github workflows: pin go version to 1.17 (#10471)

* github workflows: pin go version to 1.17 * Update go.yml * Revert "Update go.yml" This reverts commit 4a2d36d05d8bf45debd24162952c30d830d09572. * pin golangci-lint * try go 1.17 * Revert "Revert "Update go.yml"" This reverts commit 8a89663874013e84c9f39ff30c7b45978ec8fdf5. * move and increase version of checkout * attempt to ignore export path * try with entrypoint only * try some rearranging of stuff * Split up jobs * Use hack mentioned in https://github.com/securego/gosec/issues/469\#issuecomment-643823092 * Delete dappnode release trigger * rm id * try pin golangci-lint version * try pin golangci-lint version * Do not provide a specific go version and lets see what happens * comment checkout, wtf is wrong with github actions * it works locally... * trying with some cache key for lint... * Revert "trying with some cache key for lint..." This reverts commit c4f5ae4495e8f568ba78e8004b8fb86d5137bf66. * try tellign it to skip go installation * revert commented line, do something to satisify deepsource * do something to satisify deepsource
2024-12-22 03:30:35 +00:00 · 2022-03-31 17:16:14 -05:00 · 2022-03-31 17:16:14 -05:00 · 3e2a037d42
commit 3e2a037d42
parent 177f9ccab0
3 changed files with 38 additions and 52 deletions
--- a/.github/actions/gomodtidy/entrypoint.sh
+++ b/.github/actions/gomodtidy/entrypoint.sh
@ -1,8 +1,8 @@
 #!/bin/sh -l
 set -e
-export PATH=$PATH:/usr/local/go/bin
+export PATH="$PATH:/usr/local/go/bin"

-cd $GITHUB_WORKSPACE
+cd "$GITHUB_WORKSPACE"

 cp go.mod go.mod.orig
 cp go.sum go.sum.orig
--- a/.github/workflows/dappnode-release-trigger.yml
+++ b/.github/workflows/dappnode-release-trigger.yml
@ -1,41 +0,0 @@
-name: Update DAppNodePackages
-
-on:
-  push:
-    tags:
-    - '*'
-
-jobs:
-  dappnode-update-beacon-chain:
-    name: Trigger a beacon-chain release
-    runs-on: ubuntu-latest
-    steps:
-    - name: Get latest tag
-      id: get_tag
-      run: echo ::set-output name=TAG::${GITHUB_REF/refs\/tags\//}
-    - name: Send dispatch event to DAppNodePackage-prysm-beacon-chain
-      env: 
-        DISPATCH_REPO: dappnode/DAppNodePackage-prysm-beacon-chain
-      run: |
-        curl -v -X POST -u "${{ secrets.PAT_GITHUB }}" \
-        -H "Accept: application/vnd.github.everest-preview+json" \
-        -H "Content-Type: application/json" \
-        --data '{"event_type":"new_release", "client_payload": { "tag":"${{ steps.get_tag.outputs.TAG }}"}}' \
-        https://api.github.com/repos/$DISPATCH_REPO/dispatches
-        
-  dappnode-update-validator:
-    name: Trigger a validator release
-    runs-on: ubuntu-latest
-    steps:
-    - name: Get latest tag
-      id: get_tag
-      run: echo ::set-output name=TAG::${GITHUB_REF/refs\/tags\//}
-    - name: Send dispatch event to DAppNodePackage validator repository
-      env: 
-        DISPATCH_REPO: dappnode/DAppNodePackage-prysm-validator
-      run: |
-        curl -v -X POST -u "${{ secrets.PAT_GITHUB }}" \
-        -H "Accept: application/vnd.github.everest-preview+json" \
-        -H "Content-Type: application/json" \
-        --data '{"event_type":"new_release", "client_payload": { "tag":"${{ steps.get_tag.outputs.TAG }}"}}' \
-        https://api.github.com/repos/$DISPATCH_REPO/dispatches
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@ -7,13 +7,12 @@ on:
    branches: [ '*' ]

 jobs:
-
-  check:
-    name: Check
+  formatting:
+    name: Formatting
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2

      - name: Go mod tidy checker
        id: gomodtidy
@ -31,15 +30,43 @@ jobs:
        with:
          goimports-path: ./

-      - name: Gosec security scanner
-        uses: securego/gosec@master
+  gosec:
+    name: Gosec scan
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Go 1.17
+        uses: actions/setup-go@v3
        with:
-          args: '-exclude=G307 -exclude-dir=crypto/bls/herumi ./...'
+          go-version: 1.17
+      - name: Run Gosec Security Scanner
+        run: | # https://github.com/securego/gosec/issues/469
+          export PATH=$PATH:$(go env GOPATH)/bin
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          gosec -exclude=G307 -exclude-dir=crypto/bls/herumi ./...
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Go 1.17
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+          id: go

      - name: Golangci-lint
        uses: golangci/golangci-lint-action@v2
        with:
-          args: --print-issued-lines --sort-results --no-config --timeout=10m --disable-all -E deadcode  -E errcheck -E gosimple --skip-files=validator/web/site_data.go --skip-dirs=proto
+          args: --print-issued-lines --sort-results --no-config --timeout=10m --disable-all -E deadcode  -E errcheck -E gosimple --skip-files=validator/web/site_data.go --skip-dirs=proto --go=1.17
+          version: v1.45.2
+          skip-go-installation: true

  build:
    name: Build
@ -48,7 +75,7 @@ jobs:
      - name: Set up Go 1.x
        uses: actions/setup-go@v2
        with:
-          go-version: ^1.14
+          go-version: 1.17
        id: go

      - name: Check out code into the Go module directory