Chore(deps): Bump actions/checkout from 5 to 6 #2030
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| release: | |
| types: | |
| - published | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - .github/workflows/ci.yml | |
| - cmd/** | |
| - internal/** | |
| - pkg/** | |
| - .dockerignore | |
| - .golangci.yml | |
| - Dockerfile | |
| - go.mod | |
| - go.sum | |
| pull_request: | |
| paths: | |
| - .github/workflows/ci.yml | |
| - cmd/** | |
| - internal/** | |
| - pkg/** | |
| - .dockerignore | |
| - .golangci.yml | |
| - Dockerfile | |
| - go.mod | |
| - go.sum | |
| jobs: | |
| verify: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| env: | |
| DOCKER_BUILDKIT: "1" | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: reviewdog/action-misspell@v1 | |
| with: | |
| locale: "US" | |
| level: error | |
| exclude: | | |
| ./internal/storage/servers.json | |
| *.md | |
| - name: Linting | |
| run: docker build --target lint . | |
| - name: Mocks check | |
| run: docker build --target mocks . | |
| - name: Build test image | |
| run: docker build --target test -t test-container . | |
| - name: Run tests in test container | |
| run: | | |
| touch coverage.txt | |
| docker run --rm --device /dev/net/tun \ | |
| -v "$(pwd)/coverage.txt:/tmp/gobuild/coverage.txt" \ | |
| test-container | |
| - name: Build final image | |
| run: docker build -t final-image . | |
| verify-private: | |
| if: | | |
| github.repository == 'qdm12/gluetun' && | |
| ( | |
| github.event_name == 'push' || | |
| github.event_name == 'release' || | |
| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') | |
| ) | |
| needs: [verify] | |
| runs-on: ubuntu-latest | |
| environment: secrets | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - run: docker build -t qmcgaw/gluetun . | |
| - name: Setup Go for CI utility | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: ci/go.mod | |
| - name: Build utility | |
| run: go build -C ./ci -o runner ./cmd/main.go | |
| - name: Run Gluetun container with Mullvad configuration | |
| run: echo -e "${{ secrets.MULLVAD_WIREGUARD_PRIVATE_KEY }}\n${{ secrets.MULLVAD_WIREGUARD_ADDRESS }}" | ./ci/runner mullvad | |
| - name: Run Gluetun container with ProtonVPN configuration | |
| run: echo -e "${{ secrets.PROTONVPN_WIREGUARD_PRIVATE_KEY }}" | ./ci/runner protonvpn | |
| codeql: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - uses: github/codeql-action/init@v4 | |
| with: | |
| languages: go | |
| - uses: github/codeql-action/autobuild@v4 | |
| - uses: github/codeql-action/analyze@v4 | |
| publish: | |
| if: | | |
| github.repository == 'qdm12/gluetun' && | |
| ( | |
| github.event_name == 'push' || | |
| github.event_name == 'release' || | |
| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') | |
| ) | |
| needs: [verify, verify-private, codeql] | |
| permissions: | |
| actions: read | |
| contents: read | |
| packages: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| # extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| flavor: | | |
| latest=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| images: | | |
| ghcr.io/qdm12/gluetun | |
| qmcgaw/gluetun | |
| qmcgaw/private-internet-access | |
| tags: | | |
| type=ref,event=pr | |
| type=semver,pattern=v{{major}}.{{minor}}.{{patch}} | |
| type=semver,pattern=v{{major}}.{{minor}} | |
| type=semver,pattern=v{{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }} | |
| type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: qmcgaw | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: qdm12 | |
| password: ${{ github.token }} | |
| - name: Short commit | |
| id: shortcommit | |
| run: echo "::set-output name=value::$(git rev-parse --short HEAD)" | |
| - name: Build and push final image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7,linux/ppc64le | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| CREATED=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} | |
| COMMIT=${{ steps.shortcommit.outputs.value }} | |
| VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| push: true |