Skip to content

Workflow file for this run

name: Build TF Provider
on: [push]
jobs:
static-build:
runs-on: ubuntu-latest
container:
image: golang:1.21.3-bullseye
steps:
- uses: actions/checkout@v4
- name: Install GCC
run: |
apt update && apt install -y gcc-x86-64-linux-gnu && git config --global --add safe.directory '*'
- run: go env
- name: go mod download
run: go mod download
- name: Build
run: |
CC=x86_64-linux-gnu-gcc \
GOARCH=amd64 \
CGO_ENABLED=1 \
GOEXPERIMENT=boringcrypto \
go build -v -o /go/bin/app .
- name: LDD check
run: |
ldd /go/bin/app
- name: Verify Boringcrypto
run: |
go run rsc.io/goversion@master -crypto /go/bin/app | grep -q '(boring crypto)'
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: 1.21.3
- name: Install C toolchain
run: |
sudo apt-get update
sudo apt install -y gcc-x86-64-linux-gnu
mkdir bin
- name: Cache Binaries
uses: actions/cache@v2
env:
cache-name: cache-binaries
with:
path: bin
key: ${{ github.sha }}
restore-keys: ${{ github.sha }}
- name: Build Linux binary with Boringcrypto
run: |
CC=x86_64-linux-gnu-gcc CGO_ENABLED=1 GOARCH=amd64 GOOS=linux GOEXPERIMENT=boringcrypto \
go build \
-ldflags "-linkmode external -extldflags -static"
-o bin/terraform-provider-google.linux.amd64 .
- name: Verify statically linked
run: |
ldd bin/terraform-provider-google.linux.amd64
- name: Verify Boringcrypto
run: |
go run rsc.io/goversion@master -crypto bin/terraform-provider-google.linux.amd64 | grep -q '(boring crypto)'
# boringcrypto isn't available for darwin, so we can also disable CGO.
- name: Build Darwin binary without Boringcrypto
run: |
CGO_ENABLED=0 GOARCH=arm64 GOOS=darwin \
go build -o bin/terraform-provider-google.darwin.arm64 .
release:
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/snyk-v1'
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Cache Binaries
uses: actions/cache@v2
env:
cache-name: cache-binaries
with:
path: bin
key: ${{ github.sha }}
restore-keys: ${{ github.sha }}
- name: Create Release
uses: ncipollo/release-action@v1
with:
tag: v0.0.0-${{ github.sha }}
commit: ${{ github.sha }}
artifacts: bin/terraform-provider-google.*.*
makeLatest: true