chore(deps): bump anchore/sbom-action from 0.20.2 to 0.20.4 #2905
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build gopass | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| branches: | |
| - master | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| linux: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 | |
| with: | |
| egress-policy: block | |
| allowed-endpoints: > | |
| github.com:443 | |
| objects.githubusercontent.com:443 | |
| proxy.golang.org:443 | |
| raw.githubusercontent.com:443 | |
| release-assets.githubusercontent.com:443 | |
| storage.googleapis.com:443 | |
| sum.golang.org:443 | |
| golang.org:443 | |
| go.dev:443 | |
| azure.archive.ubuntu.com:443 | |
| archive.ubuntu.com:443 | |
| security.ubuntu.com:443 | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version: '1.24' | |
| - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Ubuntu Dependencies | |
| run: sudo apt-get install --yes git gnupg | |
| - run: git config --global user.name nobody | |
| - run: git config --global user.email [email protected] | |
| - | |
| name: Debug | |
| run: | | |
| echo "Go env ------------------" | |
| pwd | |
| echo ${HOME} | |
| echo ${GITHUB_WORKSPACE} | |
| echo ${GOPATH} | |
| echo ${GOROOT} | |
| env | |
| - name: Build and Unit Test | |
| run: make gha-linux | |
| - name: Integration Test | |
| run: make test-integration | |
| container: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f | |
| env: | |
| IMAGE_NAME: ${{ github.repository }} | |
| with: | |
| images: ${{ env.IMAGE_NAME }} | |
| - name: Build container image | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 | |
| with: | |
| context: . | |
| push: false | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| windows: | |
| runs-on: windows-latest | |
| defaults: | |
| run: | |
| shell: msys2 {0} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 | |
| with: | |
| egress-policy: audit | |
| - uses: msys2/setup-msys2@40677d36a502eb2cf0fb808cc9dec31bf6152638 # v2.28.0 | |
| with: | |
| release: false | |
| path-type: inherit | |
| install: >- | |
| base-devel | |
| git | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version: '1.24' | |
| - run: git config --global user.name nobody | |
| - run: git config --global user.email [email protected] | |
| - name: Build and Unit Test | |
| run: make gha-windows | |
| macos: | |
| runs-on: macos-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version: '1.24' | |
| - run: git config --global user.name nobody | |
| - run: git config --global user.email [email protected] | |
| - name: Build and Unit Test | |
| run: make gha-osx | |
| env: | |
| SLOW_TEST_FACTOR: 100 | |