[pre-commit.ci] pre-commit autoupdate #50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| concurrency: | |
| cancel-in-progress: ${{ ! startsWith(github.ref, 'refs/tags/v') }} | |
| group: ci-${{ github.ref_name }}-${{ github.event_name }} | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - v* | |
| permissions: | |
| contents: write | |
| id-token: write | |
| packages: write | |
| security-events: write | |
| jobs: | |
| build-edge: | |
| if: | | |
| github.event_name == 'push' && | |
| github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Build docker | |
| uses: meysam81/build-docker@main | |
| with: | |
| image-name: ghcr.io/meysam81/${{ github.event.repository.name }} | |
| image-extra-tags: | | |
| ghcr.io/meysam81/${{ github.event.repository.name }}:${{ github.run_id }} | |
| ghcr.io/meysam81/${{ github.event.repository.name }}:nightly | |
| ghcr.io/meysam81/${{ github.event.repository.name }}:latest | |
| kubescape: true | |
| kubescape-upload-sarif: true | |
| build-pr: | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Build docker | |
| uses: meysam81/build-docker@main | |
| with: | |
| image-name: ghcr.io/meysam81/${{ github.event.repository.name }} | |
| kubescape: true | |
| scout-comment-pr: true | |
| scout-compare: true | |
| scout-cves: true | |
| release-please: | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| outputs: | |
| releases_created: ${{ steps.release-please.outputs.releases_created }} | |
| tag_name: ${{ steps.release-please.outputs.tag_name }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - id: release-please | |
| name: Release please | |
| uses: googleapis/release-please-action@v4 | |
| with: | |
| release-type: simple | |
| goreleaser: | |
| needs: release-please | |
| if: needs.release-please.outputs.releases_created == 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| - name: Setup Cosign CLI | |
| uses: sigstore/cosign-installer@v3 | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| distribution: goreleaser | |
| version: latest | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| build-stable: | |
| needs: | |
| - release-please | |
| - goreleaser | |
| if: needs.release-please.outputs.releases_created == 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Build docker | |
| uses: meysam81/build-docker@main | |
| with: | |
| build-args: | | |
| VERSION=${{ needs.release-please.outputs.tag_name }} | |
| image-name: ghcr.io/meysam81/${{ github.event.repository.name }} | |
| image-extra-tags: | | |
| ghcr.io/meysam81/${{ github.event.repository.name }}:${{ needs.release-please.outputs.tag_name }} | |
| ghcr.io/meysam81/${{ github.event.repository.name }}:stable | |
| metadata-tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| ref: ${{ needs.release-please.outputs.tag_name }} |