chore(deps): bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 #251
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build-checks | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize, ready_for_review] | |
| push: | |
| branches: [main] | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - uses: golangci/golangci-lint-action@v9 | |
| with: | |
| version: latest | |
| only-new-issues: true | |
| args: --build-tags "netgo containers_image_ostree_stub exclude_graphdriver_devicemapper exclude_graphdriver_btrfs containers_image_openpgp" | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - run: make build | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - run: make ginkgo test | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Run Trivy vulnerability scanner in repo mode | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| ignore-unfixed: true | |
| format: 'sarif' | |
| exit-code: '1' | |
| scanners: 'vuln' | |
| output: 'trivy-results.sarif' | |
| severity: 'HIGH,CRITICAL' | |
| - name: Upload Trivy scan results to GitHub Security tab | |
| uses: github/codeql-action/upload-sarif@v4 | |
| with: | |
| sarif_file: 'trivy-results.sarif' | |
| # summary jobs, these jobs will only run if all the other jobs have succeeded | |
| validate-pr-checks: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - lint | |
| - build | |
| - test | |
| - scan | |
| steps: | |
| - run: echo "All PR checks passed" | |
| # this job will validate that the validation did not fail and that all pr-checks succeed | |
| # it is used for the github branch protection rule | |
| validate-success: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - validate-pr-checks | |
| if: always() | |
| steps: | |
| # https://docs.github.com/en/actions/learn-github-actions/contexts#needs-context | |
| # if the validate-pr-checks job was not successful, this job will fail | |
| - name: fail if validate-pr-checks job was not successful | |
| if: needs.validate-pr-checks.result != 'success' | |
| run: exit 1 | |
| # if the validate-pr-checks job was successful, this job will succeed | |
| - name: succeed if validate-pr-checks job succeeded | |
| if: needs.validate-pr-checks.result == 'success' | |
| run: echo "Validation succeeded" |