mirror of
https://github.com/anchore/syft.git
synced 2025-11-17 16:33:21 +01:00
6e0cc6fe04
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](0c907a75c2...d4323d4df1)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
224 lines
7.0 KiB
YAML
224 lines
7.0 KiB
YAML
name: "Validations"
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
|
|
Static-Analysis:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Static analysis"
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
|
|
- name: Run static analysis
|
|
run: make static-analysis
|
|
|
|
|
|
Unit-Test:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Unit tests"
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
download-test-fixture-cache: true
|
|
|
|
- name: Run unit tests
|
|
run: make unit
|
|
|
|
|
|
Integration-Test:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Integration tests"
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
download-test-fixture-cache: true
|
|
|
|
- name: Validate syft output against the CycloneDX schema
|
|
run: make validate-cyclonedx-schema
|
|
|
|
- name: Run integration tests
|
|
run: make integration
|
|
|
|
|
|
Build-Snapshot-Artifacts:
|
|
name: "Build snapshot artifacts"
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
bootstrap-apt-packages: ""
|
|
|
|
- name: Build snapshot artifacts
|
|
run: make snapshot
|
|
|
|
# why not use actions/upload-artifact? It is very slow (3 minutes to upload ~600MB of data, vs 10 seconds with this approach).
|
|
# see https://github.com/actions/upload-artifact/issues/199 for more info
|
|
- name: Upload snapshot artifacts
|
|
uses: actions/cache/save@d4323d4df104b026a6aa633fdb11d772146be0bf #v4.2.2
|
|
with:
|
|
# we need to preserve the snapshot data itself as well as the task data that confirms if the
|
|
# snapshot build is stale or not. Otherwise the downstream jobs will attempt to rebuild the snapshot
|
|
# even though it already exists.
|
|
path: |
|
|
snapshot
|
|
.task
|
|
key: snapshot-build-${{ github.run_id }}
|
|
|
|
|
|
Acceptance-Linux:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Acceptance tests (Linux)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
download-test-fixture-cache: true
|
|
|
|
- name: Download snapshot build
|
|
id: snapshot-cache
|
|
uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf #v4.2.2
|
|
with:
|
|
path: |
|
|
snapshot
|
|
.task
|
|
fail-on-cache-miss: true
|
|
key: snapshot-build-${{ github.run_id }}
|
|
|
|
# workaround for https://github.com/actions/cache/issues/1265
|
|
- name: (cache-miss) Snapshot build missing
|
|
if: steps.snapshot-cache.outputs.cache-hit != 'true'
|
|
run: echo "unable to download snapshots from previous job" && false
|
|
|
|
- name: Run comparison tests (Linux)
|
|
run: make compare-linux
|
|
|
|
- name: Load test image cache
|
|
if: steps.install-test-image-cache.outputs.cache-hit == 'true'
|
|
run: make install-test-cache-load
|
|
|
|
- name: Run install.sh tests (Linux)
|
|
run: make install-test
|
|
|
|
- name: (cache-miss) Create test image cache
|
|
if: steps.install-test-image-cache.outputs.cache-hit != 'true'
|
|
run: make install-test-cache-save
|
|
|
|
|
|
Acceptance-Mac:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Acceptance tests (Mac)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: macos-latest
|
|
steps:
|
|
- name: Install Cosign
|
|
uses: sigstore/cosign-installer@v3.8.1
|
|
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
bootstrap-apt-packages: ""
|
|
go-dependencies: false
|
|
download-test-fixture-cache: true
|
|
|
|
- name: Download snapshot build
|
|
id: snapshot-cache
|
|
uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf #v4.2.2
|
|
with:
|
|
path: |
|
|
snapshot
|
|
.task
|
|
fail-on-cache-miss: true
|
|
key: snapshot-build-${{ github.run_id }}
|
|
|
|
# workaround for https://github.com/actions/cache/issues/1265
|
|
- name: (cache-miss) Snapshot build missing
|
|
if: steps.snapshot-cache.outputs.cache-hit != 'true'
|
|
run: echo "unable to download snapshots from previous job" && false
|
|
|
|
- name: Run comparison tests (Mac)
|
|
run: make compare-mac
|
|
|
|
- name: Run install.sh tests (Mac)
|
|
run: make install-test-ci-mac
|
|
|
|
|
|
Cli-Linux:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "CLI tests (Linux)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Bootstrap environment
|
|
uses: ./.github/actions/bootstrap
|
|
with:
|
|
download-test-fixture-cache: true
|
|
|
|
- name: Download snapshot build
|
|
id: snapshot-cache
|
|
uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf #v4.2.2
|
|
with:
|
|
path: |
|
|
snapshot
|
|
.task
|
|
fail-on-cache-miss: true
|
|
key: snapshot-build-${{ github.run_id }}
|
|
|
|
# workaround for https://github.com/actions/cache/issues/1265
|
|
- name: (cache-miss) Snapshot build missing
|
|
if: steps.snapshot-cache.outputs.cache-hit != 'true'
|
|
run: echo "unable to download snapshots from previous job" && false
|
|
|
|
- name: Run CLI Tests (Linux)
|
|
run: make cli
|
|
|
|
|
|
Cleanup-Cache:
|
|
name: "Cleanup snapshot cache"
|
|
if: github.event.pull_request.head.repo.full_name == github.repository
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
actions: write
|
|
needs:
|
|
- Acceptance-Linux
|
|
- Acceptance-Mac
|
|
- Cli-Linux
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
|
|
|
|
- name: Delete snapshot cache
|
|
run: gh cache delete "snapshot-build-${{ github.run_id }}"
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|