Update fossa-scan.yaml #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Copyright (c) HashiCorp, Inc. | |
| ## SPDX-License-Identifier: MPL-2.0 | |
| # | |
| #name: build | |
| # | |
| #on: | |
| # push: | |
| # # Sequence of patterns matched against refs/heads | |
| # branches: | |
| # # Push events on the main branch | |
| # - main | |
| # - release/** | |
| # | |
| #env: | |
| # PKG_NAME: consul | |
| # # TODO(spatel): CE refactor | |
| # METADATA: oss | |
| # GOPRIVATE: github.com/hashicorp # Required for enterprise deps | |
| # | |
| #jobs: | |
| # get-go-version: | |
| # uses: ./.github/workflows/reusable-get-go-version.yml | |
| # | |
| # set-product-version: | |
| # runs-on: ubuntu-latest | |
| # outputs: | |
| # product-version: ${{ steps.set-product-version.outputs.product-version }} | |
| # base-product-version: ${{ steps.set-product-version.outputs.base-product-version }} | |
| # product-date: ${{ steps.get-product-version.outputs.product-date }} | |
| # pre-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} | |
| # shared-ldflags: ${{ steps.shared-ldflags.outputs.shared-ldflags }} | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # # action-set-product-version implicitly sets fields like 'product-version' using version/VERSION | |
| # # https://github.com/hashicorp/actions-set-product-version | |
| # - name: set product version | |
| # id: set-product-version | |
| # uses: hashicorp/actions-set-product-version@v2 | |
| # - name: get product version | |
| # id: get-product-version | |
| # run: | | |
| # CONSUL_DATE=$(build-support/scripts/build-date.sh) | |
| # echo "product-date=${CONSUL_DATE}" >> "$GITHUB_OUTPUT" | |
| # | |
| # - name: Set shared -ldflags | |
| # id: shared-ldflags | |
| # run: | | |
| # T="github.com/hashicorp/consul/version" | |
| # echo "shared-ldflags=-X ${T}.GitCommit=${GITHUB_SHA::8} \ | |
| # -X ${T}.GitDescribe=${{ steps.set-product-version.outputs.product-version }} \ | |
| # -X ${T}.BuildDate=${{ steps.get-product-version.outputs.product-date }} \ | |
| # " >> "$GITHUB_OUTPUT" | |
| # validate-outputs: | |
| # needs: set-product-version | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Validate Outputs | |
| # run: | | |
| # echo "Product Version: ${{ needs.set-product-version.outputs.product-version }}" | |
| # echo "Base Product Version: ${{ needs.set-product-version.outputs.base-product-version }}" | |
| # echo "Product Metadata: ${{ env.METADATA }}" | |
| # echo "Product Date: ${{ needs.set-product-version.outputs.product-date }}" | |
| # echo "Prerelease Version: ${{ needs.set-product-version.outputs.pre-version }}" | |
| # echo "Ldflags: ${{ needs.set-product-version.outputs.shared-ldflags }}" | |
| # | |
| # generate-metadata-file: | |
| # needs: set-product-version | |
| # runs-on: ubuntu-latest | |
| # outputs: | |
| # filepath: ${{ steps.generate-metadata-file.outputs.filepath }} | |
| # steps: | |
| # - name: 'Checkout directory' | |
| # uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # - name: Generate metadata file | |
| # id: generate-metadata-file | |
| # uses: hashicorp/actions-generate-metadata@v1 | |
| # with: | |
| # version: ${{ needs.set-product-version.outputs.product-version }} | |
| # product: ${{ env.PKG_NAME }} | |
| # | |
| # - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| # with: | |
| # name: metadata.json | |
| # path: ${{ steps.generate-metadata-file.outputs.filepath }} | |
| # | |
| # build: | |
| # needs: | |
| # - set-product-version | |
| # - get-go-version | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - {goos: "linux", goarch: "386"} | |
| # - {goos: "linux", goarch: "amd64"} | |
| # - {goos: "linux", goarch: "arm"} | |
| # - {goos: "linux", goarch: "arm64"} | |
| # - {goos: "darwin", goarch: "amd64"} | |
| # - {goos: "darwin", goarch: "arm64"} | |
| # - {goos: "freebsd", goarch: "386"} | |
| # - {goos: "freebsd", goarch: "amd64"} | |
| # - {goos: "windows", goarch: "386"} | |
| # - {goos: "windows", goarch: "amd64"} | |
| # - {goos: "solaris", goarch: "amd64"} | |
| # fail-fast: true | |
| # | |
| # name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # - name: Setup with node and yarn | |
| # uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| # with: | |
| # node-version: '18' | |
| # cache: 'yarn' | |
| # cache-dependency-path: 'ui/yarn.lock' | |
| # | |
| # - name: Build UI | |
| # run: | | |
| # CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} | |
| # CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }} | |
| # CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} | |
| # CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) | |
| # echo "consul_version is ${CONSUL_VERSION}" | |
| # echo "consul_date is ${CONSUL_DATE}" | |
| # echo "consul binary type is ${CONSUL_BINARY_TYPE}" | |
| # echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}" | |
| # cd ui && make && cd .. | |
| # rm -rf agent/uiserver/dist | |
| # mv ui/packages/consul-ui/dist agent/uiserver/ | |
| # - name: Go Build | |
| # env: | |
| # PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} | |
| # PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} | |
| # CGO_ENABLED: "0" | |
| # GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" | |
| # uses: hashicorp/actions-go-build@make-clean-flag-optional | |
| # with: | |
| # product_name: ${{ env.PKG_NAME }} | |
| # product_version: ${{ needs.set-product-version.outputs.product-version }} | |
| # go_version: ${{ needs.get-go-version.outputs.go-version }} | |
| # os: ${{ matrix.goos }} | |
| # arch: ${{ matrix.goarch }} | |
| # reproducible: nope | |
| # clean: false | |
| # instructions: |- | |
| # cp LICENSE $TARGET_DIR/LICENSE.txt | |
| # go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false | |
| # | |
| # - name: Copy license file | |
| # if: ${{ !endsWith(github.repository, '-enterprise') }} | |
| # env: | |
| # LICENSE_DIR: ".release/linux/package/usr/share/doc/${{ env.PKG_NAME }}" | |
| # run: | | |
| # mkdir -p "$LICENSE_DIR" | |
| # cp LICENSE "$LICENSE_DIR/LICENSE.txt" | |
| # | |
| # - name: Package | |
| # if: ${{ matrix.goos == 'linux' }} | |
| # uses: hashicorp/actions-packaging-linux@v1 | |
| # with: | |
| # name: ${{ github.event.repository.name }} | |
| # description: "Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. " | |
| # arch: ${{ matrix.goarch }} | |
| # version: ${{ needs.set-product-version.outputs.product-version }} | |
| # maintainer: "HashiCorp" | |
| # homepage: "https://github.com/hashicorp/consul" | |
| # license: "BSL-1.1" | |
| # binary: "dist/${{ env.PKG_NAME }}" | |
| # deb_depends: "openssl" | |
| # rpm_depends: "openssl" | |
| # config_dir: ".release/linux/package" | |
| # preinstall: ".release/linux/preinstall" | |
| # postinstall: ".release/linux/postinstall" | |
| # preremove: ".release/linux/preremove" | |
| # postremove: ".release/linux/postremove" | |
| # | |
| # - name: Set Package Names | |
| # if: ${{ matrix.goos == 'linux' }} | |
| # run: | | |
| # echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV | |
| # echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV | |
| # | |
| # - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| # if: ${{ matrix.goos == 'linux' }} | |
| # with: | |
| # name: ${{ env.RPM_PACKAGE }} | |
| # path: out/${{ env.RPM_PACKAGE }} | |
| # | |
| # - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| # if: ${{ matrix.goos == 'linux' }} | |
| # with: | |
| # name: ${{ env.DEB_PACKAGE }} | |
| # path: out/${{ env.DEB_PACKAGE }} | |
| # | |
| # build-s390x: | |
| # needs: | |
| # - set-product-version | |
| # - get-go-version | |
| # if: ${{ endsWith(github.repository, '-enterprise') }} | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - {goos: "linux", goarch: "s390x"} | |
| # fail-fast: true | |
| # | |
| # name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # - name: Setup with node and yarn | |
| # uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| # with: | |
| # node-version: '18' | |
| # cache: 'yarn' | |
| # cache-dependency-path: 'ui/yarn.lock' | |
| # | |
| # - name: Build UI | |
| # run: | | |
| # CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} | |
| # CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }} | |
| # CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} | |
| # CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) | |
| # echo "consul_version is ${CONSUL_VERSION}" | |
| # echo "consul_date is ${CONSUL_DATE}" | |
| # echo "consul binary type is ${CONSUL_BINARY_TYPE}" | |
| # echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}" | |
| # cd ui && make && cd .. | |
| # rm -rf agent/uiserver/dist | |
| # mv ui/packages/consul-ui/dist agent/uiserver/ | |
| # - name: Go Build | |
| # env: | |
| # PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} | |
| # PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} | |
| # CGO_ENABLED: "0" | |
| # GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" | |
| # uses: hashicorp/actions-go-build@make-clean-flag-optional | |
| # with: | |
| # product_name: ${{ env.PKG_NAME }} | |
| # product_version: ${{ needs.set-product-version.outputs.product-version }} | |
| # go_version: ${{ needs.get-go-version.outputs.go-version }} | |
| # os: ${{ matrix.goos }} | |
| # arch: ${{ matrix.goarch }} | |
| # reproducible: nope | |
| # clean: false | |
| # instructions: |- | |
| # cp LICENSE $TARGET_DIR/LICENSE.txt | |
| # go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false | |
| # | |
| # build-docker: | |
| # name: Docker ${{ matrix.arch }} build | |
| # needs: | |
| # - set-product-version | |
| # - build | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - { arch: "386" } | |
| # - { arch: "arm" } | |
| # - { arch: "amd64" } | |
| # - { arch: "arm64" } | |
| # env: | |
| # repo: ${{github.event.repository.name}} | |
| # version: ${{needs.set-product-version.outputs.product-version}} | |
| # | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix | |
| # # This naming convention will be used ONLY for per-commit dev images | |
| # - name: Set docker dev tag | |
| # run: | | |
| # echo "full_dev_tag=${{ env.version }}" | |
| # echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV | |
| # echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" | |
| # echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV | |
| # | |
| # - name: Docker Build (Action) | |
| # uses: hashicorp/actions-docker-build@v2 | |
| # with: | |
| # version: ${{env.version}} | |
| # target: default | |
| # arch: ${{matrix.arch}} | |
| # tags: | | |
| # docker.io/hashicorp/${{env.repo}}:${{env.version}} | |
| # public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}} | |
| # dev_tags: | | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }} | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-${{ github.sha }} | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }} | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-${{ github.sha }} | |
| # smoke_test: .github/scripts/verify_docker.sh v${{ env.version }} | |
| # | |
| # build-docker-ubi-dockerhub: | |
| # name: Docker Build UBI Images | |
| # needs: | |
| # - set-product-version | |
| # - build | |
| # runs-on: ubuntu-latest | |
| # env: | |
| # repo: ${{github.event.repository.name}} | |
| # version: ${{needs.set-product-version.outputs.product-version}} | |
| # | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix | |
| # # This naming convention will be used ONLY for per-commit dev images | |
| # - name: Set docker dev tag | |
| # run: | | |
| # echo "full_dev_tag=${{ env.version }}" | |
| # echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV | |
| # echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" | |
| # echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV | |
| # | |
| # - uses: hashicorp/actions-docker-build@v2 | |
| # with: | |
| # version: ${{env.version}} | |
| # target: ubi | |
| # arch: amd64 | |
| # tags: | | |
| # docker.io/hashicorp/${{env.repo}}:${{env.version}}-ubi | |
| # public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}}-ubi | |
| # dev_tags: | | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi-${{ github.sha }} | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi | |
| # docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi-${{ github.sha }} | |
| # smoke_test: .github/scripts/verify_docker.sh v${{ env.version }} | |
| # redhat_tag: quay.io/redhat-isv-containers/60f9fdbec3a80eac643abedf:${{env.version}}-ubi | |
| # | |
| # verify-linux: | |
| # needs: | |
| # - set-product-version | |
| # - build | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - { arch: "386" } | |
| # - { arch: "arm" } | |
| # - { arch: "amd64" } | |
| # - { arch: "arm64" } | |
| # fail-fast: true | |
| # env: | |
| # version: ${{ needs.set-product-version.outputs.product-version }} | |
| # zip_name: consul_${{ needs.set-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip | |
| # | |
| # name: Verify ${{ matrix.arch }} linux binary | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} | |
| # | |
| # - name: Download ${{ matrix.arch }} zip | |
| # if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} | |
| # uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| # with: | |
| # name: ${{ env.zip_name }} | |
| # | |
| # - name: Set up QEMU | |
| # uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
| # if: ${{ matrix.arch == 'arm' || matrix.arch == 'arm64' }} | |
| # with: | |
| # # this should be a comma-separated string as opposed to an array | |
| # platforms: arm,arm64 | |
| # | |
| # - name: Run verification for ${{ matrix.arch }} binary | |
| # if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} | |
| # run: .github/scripts/verify_artifact.sh ${{ env.zip_name }} v${{ env.version }} | |
| # | |
| # verify-linux-packages-deb: | |
| # needs: | |
| # - build | |
| # - set-product-version | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - { arch: "i386" } | |
| # - { arch: "armhf" } | |
| # - { arch: "amd64" } | |
| # - { arch: "arm64" } | |
| # # fail-fast: true | |
| # env: | |
| # version: ${{ needs.set-product-version.outputs.product-version }} | |
| # | |
| # name: Verify ${{ matrix.arch }} debian package | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # - name: Set package version | |
| # run: | | |
| # echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV | |
| # | |
| # - name: Set package name | |
| # run: | | |
| # echo "pkg_name=consul_${{ env.pkg_version }}-1_${{ matrix.arch }}.deb" >> $GITHUB_ENV | |
| # | |
| # - name: Download workflow artifacts | |
| # uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| # with: | |
| # name: ${{ env.pkg_name }} | |
| # | |
| # - name: Set up QEMU | |
| # uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
| # with: | |
| # platforms: all | |
| # | |
| # - name: Verify ${{ matrix.arch }} debian package | |
| # run: ./.github/scripts/verify_artifact.sh ${{ env.pkg_name }} v${{ env.version }} | |
| # | |
| # verify-linux-packages-rpm: | |
| # needs: | |
| # - build | |
| # - set-product-version | |
| # runs-on: ubuntu-latest | |
| # strategy: | |
| # matrix: | |
| # include: | |
| # - { arch: "i386" } | |
| # - { arch: "x86_64" } | |
| # # TODO(eculver): re-enable when there is a smaller verification container available | |
| # # - { arch: "armv7hl" } | |
| # # - { arch: "aarch64" } | |
| # env: | |
| # version: ${{ needs.set-product-version.outputs.product-version }} | |
| # | |
| # name: Verify ${{ matrix.arch }} rpm | |
| # steps: | |
| # - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| # | |
| # - name: Set package version | |
| # run: | | |
| # echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV | |
| # | |
| # - name: Set package name | |
| # run: | | |
| # echo "pkg_name=consul-${{ env.pkg_version }}-1.${{ matrix.arch }}.rpm" >> $GITHUB_ENV | |
| # | |
| # - name: Download workflow artifacts | |
| # uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| # with: | |
| # name: ${{ env.pkg_name }} | |
| # | |
| # - name: Set up QEMU | |
| # uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
| # with: | |
| # platforms: all | |
| # | |
| # - name: Verify ${{ matrix.arch }} rpm | |
| # run: ./.github/scripts/verify_artifact.sh ${{ env.pkg_name }} v${{ env.version }} |