Bump golang.org/x/crypto from 0.24.0 to 0.31.0 in /wix #1014
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Go | |
on: | |
pull_request: {} | |
push: | |
branches: [master] | |
tags: | |
- v* | |
jobs: | |
lint: | |
uses: mackerelio/workflows/.github/workflows/go-lint.yml@v1.2.0 | |
convention: | |
uses: mackerelio/workflows/.github/workflows/setup-go-matrix.yml@v1.2.0 | |
with: | |
run: make convention | |
test: | |
uses: mackerelio/workflows/.github/workflows/go-test.yml@v1.2.0 | |
with: | |
# Please do not specify `windows-latest` | |
# Build process is complex then need to check operation. | |
os-versions: '["ubuntu-latest", "windows-2022"]' | |
build-linux: | |
name: Build (Linux) | |
runs-on: ubuntu-latest | |
needs: test | |
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
steps: | |
# before-deploy | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Install debian packaging utils, binutils | |
run: sudo apt-get update && sudo apt-get install -y devscripts debhelper fakeroot binutils-mips-linux-gnu binutils-aarch64-linux-gnu binutils-arm-linux-gnueabihf | |
- run: docker pull mackerel/docker-mackerel-rpm-builder:u8 | |
- run: make rpm deb rpm-kcps deb-kcps rpm-stage deb-stage tgz | |
- run: make crossbuild | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: linux-build-artifacts | |
path: | | |
rpmbuild/RPMS/*/*.rpm | |
packaging/*.deb | |
snapshot/*.zip | |
snapshot/*.tar.gz | |
build/*.tar.gz | |
# Note: | |
# Mackerel-agent requires cgo for using Windows native API. | |
# So we need also to install 32bit MSYS2 and msys2 shell to compile | |
# 32bit mackerel-agent. | |
# The virtual environment of GitHub Actions includes 64bit MSYS2 | |
# but msys2 shell is not contained in its environment. | |
# Therefore we installs msys2 on each 32bit and 64bit platforms. | |
build-windows: | |
name: Build (Windows) | |
runs-on: windows-2022 | |
needs: test | |
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') | |
strategy: | |
matrix: | |
GOARCH: ["amd64", "386"] | |
include: | |
- GOARCH: amd64 | |
PLATFORM_ID: x64 | |
MSYS: MINGW64 | |
- GOARCH: 386 | |
PLATFORM_ID: x86 | |
MSYS: MINGW32 | |
env: | |
GOARCH: ${{ matrix.GOARCH }} | |
CGO_ENABLED: 1 | |
CC_FOR_windows_386: i686-w64-mingw32-gcc | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup MINGW | |
uses: msys2/setup-msys2@v2 | |
with: | |
msystem: ${{ matrix.MSYS }} | |
path-type: inherit | |
install: mingw-w64-i686-gcc | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**\go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Build mackerel-agent | |
run: | | |
commit=$(git rev-parse --short HEAD) | |
mkdir build/ | |
go build -o build/mackerel-agent.exe -ldflags="-X main.gitcommit=$commit" github.com/mackerelio/mackerel-agent | |
go build -o build/mackerel-agent-kcps.exe -ldflags="-X main.gitcommit=$commit -X github.com/mackerelio/mackerel-agent/config.apibase=http://198.18.0.16" github.com/mackerelio/mackerel-agent | |
shell: msys2 {0} | |
- name: Build mackerel-agent-plugins | |
run: | | |
cd wix | |
plugins=( $(./pluginlist.sh) ) || exit 1 | |
for p in "${plugins[@]}" | |
do | |
name=$(basename "$p") | |
go build -o "../build/$name.exe" "$p" | |
echo go build -o "../build/$name.exe" "$p" | |
done | |
shell: msys2 {0} | |
- name: Build tools | |
run: | | |
cd wix | |
go build -o ../build/wrapper.exe wrapper/wrapper_windows.go wrapper/install.go | |
go build -o ../build/replace.exe replace/replace_windows.go replace/shell_windows.go | |
go build -o ../build/generate_wxs.exe generate_wxs/generate_wxs.go | |
shell: msys2 {0} | |
- name: Upload build artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: windows-build-artifacts-${{ matrix.PLATFORM_ID }} | |
path: | | |
build/ | |
windows-installer: | |
name: Make Installer (Windows) | |
runs-on: windows-2022 | |
needs: build-windows | |
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') | |
strategy: | |
matrix: | |
include: | |
- PLATFORM_ID: x86 | |
- PLATFORM_ID: x64 | |
MSI_SUFFIX: -x64 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: windows-build-artifacts-${{ matrix.PLATFORM_ID }} | |
path: build/ | |
- uses: actions/github-script@v7 | |
with: | |
script: | | |
const script = require('./_tools/parse_version.js') | |
await script({github, context, core}) | |
id: parse_version | |
- name: Build Installer | |
run: ./wix/build.bat "${{ steps.parse_version.outputs.VERSION }}" | |
env: | |
PLATFORM_ID: ${{ matrix.PLATFORM_ID }} | |
MSI_SUFFIX: ${{ matrix.MSI_SUFFIX }} | |
- name: Signing Installer | |
uses: azure/trusted-signing-action@v0.3.20 | |
with: | |
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
endpoint: ${{ secrets.AZURE_ENDPOINT }} | |
trusted-signing-account-name: ${{ secrets.AZURE_TRUSTED_SIGNING_NAME }} | |
certificate-profile-name: ${{ secrets.AZURE_CERT_PROFILE_NAME }} | |
files-folder: ${{ github.workspace }}/build | |
files-folder-filter: msi | |
file-digest: SHA256 | |
timestamp-rfc3161: http://timestamp.acs.microsoft.com | |
timestamp-digest: SHA256 | |
exclude-environment-credential: false | |
exclude-workload-identity-credential: true | |
exclude-managed-identity-credential: true | |
exclude-shared-token-cache-credential: true | |
exclude-visual-studio-credential: true | |
exclude-visual-studio-code-credential: true | |
exclude-azure-cli-credential: true | |
exclude-azure-powershell-credential: true | |
exclude-azure-developer-cli-credential: true | |
exclude-interactive-browser-credential: true | |
- name: Upload build artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: windows-packages-${{ matrix.PLATFORM_ID }} | |
path: | | |
build/*.msi | |
release: | |
name: Release to GitHub Releases | |
runs-on: ubuntu-latest | |
needs: [build-linux, windows-installer] | |
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v') | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: linux-build-artifacts | |
path: artifacts/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: windows-packages-x86 | |
path: artifacts/ | |
- uses: actions/download-artifact@v4 | |
with: | |
name: windows-packages-x64 | |
path: artifacts/ | |
- uses: mackerelio/staging-release-update-action@main | |
if: github.ref == 'refs/heads/master' | |
with: | |
directory: artifacts/ | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
tag: staging | |
- uses: mackerelio/create-release-action@main | |
if: startsWith(github.ref, 'refs/tags/v') | |
with: | |
directory: artifacts/ | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
tag-prefix: "refs/tags/v" | |
bump-up-branch-prefix: "bump-version-" | |
- name: update homebrew-mackerel-agent | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ secrets.MACKERELBOT_GITHUB_TOKEN }} | |
event-type: release | |
client-payload: '{"product": "mackerel-agent"}' | |
repository: mackerelio/homebrew-mackerel-agent |