Skip to content

build(deps): bump github.com/docker/docker from 25.0.2+incompatible to 25.0.5+incompatible in /sdk #2046

build(deps): bump github.com/docker/docker from 25.0.2+incompatible to 25.0.5+incompatible in /sdk

build(deps): bump github.com/docker/docker from 25.0.2+incompatible to 25.0.5+incompatible in /sdk #2046

Workflow file for this run

name: "Checks"
on:
pull_request:
branches:
- main
push:
branches:
- main
merge_group:
branches:
- main
types:
- checks_requested
jobs:
pr:
name: Validate PR title
if: contains(fromJSON('["pull_request", "pull_request_target"]'), github.event_name)
runs-on: ubuntu-22.04
permissions:
pull-requests: read
steps:
- uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
go:
runs-on: ubuntu-22.04
permissions:
checks: write
contents: read
pull-requests: read
strategy:
matrix:
directory:
- examples
- sdk
- service
- lib/ocrypto
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
with:
go-version: "1.21.9"
cache-dependency-path: |
examples/go.sum
protocol/go/go.sum
sdk/go.sum
service/go.sum
- run: go mod download
- run: go mod verify
- name: golangci-lint
#uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804
uses: strantalis/golangci-lint-action@f4e979f5b36068d69d340547f66c991dca8b70ef
with:
version: v1.56
working-directory: ${{ matrix.directory }}
skip-cache: true
only-new-issues: ${{ (github.event_name == 'pull_request' || github.event_name == 'merge_group') }}
args: --out-format=colored-line-number
- name: Install softHSM
if: matrix.directory == 'service'
run: |-
sudo apt-get install -y softhsm opensc openssl
sudo chmod +x /etc/softhsm
sudo chmod +r /etc/softhsm/softhsm2.conf
mkdir -p $(pwd)/.tmp/tokens
echo "directories.tokendir = $(pwd)/.tmp/tokens" > softhsm2.conf
echo "log.level = DEBUG" >> softhsm2.conf
echo "SOFTHSM2_CONF=$(pwd)/softhsm2.conf" >> "$GITHUB_ENV"
- if: matrix.directory == 'service'
run: .github/scripts/init-temp-keys.sh --hsm
- run: go test ./... -short
working-directory: ${{ matrix.directory }}
- if: matrix.directory == 'service'
run: go test ./service/integration -race -failfast
integration:
name: integration tests
runs-on: ubuntu-22.04
strategy:
matrix:
crypto:
- hsm
- standard
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
with:
go-version: "1.21.9"
cache-dependency-path: |
service/go.sum
examples/go.sum
protocol/go/go.sum
sdk/go.sum
- run: go mod download
- run: go mod verify
- name: Install softHSM
if: matrix.crypto == 'hsm'
run: |-
sudo apt-get install -y softhsm opensc openssl
sudo chmod +x /etc/softhsm
sudo chmod +r /etc/softhsm/softhsm2.conf
mkdir -p $(pwd)/.tmp/tokens
echo "directories.tokendir = $(pwd)/.tmp/tokens" > softhsm2.conf
echo "log.level = DEBUG" >> softhsm2.conf
echo "SOFTHSM2_CONF=$(pwd)/softhsm2.conf" >> "$GITHUB_ENV"
- run: docker compose up -d --wait --wait-timeout 240
- run: |
.github/scripts/init-temp-keys.sh --hsm
cp opentdf-with-hsm.yaml opentdf.yaml
if: matrix.crypto == 'hsm'
- run: |
.github/scripts/init-temp-keys.sh
cp opentdf-example.yaml opentdf.yaml
if: matrix.crypto == 'standard'
- run: go run ./service provision keycloak
- uses: JarvusInnovations/background-action@313d37130873d82c33fc907b9b78e932aec8e990
name: start server in background
with:
run: |
go run ./service start
wait-on: |
tcp:localhost:8080
log-output-if: true
wait-for: 90s
- run: go install github.com/fullstorydev/grpcurl/cmd/grpcurl@v1.8.9
- run: grpcurl -plaintext localhost:8080 list
- run: grpcurl -plaintext localhost:8080 grpc.health.v1.Health.Check
- run: grpcurl -plaintext localhost:8080 kas.AccessService/PublicKey
- run: curl --show-error --fail --insecure localhost:8080/kas/v2/kas_public_key
- run: go run ./examples encrypt "Hello Virtru"
- run: go run ./examples decrypt sensitive.txt.tdf
- run: go run ./examples decrypt sensitive.txt.tdf | grep "Hello Virtru"
image:
name: image build
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v5.1.0
with:
context: .
file: ./Dockerfile
push: false
buflint:
name: Protocol Buffer Lint and Gencode Up-to-date check
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: bufbuild/buf-setup-action@382440cdb8ec7bc25a68d7b4711163d95f7cc3aa
- uses: bufbuild/buf-lint-action@044d13acb1f155179c606aaa2e53aea304d22058
with:
input: service
- uses: bufbuild/buf-breaking-action@a074e988ee34efcd4927079e79c611f428354c01
# TODO(#212) Block on breaking changes after protos are frozen
continue-on-error: true
with:
input: service
against: "https://github.com/opentdf/platform.git#branch=main,subdir=service"
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
with:
go-version: "1.21.9"
cache-dependency-path: |
service/go.sum
protocol/go/go.sum
sdk/go.sum
examples/go.sum
- run: cd service && go get github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
- run: cd service && go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
- run: make proto-generate
- name: Restore go.mod after installing protoc-gen-doc
run: git restore {service,protocol/go}/go.{mod,sum}
- run: git diff
- run: git diff-files --ignore-submodules
- name: Check that files have been formatted before PR submission
run: git diff-files --quiet --ignore-submodules
ci:
needs:
- buflint
- go
- image
- integration
- pr
runs-on: ubuntu-latest
if: always()
steps:
- if: contains(needs.*.result, 'failure')
run: echo "Failed due to ${{ contains(needs.*.result, 'failure') }}" && exit 1
license:
name: license check
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
with:
go-version: "1.21.9"
cache: false
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
id: deps-changed
with:
filters: |
examples:
- 'examplesk/go.*'
service:
- 'service/go.*'
sdk:
- 'sdk/go.*'
- name: install go-licenses
run: go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e
- name: check service licenses
if: steps.deps-changed.outputs.service == 'true'
run: >
go-licenses check --disallowed_types=forbidden --include_tests
./service
- name: check sdk licenses
if: steps.deps-changed.outputs.sdk == 'true'
run: >
go-licenses check --disallowed_types=forbidden --include_tests
./sdk
- name: check examples licenses
if: steps.deps-changed.outputs.examples == 'true'
run: >
go-licenses check --disallowed_types=forbidden --include_tests
./examples