feat: implement security configuration in deployment manifest and API #245
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI-Pipeline | |
| on: | |
| workflow_dispatch: {} | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| actions: write | |
| checks: write | |
| contents: read | |
| deployments: read | |
| issues: write | |
| discussions: write | |
| packages: read | |
| pages: write | |
| pull-requests: write | |
| security-events: write | |
| statuses: write | |
| jobs: | |
| test-install-using-action: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Cloud Runtime CLI | |
| uses: ./ | |
| - name: Verify installation | |
| run: vcr --version | |
| test-install-using-script: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install Cloud Runtime CLI | |
| shell: sh | |
| run: ./script/install.sh | |
| - name: Verify installation | |
| run: vcr --version | |
| build-and-test: | |
| runs-on: macos-latest | |
| env: | |
| API_VERSION: ${{ vars.API_VERSION || 'v0.4' }} | |
| strategy: | |
| matrix: | |
| go-version: [1.24.0] | |
| os: [macos-latest] | |
| environment: vcr-cli | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ matrix.go-version }} | |
| - name: Set up Docker | |
| run: | | |
| brew install docker docker-machine docker-compose | |
| sudo mkdir -p /usr/local/bin | |
| sudo curl -L -o /usr/local/bin/colima https://github.com/abiosoft/colima/releases/download/v0.6.7/colima-Darwin-x86_64 && sudo chmod +x /usr/local/bin/colima | |
| brew install lima lima-additional-guestagents | |
| brew install qemu | |
| colima start | |
| sudo ln -sf $HOME/.colima/default/docker.sock /var/run/docker.sock | |
| - name: Cache Go modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/go/pkg/mod | |
| ~/Library/Caches/go-build | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Run unit tests | |
| run: go test ./... | |
| - name: Run integration tests | |
| run: | | |
| cd tests/integration | |
| docker-compose up --exit-code-from cli-tool | |
| - name: Cross compile binaries | |
| env: | |
| GO_LDFLAGS: "-s -w -X 'main.apiVersion=${{env.API_VERSION}}' -X 'main.version=${{github.ref_name}}' -X 'main.buildDate=${{github.event.repository.updated_at}}' -X 'main.commit=${{github.sha}}' -X 'main.releaseURL=https://api.github.com/repos/${{github.repository}}'" | |
| run: | | |
| GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "$GO_LDFLAGS" -o vcr_darwin_amd64 . | |
| GOOS=darwin GOARCH=arm64 CGO_ENABLED=0 go build -ldflags "$GO_LDFLAGS" -o vcr_darwin_arm64 . | |
| GOOS=linux GOARCH=arm64 CGO_ENABLED=0 go build -ldflags "$GO_LDFLAGS" -o vcr_linux_arm64 . | |
| GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "$GO_LDFLAGS" -o vcr_linux_amd64 . | |
| GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "$GO_LDFLAGS" -o vcr_windows_amd64.exe . |