add docker to mac instance

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2026-02-12 10:36:45 +01:00 · 2021-03-11 14:01:00 -05:00 · 2021-03-11 14:01:00 -05:00 · c7b26c55ac
commit c7b26c55ac
parent 0c2a51554a
1 changed files with 111 additions and 99 deletions
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -1,88 +1,96 @@
 name: "Release"
 on:
  push:
-    # take no actions on push to any branch...
+#    # take no actions on push to any branch...
-    branches-ignore:
+#    branches-ignore:
-      - "**"
+#      - "**"
-    # ... only act on release tags
+#    # ... only act on release tags
-    tags:
+#    tags:
-      - "v*"
+#      - "v*"
 env:
  GO_VERSION: "1.14.x"
 jobs:
-  wait-for-checks:
+#  wait-for-checks:
-    runs-on: ubuntu-latest # This OS choice is arbitrary. None of the steps in this job are specific to either Linux or macOS.
+#    runs-on: ubuntu-latest # This OS choice is arbitrary. None of the steps in this job are specific to either Linux or macOS.
-    steps:
+#    steps:
-      - uses: actions/checkout@v2
+#      - uses: actions/checkout@v2
-
+#
-      # we don't want to release commits that have been pushed and tagged, but not necessarily merged onto main
+#      # we don't want to release commits that have been pushed and tagged, but not necessarily merged onto main
-      - name: Ensure tagged commit is on main
+#      - name: Ensure tagged commit is on main
-        run: |
+#        run: |
-          echo "Tag: ${GITHUB_REF##*/}"
+#          echo "Tag: ${GITHUB_REF##*/}"
-          git fetch origin main
+#          git fetch origin main
-          git merge-base --is-ancestor ${GITHUB_REF##*/} origin/main && echo "${GITHUB_REF##*/} is a commit on main!"
+#          git merge-base --is-ancestor ${GITHUB_REF##*/} origin/main && echo "${GITHUB_REF##*/} is a commit on main!"
-
+#
-      - name: Check static analysis results
+#      - name: Check static analysis results
-        uses: fountainhead/action-wait-for-check@v1.0.0
+#        uses: fountainhead/action-wait-for-check@v1.0.0
-        id: static-analysis
+#        id: static-analysis
-        with:
+#        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+#          token: ${{ secrets.GITHUB_TOKEN }}
-          # This check name is defined as the circle-ci workflow name (in .circleci/config.yaml)
+#          # This check name is defined as the circle-ci workflow name (in .circleci/config.yaml)
-          checkName: "Static-Analysis (1.x, ubuntu-latest)"
+#          checkName: "Static-Analysis (1.x, ubuntu-latest)"
-          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+#          ref: ${{ github.event.pull_request.head.sha || github.sha }}
-
+#
-      - name: Check unit + integration results (latest go version)
+#      - name: Check unit + integration results (latest go version)
-        uses: fountainhead/action-wait-for-check@v1.0.0
+#        uses: fountainhead/action-wait-for-check@v1.0.0
-        id: unit-integration
+#        id: unit-integration
-        with:
+#        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+#          token: ${{ secrets.GITHUB_TOKEN }}
-          # This check name is defined as the circle-ci workflow name (in .circleci/config.yaml)
+#          # This check name is defined as the circle-ci workflow name (in .circleci/config.yaml)
-          checkName: "Tests (1.x, ubuntu-latest)"
+#          checkName: "Tests (1.x, ubuntu-latest)"
-          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+#          ref: ${{ github.event.pull_request.head.sha || github.sha }}
-
+#
-      - name: Check acceptance test results (linux)
+#      - name: Check acceptance test results (linux)
-        uses: fountainhead/action-wait-for-check@v1.0.0
+#        uses: fountainhead/action-wait-for-check@v1.0.0
-        id: acceptance-linux
+#        id: acceptance-linux
-        with:
+#        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+#          token: ${{ secrets.GITHUB_TOKEN }}
-          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
+#          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
-          checkName: "Acceptance-Linux"
+#          checkName: "Acceptance-Linux"
-          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+#          ref: ${{ github.event.pull_request.head.sha || github.sha }}
-
+#
-      - name: Check acceptance test results (mac)
+#      - name: Check acceptance test results (mac)
-        uses: fountainhead/action-wait-for-check@v1.0.0
+#        uses: fountainhead/action-wait-for-check@v1.0.0
-        id: acceptance-mac
+#        id: acceptance-mac
-        with:
+#        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+#          token: ${{ secrets.GITHUB_TOKEN }}
-          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
+#          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
-          checkName: "Acceptance-Mac"
+#          checkName: "Acceptance-Mac"
-          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+#          ref: ${{ github.event.pull_request.head.sha || github.sha }}
-
+#
-      - name: Check inline comparison test results
+#      - name: Check inline comparison test results
-        uses: fountainhead/action-wait-for-check@v1.0.0
+#        uses: fountainhead/action-wait-for-check@v1.0.0
-        id: inline-compare
+#        id: inline-compare
-        with:
+#        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+#          token: ${{ secrets.GITHUB_TOKEN }}
-          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
+#          # This check name is defined as the github action job name (in .github/workflows/acceptance-test.yaml)
-          checkName: "Inline-Compare"
+#          checkName: "Inline-Compare"
-          ref: ${{ github.event.pull_request.head.sha || github.sha }}
+#          ref: ${{ github.event.pull_request.head.sha || github.sha }}
-
+#
-      - name: Quality gate
+#      - name: Quality gate
-        if: steps.static-analysis.outputs.conclusion != 'success' || steps.unit-integration.outputs.conclusion != 'success' || steps.inline-compare.outputs.conclusion != 'success' || steps.acceptance-linux.outputs.conclusion != 'success' || steps.acceptance-mac.outputs.conclusion != 'success'
+#        if: steps.static-analysis.outputs.conclusion != 'success' || steps.unit-integration.outputs.conclusion != 'success' || steps.inline-compare.outputs.conclusion != 'success' || steps.acceptance-linux.outputs.conclusion != 'success' || steps.acceptance-mac.outputs.conclusion != 'success'
-        run: |
+#        run: |
-          echo "Static Analysis Status: ${{ steps.static-analysis.conclusion }}"
+#          echo "Static Analysis Status: ${{ steps.static-analysis.conclusion }}"
-          echo "Unit & Integration Test Status: ${{ steps.unit-integration.outputs.conclusion }}"
+#          echo "Unit & Integration Test Status: ${{ steps.unit-integration.outputs.conclusion }}"
-          echo "Acceptance Test (Linux) Status: ${{ steps.acceptance-linux.outputs.conclusion }}"
+#          echo "Acceptance Test (Linux) Status: ${{ steps.acceptance-linux.outputs.conclusion }}"
-          echo "Acceptance Test (Mac) Status: ${{ steps.acceptance-mac.outputs.conclusion }}"
+#          echo "Acceptance Test (Mac) Status: ${{ steps.acceptance-mac.outputs.conclusion }}"
-          echo "Inline Compare Status: ${{ steps.inline-compare.outputs.conclusion }}"
+#          echo "Inline Compare Status: ${{ steps.inline-compare.outputs.conclusion }}"
-          false
+#          false
  release:
-    needs: [wait-for-checks]
+#    needs: [wait-for-checks]
    runs-on: macos-latest # Due to our code signing process, it's vital that we run our release steps on macOS.
    steps:
      - uses: docker-practice/actions-setup-docker@master
      - run: |
          set -x
          docker version
          docker run --rm hello-world
      - uses: actions/setup-go@v2
        with:
          go-version: ${{ env.GO_VERSION }}
@ -104,6 +112,10 @@ jobs:
            ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}-
            ${{ runner.os }}-go-${{ env.GO_VERSION }}-
      - name: Bootstrap project dependencies
        if: steps.bootstrap-cache.outputs.cache-hit != 'true'
        run: make bootstrap
      - name: Import GPG key
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v2
@ -118,30 +130,30 @@ jobs:
          echo "name:        ${{ steps.import_gpg.outputs.name }}"
          echo "email:       ${{ steps.import_gpg.outputs.email }}"
-      - name: Build & publish release artifacts
+#      - name: Build & publish release artifacts
-        run: make release
+#        run: make release
-        env:
+#        env:
-          GITHUB_TOKEN: ${{ secrets.ANCHORE_GIT_READ_TOKEN }}
+#          GITHUB_TOKEN: ${{ secrets.ANCHORE_GIT_READ_TOKEN }}
-          GPG_PRIVATE_KEY: ${{ secrets.SIGNING_GPG_PRIVATE_KEY }}
+#          GPG_PRIVATE_KEY: ${{ secrets.SIGNING_GPG_PRIVATE_KEY }}
-          PASSPHRASE: ${{ secrets.SIGNING_GPG_PASSPHRASE }}
+#          PASSPHRASE: ${{ secrets.SIGNING_GPG_PASSPHRASE }}
-          SIGNING_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
+#          SIGNING_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
-          AWS_ACCESS_KEY_ID: ${{ secrets.TOOLBOX_AWS_ACCESS_KEY_ID }}
+#          AWS_ACCESS_KEY_ID: ${{ secrets.TOOLBOX_AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.TOOLBOX_AWS_SECRET_ACCESS_KEY }}
+#          AWS_SECRET_ACCESS_KEY: ${{ secrets.TOOLBOX_AWS_SECRET_ACCESS_KEY }}
-          APPLE_DEVELOPER_ID_CERT: ${{ secrets.APPLE_DEVELOPER_ID_CERT }} # Used during macOS code signing.
+#          APPLE_DEVELOPER_ID_CERT: ${{ secrets.APPLE_DEVELOPER_ID_CERT }} # Used during macOS code signing.
-          APPLE_DEVELOPER_ID_CERT_PASS: ${{ secrets.APPLE_DEVELOPER_ID_CERT_PASS }} # Used during macOS code signing.
+#          APPLE_DEVELOPER_ID_CERT_PASS: ${{ secrets.APPLE_DEVELOPER_ID_CERT_PASS }} # Used during macOS code signing.
-          AC_USERNAME: ${{ secrets.ENG_CI_APPLE_ID }} # Used during macOS notarization.
+#          AC_USERNAME: ${{ secrets.ENG_CI_APPLE_ID }} # Used during macOS notarization.
-          AC_PASSWORD: ${{ secrets.ENG_CI_APPLE_ID_PASS }} # Used during macOS notarization.
+#          AC_PASSWORD: ${{ secrets.ENG_CI_APPLE_ID_PASS }} # Used during macOS notarization.
-      - uses: 8398a7/action-slack@v3
+#      - uses: 8398a7/action-slack@v3
-        with:
+#        with:
-          status: ${{ job.status }}
+#          status: ${{ job.status }}
-          fields: repo,workflow,action,eventName
+#          fields: repo,workflow,action,eventName
-          text: "A new Syft release is ready to be manually published: https://github.com/anchore/syft/releases"
+#          text: "A new Syft release is ready to be manually published: https://github.com/anchore/syft/releases"
-        env:
+#        env:
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_TOOLBOX_WEBHOOK_URL }}
+#          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_TOOLBOX_WEBHOOK_URL }}
-        if: ${{ success() }}
+#        if: ${{ success() }}
-
+#
-      - uses: actions/upload-artifact@v2
+#      - uses: actions/upload-artifact@v2
-        with:
+#        with:
-          name: artifacts
+#          name: artifacts
-          path: dist/**/*
+#          path: dist/**/*