Skip to content

Check for overflows when converting ints to uints #131

Check for overflows when converting ints to uints

Check for overflows when converting ints to uints #131

Workflow file for this run

name: Publish
on:
push:
branches:
- "main"
- v*
tags:
- v*
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
unit-tests:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: "go.mod"
cache: true
- name: Unit Tests
run: |
make test
- name: Lint
run: |
ENV=host make lint
make bumplicense
go mod tidy
pushd e2etests
go mod tidy
popd
make manifests
make checkuncommitted
publish-images:
runs-on: ubuntu-22.04
needs: [unit-tests]
permissions:
contents: read
id-token: write # needed for signing the images with GitHub OIDC Token
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Install Cosign
uses: sigstore/cosign-installer@main
with:
cosign-release: "v2.2.3"
- name: Code checkout
uses: actions/checkout@v4
- name: Setup docker buildx
uses: docker/setup-buildx-action@v3
- name: Log into Quay
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
quay.io/metallb/frr-k8s
# generate Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=semver,pattern={{raw}}
labels: |
org.opencontainers.image.title=frr-k8s
org.opencontainers.image.description=frr-k8s, a cloud native wrapper of some frr features
- name: Build and push
uses: docker/build-push-action@v5
id: build-and-push
with:
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: Dockerfile
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le,linux/arm/v7
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
build-args: |
GIT_BRANCH: ${{ github.ref_name }}
GIT_COMMIT: ${{ github.sha }}
- name: Cosign sign tags
run: cosign sign --yes ${TAGS}
env:
TAGS: ${{ steps.meta.outputs.tags }}@${{ steps.build-and-push.outputs.digest }}
COSIGN_EXPERIMENTAL: 1
release-charts:
needs: [publish-images]
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Fetch entire history. Required for chart-releaser; see https://github.com/helm/chart-releaser-action/issues/13#issuecomment-602063896
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Chart releaser
if: startsWith(github.ref, 'refs/tags/v') # we craft releases only for tags
run: |
# Download chart releaser
curl -sSLo cr.tar.gz "https://github.com/helm/chart-releaser/releases/download/v1.4.0/chart-releaser_1.4.0_linux_amd64.tar.gz"
tar -xzf cr.tar.gz
rm -f cr.tar.gz
repo=$(basename "$GITHUB_REPOSITORY")
owner=$(dirname "$GITHUB_REPOSITORY")
tag="${GITHUB_REF_NAME:1}"
exists=$(curl -s -H "Accept: application/vnd.github.v3+json" https://github.com/$GITHUB_REPOSITORY/releases/tag/$repo-chart-$tag -w %{http_code} -o /dev/null)
if [[ $exists != "200" ]]; then
echo "Creating release..."
# package chart
./cr package charts/$repo
# upload chart to github releases
./cr upload \
--owner "$owner" \
--git-repo "$repo" \
--release-name-template "{{ .Name }}-chart-{{ .Version }}" \
--token "${{ secrets.GITHUB_TOKEN }}"
# Update index and push to github pages
./cr index \
--owner "$owner" \
--git-repo "$repo" \
--index-path index.yaml \
--release-name-template "{{ .Name }}-chart-{{ .Version }}" \
--push
else
echo "Release already exists"
fi