Update github/codeql-action action to v3.28.5 #745
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| branches: [main] | |
| push: | |
| branches: [main] | |
| jobs: | |
| container: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Set up Go | |
| uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Test with code coverage | |
| run: go test ./... -race -covermode=atomic -coverprofile=coverage.txt | |
| - name: Build binaries and Docker image with GoReleaser | |
| uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 | |
| with: | |
| version: '~> v2' | |
| args: release --snapshot | |
| - name: Make example directory writable for all users | |
| run: chmod o+w example | |
| - name: Run the built Docker image | |
| run: cd example && docker run --workdir /workspace --mount type=bind,source="$(pwd)",target=/workspace ghcr.io/patrickhoefler/cloudbuildgraph:0.0.0 | |
| native: | |
| strategy: | |
| matrix: | |
| os: [macos-latest, ubuntu-latest, windows-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Set up Go | |
| uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| # Some tests are currently broken on Windows, disable for now | |
| - name: Test | |
| if: runner.os != 'Windows' | |
| run: go test ./... | |
| - name: Build | |
| run: go build | |
| - name: '[macOS] Install graphviz' | |
| if: runner.os == 'macOS' | |
| run: brew install graphviz | |
| - name: '[Ubuntu] Install graphviz' | |
| if: runner.os == 'Linux' | |
| run: sudo apt install --no-install-recommends -y graphviz | |
| - name: '[Windows] Install graphviz' | |
| if: runner.os == 'Windows' | |
| run: choco install graphviz --no-progress | |
| - name: Run the binary | |
| run: cd example && ../cloudbuildgraph |