Skip to content

Gh release workflow for lnproxy binary #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
nir3shprabu wants to merge 25 commits into
base: main
Choose a base branch
from
Open

Gh release workflow for lnproxy binary #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
1574b83
ci: GitHub workflow for release
nir3shprabu Mar 20, 2023
edf8f05
Merge branch 'dockerize-lnproxy' of github.com:nir3shprabu/lnproxy in…
nir3shprabu Mar 20, 2023
f10c4e8
chore: Delete release.yml
nir3shprabu Mar 20, 2023
87070f7
ci: Implement gh workflow
nir3shprabu Mar 23, 2023
c79d1d4
ci: Include go.sum
nir3shprabu Mar 23, 2023
8ef2804
ci: Finalize gh workflow
nir3shprabu Mar 23, 2023
744dcc5
ci: Implement gh workflow
nir3shprabu Mar 23, 2023
736d3af
ci: Implement gosec scanner into my workflow
nir3shprabu Mar 27, 2023
6d8015b
ci: Implement gosec action in workflow
nir3shprabu Mar 27, 2023
64f14f4
ci: Nothing special
nir3shprabu Mar 27, 2023
ced1cf8
Revert "ci: changes on release.yml"
nir3shprabu Mar 27, 2023
75ff6db
ci: Complete merge conflict
nir3shprabu Mar 27, 2023
395a37e
ci: Fix typo error in gosec
nir3shprabu Mar 27, 2023
044f8f7
ci: Upload sarif file
nir3shprabu Mar 28, 2023
da94070
ci: Change sarif version
nir3shprabu Mar 28, 2023
6a7a389
ci: Add permission for integration
nir3shprabu Mar 28, 2023
28b1ec4
ci: Remove goreleaser for checking purpose
nir3shprabu Mar 28, 2023
19b032b
ci: Add results.sarif file to .gitignore
nir3shprabu Mar 28, 2023
69c7cd4
ci: Add goreleaser
nir3shprabu Mar 28, 2023
67b9fc3
chore: Typo in echo command
nir3shprabu Mar 28, 2023
2b522a7
build: Add .gitignore file to the repo
nir3shprabu Mar 28, 2023
91f0d6a
ci: Implement multi jobs and delete gitignore
nir3shprabu Mar 28, 2023
ef0c152
ci: Add checkout in gosec scanner job
nir3shprabu Mar 28, 2023
185da7f
ci: Add extra job for trivy scanner
nir3shprabu Mar 28, 2023
f68d8a1
ci: Modify gosec args
nir3shprabu Mar 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 69 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
name: goreleaser

on:
push:
tags:
- 'v*'
Comment on lines +3 to +6
Copy link

@m0wer m0wer May 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tags are not really being used at the moment, at least with the v* format. @lnproxy how do you want to go about this?


permissions:
contents: write
id-token: write
packages: write
issues: write
security-events: write

env:
GO111MODULE: on
CGO_ENABLED: 0
ACTIONS_ALLOW_UNSECURE_COMMANDS: true

jobs:
gosec:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3

- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...

trivy:
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build an image from Dockerfile
run: |
docker build -t docker.io/my-organization/my-app:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'

goreleaser:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- name: Unshallow
run: git fetch --prune --unshallow

- uses: actions/setup-go@v4
with:
go-version: 1.19

- uses: goreleaser/goreleaser-action@v4
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Comment on lines +8 to +69
Copy link

@m0wer m0wer May 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
permissions:
contents: write
id-token: write
packages: write
issues: write
security-events: write
env:
GO111MODULE: on
CGO_ENABLED: 0
ACTIONS_ALLOW_UNSECURE_COMMANDS: true
jobs:
gosec:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...
trivy:
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build an image from Dockerfile
run: |
docker build -t docker.io/my-organization/my-app:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
goreleaser:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Unshallow
run: git fetch --prune --unshallow
- uses: actions/setup-go@v4
with:
go-version: 1.19
- uses: goreleaser/goreleaser-action@v4
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: write
id-token: write
packages: write
issues: write
security-events: write
env:
GO111MODULE: on
CGO_ENABLED: 0
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: '1.24'
- name: Run Tests
run: go test ./...
gosec:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...
trivy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build an image from Dockerfile
run: |
docker build -t ${{ vars.DOCKER_REGISTRY || 'docker.io/my-organization' }}/my-app:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ vars.DOCKER_REGISTRY || 'docker.io/my-organization' }}/my-app:${{ github.sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
goreleaser:
needs: [test, gosec, trivy]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: '1.24'
- uses: goreleaser/goreleaser-action@v4
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

2 changes: 2 additions & 0 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=