolcache)'
uses: ./
with:
go-version: ${{ matrix.go }}
cache: ${{ matrix.cache }}

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/form-data-3.0.1.dep.yml generated Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
.licenses/npm/tslib-2.3.1.dep.yml generated Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -42,8 +42,8 @@ Matching by [semver spec](https://github.com/npm/node-semver):
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '^1.13.1' # The Go version to download (if necessary) and use.
- run: go version
@ -51,26 +51,26 @@ steps:
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '>=1.17.0'
- run: go version
```
> **Note**: Due to the peculiarities of YAML parsing, it is recommended to wrap the version in single quotation marks:
>
>
> ```yaml
> go-version: '1.20'
> ```
>
>
> The recommendation is based on the YAML parser's behavior, which interprets non-wrapped values as numbers and, in the case of version 1.20, trims it down to 1.2, which may not be very obvious.
Matching an unstable pre-release:
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.18.0-rc.1' # The Go version to download (if necessary) and use.
- run: go version
@ -78,8 +78,8 @@ steps:
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.16.0-beta.1' # The Go version to download (if necessary) and use.
- run: go version
@ -93,8 +93,8 @@ See [action.yml](action.yml)
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.16.1' # The Go version to download (if necessary) and use.
- run: go run hello.go
@ -114,8 +114,8 @@ want the most up-to-date Go version to always be used.
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.14'
check-latest: true
@ -135,8 +135,8 @@ set to `true`
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 'stable'
- run: go run hello.go
@ -144,8 +144,8 @@ steps:
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 'oldstable'
- run: go run hello.go
@ -159,24 +159,20 @@ The `cache` input is optional, and caching is turned on by default.
The action defaults to search for the dependency file - go.sum in the repository root, and uses its hash as a part of
the cache key. Use `cache-dependency-path` input for cases when multiple dependency files are used, or they are located
in different subdirectories. The input supports glob patterns.
in different subdirectories.
If some problem that prevents success caching happens then the action issues the warning in the log and continues the execution of the pipeline.
If some problem that prevents success caching happens then the action issues the warning in the log and continues the execution of the pipeline.
**Caching in monorepos**
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.17'
check-latest: true
cache-dependency-path: |
subdir/go.sum
tools/go.sum
# cache-dependency-path: "**/*.sum"
cache-dependency-path: subdir/go.sum
- run: go run hello.go
```
@ -193,8 +189,8 @@ If both the `go-version` and the `go-version-file` inputs are provided then the
```yaml
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version-file: 'path/to/go.mod'
- run: go version
@ -211,9 +207,9 @@ jobs:
go: [ '1.14', '1.13' ]
name: Go ${{ matrix.go }} sample
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Setup go
uses: actions/setup-go@v5
uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go }}
- run: go run hello.go
@ -245,7 +241,7 @@ can [generate a personal access token on github.com](https://github.com/settings
input for the action:
```yaml
uses: actions/setup-go@v5
uses: actions/setup-go@v4
with:
token: ${{ secrets.GH_DOTCOM_TOKEN }}
go-version: '1.18'

View File

@ -25,7 +25,7 @@ outputs:
cache-hit:
description: 'A boolean value to indicate if a cache was hit'
runs:
using: 'node20'
using: 'node16'
main: 'dist/setup/index.js'
post: 'dist/cache-save/index.js'
post-if: success()

36298
dist/cache-save/index.js vendored

File diff suppressed because one or more lines are too long

41135
dist/setup/index.js vendored

File diff suppressed because one or more lines are too long

View File

@ -4,7 +4,7 @@ Date: 2022-04-13
Status: Accepted
# Context
`actions/setup-go` is the one of the most popular action related to Golang in GitHub Actions. Many customers use it in conjunction with [actions/cache](https://github.com/actions/cache) to speed up dependency installation process.
`actions/setup-go` is the one of the most popular action related to Golang in GitHub Actions. Many customers use it in conjunction with [actions/cache](https://github.com/actions/cache) to speed up dependency installation process.
See more examples on proper usage in [actions/cache documentation](https://github.com/actions/cache/blob/main/examples.md#go---modules).
# Goals & Anti-Goals
@ -16,7 +16,7 @@ Integration of caching functionality into `actions/setup-go` action will bring t
We don't pursue the goal to provide wide customization of caching in scope of `actions/setup-go` action. The purpose of this integration is covering ~90% of basic use-cases. If user needs flexible customization, we should advice them to use `actions/cache` directly.
# Decision
- Add `cache` input parameter to `actions/setup-go`. For now, input will accept the following values:
- Add `cache` input parameter to `actions/setup-go`. For now, input will accept the following values:
- `true` - enable caching for go dependencies
- `false`- disable caching for go dependencies. This value will be set as default value
- Cache feature will be disabled by default to make sure that we don't break existing customers. We will consider enabling cache by default in next major releases
@ -32,7 +32,7 @@ We don't pursue the goal to provide wide customization of caching in scope of `a
```yml
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: '18'
@ -43,7 +43,7 @@ steps:
```yml
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: '18'
@ -53,7 +53,7 @@ steps:
```yml
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: '18'
@ -66,4 +66,4 @@ steps:
# Release process
As soon as functionality is implemented, we will release minor update of action. No need to bump major version since there are no breaking changes for existing users.
After that, we will update [starter-workflows](https://github.com/actions/starter-workflows/blob/main/ci/go.yml)
After that, we will update [starter-workflows](https://github.com/actions/starter-workflows/blob/main/ci/go.yml)

8802
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "setup-go",
"version": "5.0.0",
"version": "4.0.0",
"private": true,
"description": "setup go action",
"main": "lib/setup-go.js",
@ -28,28 +28,28 @@
"@actions/cache": "^3.2.1",
"@actions/core": "^1.10.0",
"@actions/exec": "^1.1.0",
"@actions/glob": "^0.4.0",
"@actions/glob": "^0.2.0",
"@actions/http-client": "^2.0.1",
"@actions/io": "^1.0.2",
"@actions/tool-cache": "^2.0.1",
"semver": "^7.5.4"
"@actions/tool-cache": "^1.5.5",
"semver": "^6.3.1"
},
"devDependencies": {
"@types/jest": "^29.5.10",
"@types/node": "^20.10.3",
"@types/semver": "^7.5.6",
"@types/jest": "^27.0.2",
"@types/node": "^16.11.25",
"@types/semver": "^6.0.0",
"@typescript-eslint/eslint-plugin": "^5.54.0",
"@typescript-eslint/parser": "^5.54.0",
"@vercel/ncc": "^0.38.1",
"@vercel/ncc": "^0.33.4",
"eslint": "^8.35.0",
"eslint-config-prettier": "^8.6.0",
"eslint-plugin-jest": "^27.2.1",
"eslint-plugin-node": "^11.1.0",
"jest": "^29.7.0",
"jest-circus": "^29.7.0",
"jest": "^27.2.5",
"jest-circus": "^27.2.5",
"nock": "^10.0.6",
"prettier": "^2.8.4",
"ts-jest": "^29.1.1",
"typescript": "^5.3.2"
"ts-jest": "^27.0.5",
"typescript": "^4.3.3"
}
}

View File

@ -12,19 +12,9 @@ process.on('uncaughtException', e => {
core.info(`${warningPrefix}${e.message}`);
});
// Added early exit to resolve issue with slow post action step:
// - https://github.com/actions/setup-node/issues/878
// https://github.com/actions/cache/pull/1217
export async function run(earlyExit?: boolean) {
export async function run() {
try {
const cacheInput = core.getBooleanInput('cache');
if (cacheInput) {
await cachePackages();
if (earlyExit) {
process.exit(0);
}
}
await cachePackages();
} catch (error) {
let message = 'Unknown error!';
if (error instanceof Error) {
@ -38,6 +28,11 @@ export async function run(earlyExit?: boolean) {
}
const cachePackages = async () => {
const cacheInput = core.getBooleanInput('cache');
if (!cacheInput) {
return;
}
const packageManager = 'default';
const state = core.getState(State.CacheMatchedKey);
@ -90,4 +85,4 @@ function logWarning(message: string): void {
core.info(`${warningPrefix}${message}`);
}
run(true);
run();

View File

@ -114,9 +114,9 @@ export async function getGo(
`Received HTTP status code ${err.httpStatusCode}. This usually indicates the rate limit has been exceeded`
);
} else {
core.info((err as Error).message);
core.info(err.message);
}
core.debug((err as Error).stack ?? '');
core.debug(err.stack);
core.info('Falling back to download directly from Go');
}
@ -160,7 +160,7 @@ async function resolveVersionFromManifest(
return info?.resolvedVersion;
} catch (err) {
core.info('Unable to resolve a version from the manifest...');
core.debug((err as Error).message);
core.debug(err.message);
}
}
@ -203,17 +203,6 @@ async function cacheWindowsDir(
fs.symlinkSync(actualToolCacheDir, defaultToolCacheDir, 'junction');
core.info(`Created link ${defaultToolCacheDir} => ${actualToolCacheDir}`);
const actualToolCacheCompleteFile = `${actualToolCacheDir}.complete`;
const defaultToolCacheCompleteFile = `${defaultToolCacheDir}.complete`;
fs.symlinkSync(
actualToolCacheCompleteFile,
defaultToolCacheCompleteFile,
'file'
);
core.info(
`Created link ${defaultToolCacheCompleteFile} => ${actualToolCacheCompleteFile}`
);
// make outer code to continue using toolcache as if it were installed on c:
// restore toolcache root to default drive c:
process.env['RUNNER_TOOL_CACHE'] = defaultToolCacheRoot;

View File

@ -74,7 +74,7 @@ export async function run() {
cacheDependencyPath
);
} catch (error) {
core.warning(`Restore cache failed: ${(error as Error).message}`);
core.warning(`Restore cache failed: ${error.message}`);
}
}
@ -92,7 +92,7 @@ export async function run() {
core.info(goEnv);
core.endGroup();
} catch (error) {
core.setFailed((error as Error).message);
core.setFailed(error.message);
}
}