renovate
c52fa80449
Release / release (push) Failing after 1m19s
schemas / vulnerabilities (push) Successful in 1m41s
schemas / check (push) Successful in 2m33s
schemas / check-release (push) Successful in 2m45s
pre-commit / pre-commit (push) Successful in 5m58s
schemas / build (push) Successful in 7m9s
schemas / deploy-prod (push) Successful in 1m31s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | major | `v6` → `v7` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v7.0.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://github.com/actions/checkout/compare/v7.0.0...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://github.com/aiqiaoy) in [#​2454](https://github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2458](https://github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2460](https://github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2461](https://github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://github.com/actions/core) and [@​actions/tool-cache](https://github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2459](https://github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://github.com/aiqiaoy) in [#​2463](https://github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2462](https://github.com/actions/checkout/pull/2462) ### [`v7`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://github.com/actions/checkout/compare/v6.0.3...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://github.com/aiqiaoy) in [#​2454](https://github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2458](https://github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2460](https://github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2461](https://github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://github.com/actions/core) and [@​actions/tool-cache](https://github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2459](https://github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://github.com/aiqiaoy) in [#​2463](https://github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://github.com/dependabot)\[bot] in [#​2462](https://github.com/actions/checkout/pull/2462) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMjAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIyMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: #868 Co-authored-by: Renovate Bot <renovate@unbound.se> Co-committed-by: Renovate Bot <renovate@unbound.se>
95 lines
2.4 KiB
YAML
95 lines
2.4 KiB
YAML
name: schemas
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
branches: [main]
|
|
workflow_dispatch:
|
|
inputs:
|
|
deploy_prod:
|
|
description: 'Deploy to production'
|
|
required: false
|
|
default: 'false'
|
|
type: boolean
|
|
|
|
jobs:
|
|
check:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
- uses: actions/setup-go@v6
|
|
with:
|
|
go-version: 'stable'
|
|
- name: Generate and format check
|
|
run: |
|
|
go install mvdan.cc/gofumpt@latest
|
|
go install golang.org/x/tools/cmd/goimports@latest
|
|
go generate ./...
|
|
git diff --stat --exit-code
|
|
- name: Run tests
|
|
run: go test -race -coverprofile=coverage.txt ./...
|
|
|
|
vulnerabilities:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
- uses: actions/setup-go@v6
|
|
with:
|
|
go-version: 'stable'
|
|
- name: Check vulnerabilities
|
|
run: |
|
|
go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
govulncheck ./...
|
|
|
|
check-release:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
with:
|
|
fetch-depth: 0
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: '24'
|
|
- uses: actions/setup-go@v6
|
|
with:
|
|
go-version: 'stable'
|
|
- name: Check goreleaser config
|
|
uses: goreleaser/goreleaser-action@v7
|
|
with:
|
|
version: '~> v2'
|
|
args: check
|
|
- name: Test release build
|
|
uses: goreleaser/goreleaser-action@v7
|
|
with:
|
|
version: '~> v2'
|
|
args: release --snapshot --clean
|
|
|
|
build:
|
|
needs: [check, vulnerabilities, check-release]
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
BUILDTOOLS_CONTENT: ${{ secrets.BUILDTOOLS_CONTENT }}
|
|
GITEA_REPOSITORY: ${{ gitea.repository }}
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
- uses: buildtool/setup-buildtools-action@v1
|
|
- name: Build and push
|
|
run: unset GITEA_TOKEN && build && push
|
|
|
|
deploy-prod:
|
|
needs: build
|
|
if: gitea.ref == 'refs/heads/main'
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
BUILDTOOLS_CONTENT: ${{ secrets.BUILDTOOLS_CONTENT }}
|
|
GITEA_REPOSITORY: ${{ gitea.repository }}
|
|
environment: prod
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
- uses: buildtool/setup-buildtools-action@v1
|
|
- name: Deploy to production
|
|
run: deploy prod
|