chore(deps): bump the go-non-major group across 1 directory with 8 updates #190

Workflow file for this run

	name: ci

	on:
	pull_request:

	env:
	SOPS_VER: v3.8.1

	jobs:
	make-lint-go:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-go@v5
	with:
	go-version-file: './go.mod'
	- run: make lint-go
	make-build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-go@v5
	with:
	go-version-file: './go.mod'
	- run: make build
	make-lint-shell:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- run: make lint-shell
	make-lint-markdown:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v4
	with:
	node-version: 18
	- run: npm install -g markdownlint-cli
	- run: make lint-markdown
	pulumi-preview:
	permissions:
	id-token: write
	contents: read
	strategy:
	matrix:
	stack-name: [dev, stg, prod]
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-go@v5
	with:
	go-version: 'stable'
	- run: go mod download
	- name: Install Cosign
	uses: sigstore/cosign-installer@v3
	- name: Install Apache SOPS + Verify binary
	run: \|
	curl -LO https://github.com/getsops/sops/releases/download/${{ env.SOPS_VER }}/sops-${{ env.SOPS_VER }}.linux.amd64
	curl -LO https://github.com/getsops/sops/releases/download/${{ env.SOPS_VER }}/sops-${{ env.SOPS_VER }}.checksums.txt
	curl -LO https://github.com/getsops/sops/releases/download/${{ env.SOPS_VER }}/sops-${{ env.SOPS_VER }}.checksums.pem
	curl -LO https://github.com/getsops/sops/releases/download/${{ env.SOPS_VER }}/sops-${{ env.SOPS_VER }}.checksums.sig
	cosign verify-blob sops-${{ env.SOPS_VER }}.checksums.txt \
	--certificate sops-${{ env.SOPS_VER }}.checksums.pem \
	--signature sops-${{ env.SOPS_VER }}.checksums.sig \
	--certificate-identity-regexp=https://github.com/getsops \
	--certificate-oidc-issuer=https://token.actions.githubusercontent.com
	sha256sum -c sops-${{ env.SOPS_VER }}.checksums.txt --ignore-missing
	mv sops-${{ env.SOPS_VER }}.linux.amd64 /usr/local/bin/sops
	chmod +x /usr/local/bin/sops
	- uses: azure/login@v2
	with:
	client-id: ${{ secrets.AZURE_CLIENT_ID }}
	tenant-id: ${{ secrets.AZURE_TENANT_ID }}
	subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	# only prod TLS termination requires git sourced pfx certificate (non-acme)
	- name: make decrypt
	if: matrix.stack-name == 'prod'
	run: \|
	make decrypt
	- uses: pulumi/actions@v5
	with:
	command: preview
	stack-name: ${{ matrix.stack-name }}
	env:
	PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
	ARM_USE_OIDC: true
	ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
	ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the go-non-major group across 1 directory with 8 updates #190

Workflow file

chore(deps): bump the go-non-major group across 1 directory with 8 updates #190

Jobs

Run details

Workflow file for this run