Skip to content
build

fix(deps): update go-deps #1298

Sign in to view logs

fix(deps): update go-deps

fix(deps): update go-deps #1298

Workflow file for this run

.github/workflows/build.yml at f870148
# ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen".
name: build
on:
pull_request: {}
workflow_dispatch: {}
jobs:
build:
needs: zipper
runs-on: ubuntu-latest
permissions:
contents: write
outputs:
self_mutation_happened: ${{ steps.self_mutation.outputs.self_mutation_happened }}
env:
CI: "true"
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Download zipper artifacts
uses: actions/download-artifact@v2
with:
name: zipper
path: assets
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: 16.x
- name: Install dependencies
run: yarn install --check-files
- name: "Update snapshots: secret-inline"
run: yarn run projen integ:secret-inline:snapshot
- name: "Update snapshots: secret-asset"
run: yarn run projen integ:secret-asset:snapshot
- name: build
run: npx projen build
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v2
with:
flags: cdk
directory: coverage
- name: Find mutations
id: self_mutation
run: |-
git add .
git diff --staged --patch --exit-code > .repo.patch || echo "self_mutation_happened=true" >> $GITHUB_OUTPUT
- name: Upload patch
if: steps.self_mutation.outputs.self_mutation_happened
uses: actions/upload-artifact@v3
with:
name: .repo.patch
path: .repo.patch
- name: Fail build on mutation
if: steps.self_mutation.outputs.self_mutation_happened
run: |-
echo "::error::Files were changed during build (see build log). If this was triggered from a fork, you will need to update your branch."
cat .repo.patch
exit 1
- name: Backup artifact permissions
run: cd dist && getfacl -R . > permissions-backup.acl
continue-on-error: true
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: build-artifact
path: dist
container:
image: jsii/superchain:1-buster-slim-node16
self-mutation:
needs:
- build
- zipper
runs-on: ubuntu-latest
permissions:
contents: write
if: always() && needs.build.outputs.self_mutation_happened && !(github.event.pull_request.head.repo.full_name != github.repository)
steps:
- name: Checkout
uses: actions/checkout@v3
with:
token: ${{ secrets.PROJEN_GITHUB_TOKEN }}
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Download zipper artifacts
uses: actions/download-artifact@v2
with:
name: zipper
path: assets
- name: Download patch
uses: actions/download-artifact@v3
with:
name: .repo.patch
path: ${{ runner.temp }}
- name: Apply patch
run: '[ -s ${{ runner.temp }}/.repo.patch ] && git apply ${{ runner.temp }}/.repo.patch || echo "Empty patch. Skipping."'
- name: Set git identity
run: |-
git config user.name "github-actions"
git config user.email "github-actions@github.com"
- name: Push changes
env:
PULL_REQUEST_REF: ${{ github.event.pull_request.head.ref }}
run: |-
git add .
git commit -s -m "chore: self mutation"
git push origin HEAD:$PULL_REQUEST_REF
package-js:
needs:
- build
- zipper
runs-on: ubuntu-latest
permissions: {}
if: "! needs.build.outputs.self_mutation_happened"
steps:
- uses: actions/setup-node@v3
with:
node-version: 16.x
- name: Download build artifacts
uses: actions/download-artifact@v3
with:
name: build-artifact
path: dist
- name: Download zipper artifacts
uses: actions/download-artifact@v2
with:
name: zipper
path: assets
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create js artifact
run: cd .repo && npx projen package:js
- name: Collect js Artifact
run: mv .repo/dist dist
package-python:
needs:
- build
- zipper
runs-on: ubuntu-latest
permissions: {}
if: "! needs.build.outputs.self_mutation_happened"
steps:
- uses: actions/setup-node@v3
with:
node-version: 16.x
- uses: actions/setup-python@v4
with:
python-version: 3.x
- name: Download build artifacts
uses: actions/download-artifact@v3
with:
name: build-artifact
path: dist
- name: Download zipper artifacts
uses: actions/download-artifact@v2
with:
name: zipper
path: assets
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && yarn install --check-files --frozen-lockfile
- name: Create python artifact
run: cd .repo && npx projen package:python
- name: Collect python Artifact
run: mv .repo/dist dist
gobuild:
name: gobuild
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: "Temporary workaround Checkout Issue #760 "
run: git config --global --add safe.directory /__w/cdk-sops-secrets/cdk-sops-secrets
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Fetch all tags
run: git fetch --force --tags
- name: Test
run: scripts/lambda-test.sh
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v2
with:
files: ./coverage/coverage.out
flags: go-lambda
- name: Build
run: scripts/lambda-build.sh
- name: Upload artifact
uses: actions/upload-artifact@v2.1.1
with:
name: gobuild
path: lambda/bootstrap
container:
image: golang:1.21-bullseye
zipper:
name: zipper
needs: gobuild
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Prepare
run: apk add zip git
- name: Temporary workaround
run: git config --global --add safe.directory /__w/cdk-sops-secrets/cdk-sops-secrets
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Download gobuild artifacts
uses: actions/download-artifact@v2
with:
name: gobuild
path: lambda
- name: Zip
run: scripts/lambda-zip.sh
- name: Upload artifact
uses: actions/upload-artifact@v2.1.1
with:
name: zipper
path: assets/cdk-sops-lambda.zip
container:
image: alpine:latest