mirror of
https://github.com/anchore/syft
synced 2024-11-10 14:24:12 +00:00
6ef3e45ffc
* initial working version Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * added build settings to pkg metadata wip - unit tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * handle mach-O FatFiles Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add support to mod replace fixed golang catalger tests trying GH Actions with go 1.18rc1 Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * log error Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * use go-macholibre for extraction Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * cleaner tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add version to main module Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * check macho file with macholibre Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * run golangci in its own workflow Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci workflow Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix golangci wf yml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix golangci wf yml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci wf Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci wf Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * get arch from bin file headers upgrade macholibre Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * test new stereoscope lazy reader interface Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * remove devel version from golang cataloger Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * switch github workflows to go1.18 stable Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add union reader interface in golang cataloger update stereoscope Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * simpler golangci validation Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix makefile Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * get archs refactor Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * nolint for golang version Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix go bin tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * golangci nolint needs a \n before package Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * cleanup Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * move golangci-lint to its own jobs again Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix ci yaml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add support for xcoff files add arch assets to test bin file types Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * clean up golangci-lint config Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * nolint for xcoff Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * explain nolints Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * remove unused xcoff testdata assets Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * make go bin test-fixtures in docker Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix make clean with -f Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * update json output schema Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * update schema version in test fixture Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * explain possible empty main module Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com>
435 lines
14 KiB
YAML
435 lines
14 KiB
YAML
name: "Validations"
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
|
|
env:
|
|
GO_VERSION: "1.18.x"
|
|
GO_STABLE_VERSION: true
|
|
|
|
jobs:
|
|
# TODO: remove this job once golanci-lint is compatible with g01.18+
|
|
Static-Analysis-Golanci-lint:
|
|
name: "Static analysis - golangci-lint"
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: "1.17" # NOTE: please use GO_VERSION once golangci supports go1.18+
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Bootstrap CI environment dependencies
|
|
run: make ci-bootstrap
|
|
|
|
- name: Run static analysis
|
|
run: make static-analysis-golanci-lint
|
|
|
|
|
|
|
|
Static-Analysis:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Static analysis"
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Bootstrap CI environment dependencies
|
|
run: make ci-bootstrap
|
|
|
|
- name: Run static analysis
|
|
run: make static-analysis
|
|
|
|
Unit-Test:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Unit tests"
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Bootstrap CI environment dependencies
|
|
run: make ci-bootstrap
|
|
|
|
- name: Build cache key for java test-fixture blobs (for unit tests)
|
|
run: make java-packages-fingerprint
|
|
|
|
- name: Restore Java test-fixture cache
|
|
id: unit-java-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: syft/pkg/cataloger/java/test-fixtures/java-builds/packages
|
|
key: ${{ runner.os }}-unit-java-cache-${{ hashFiles( 'syft/pkg/cataloger/java/test-fixtures/java-builds/packages.fingerprint' ) }}
|
|
|
|
- name: Build cache key for go binary test-fixture blobs (for unit tests)
|
|
run: make go-binaries-fingerprint
|
|
|
|
- name: Restore Go binary test-fixture cache
|
|
id: unit-go-binary-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: syft/pkg/cataloger/golang/test-fixtures/archs/binaries
|
|
key: ${{ runner.os }}-unit-go-binaries-cache-${{ hashFiles( 'syft/pkg/cataloger/golang/test-fixtures/archs/binaries.fingerprint' ) }}
|
|
|
|
- name: Run unit tests
|
|
run: make unit
|
|
|
|
- uses: actions/upload-artifact@v2
|
|
with:
|
|
name: unit-test-results
|
|
path: test/results/**/*
|
|
|
|
Integration-Test:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Integration tests"
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Bootstrap CI environment dependencies
|
|
run: make ci-bootstrap
|
|
|
|
- name: Validate syft output against the CycloneDX schema
|
|
run: make validate-cyclonedx-schema
|
|
|
|
- name: Build key for tar cache
|
|
run: make integration-fingerprint
|
|
|
|
- name: Restore integration test cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/test/integration/test-fixtures/cache
|
|
key: ${{ runner.os }}-integration-test-cache-${{ hashFiles('test/integration/test-fixtures/cache.fingerprint') }}
|
|
|
|
- name: Run integration tests
|
|
run: make integration
|
|
|
|
Benchmark-Test:
|
|
name: "Benchmark tests"
|
|
runs-on: ubuntu-20.04
|
|
# note: we want benchmarks to run on pull_request events in order to publish results to a sticky comment, and
|
|
# we also want to run on push such that merges to main are recorded to the cache. For this reason we don't filter
|
|
# the job by event.
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Bootstrap CI environment dependencies
|
|
run: make ci-bootstrap
|
|
|
|
- name: Restore base benchmark result
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: test/results/benchmark-main.txt
|
|
# use base sha for PR or new commit hash for main push in benchmark result key
|
|
key: ${{ runner.os }}-bench-${{ (github.event.pull_request.base.sha != github.event.after) && github.event.pull_request.base.sha || github.event.after }}
|
|
|
|
- name: Run benchmark tests
|
|
id: benchmark
|
|
run: |
|
|
REF_NAME=${GITHUB_REF##*/} make benchmark
|
|
OUTPUT=$(make show-benchstat)
|
|
OUTPUT="${OUTPUT//'%'/'%25'}" # URL encode all '%' characters
|
|
OUTPUT="${OUTPUT//$'\n'/'%0A'}" # URL encode all '\n' characters
|
|
OUTPUT="${OUTPUT//$'\r'/'%0D'}" # URL encode all '\r' characters
|
|
echo "::set-output name=result::$OUTPUT"
|
|
|
|
- uses: actions/upload-artifact@v2
|
|
with:
|
|
name: benchmark-test-results
|
|
path: test/results/**/*
|
|
|
|
- name: Update PR benchmark results comment
|
|
uses: marocchino/sticky-pull-request-comment@v2
|
|
continue-on-error: true
|
|
with:
|
|
header: benchmark
|
|
message: |
|
|
### Benchmark Test Results
|
|
|
|
<details>
|
|
<summary>Benchmark results from the latest changes vs base branch</summary>
|
|
|
|
```
|
|
${{ steps.benchmark.outputs.result }}
|
|
```
|
|
|
|
</details>
|
|
|
|
Build-Snapshot-Artifacts:
|
|
name: "Build snapshot artifacts"
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v1
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Build snapshot artifacts
|
|
run: make snapshot
|
|
|
|
- uses: actions/upload-artifact@v2
|
|
with:
|
|
name: artifacts
|
|
path: snapshot/**/*
|
|
|
|
Acceptance-Linux:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Acceptance tests (Linux)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: artifacts
|
|
path: snapshot
|
|
|
|
- name: Run comparison tests (Linux)
|
|
run: make compare-linux
|
|
|
|
- name: Build key for image cache
|
|
run: make install-fingerprint
|
|
|
|
- name: Restore install.sh test image cache
|
|
id: install-test-image-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/test/install/cache
|
|
key: ${{ runner.os }}-install-test-image-cache-${{ hashFiles('test/install/cache.fingerprint') }}
|
|
|
|
- name: Load test image cache
|
|
if: steps.install-test-image-cache.outputs.cache-hit == 'true'
|
|
run: make install-test-cache-load
|
|
|
|
- name: Run install.sh tests (Linux)
|
|
run: make install-test
|
|
|
|
- name: (cache-miss) Create test image cache
|
|
if: steps.install-test-image-cache.outputs.cache-hit != 'true'
|
|
run: make install-test-cache-save
|
|
|
|
|
|
Acceptance-Mac:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "Acceptance tests (Mac)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: macos-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: artifacts
|
|
path: snapshot
|
|
|
|
- name: Restore docker image cache for compare testing
|
|
id: mac-compare-testing-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: image.tar
|
|
key: ${{ runner.os }}-${{ hashFiles('test/compare/mac.sh') }}
|
|
|
|
- name: Run comparison tests (Mac)
|
|
run: make compare-mac
|
|
|
|
- name: Run install.sh tests (Mac)
|
|
run: make install-test-ci-mac
|
|
|
|
Cli-Linux:
|
|
# Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline
|
|
name: "CLI tests (Linux)"
|
|
needs: [Build-Snapshot-Artifacts]
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
stable: ${{ env.GO_STABLE_VERSION }}
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Restore go cache
|
|
id: go-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-${{ env.GO_VERSION }}-
|
|
|
|
- name: Restore tool cache
|
|
id: tool-cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/.tmp
|
|
key: ${{ runner.os }}-tool-${{ hashFiles('Makefile') }}
|
|
|
|
- name: (cache-miss) Bootstrap all project dependencies
|
|
if: steps.tool-cache.outputs.cache-hit != 'true' || steps.go-cache.outputs.cache-hit != 'true'
|
|
run: make bootstrap
|
|
|
|
- name: Build key for tar cache
|
|
run: make cli-fingerprint
|
|
|
|
- name: Restore CLI test cache
|
|
uses: actions/cache@v2.1.3
|
|
with:
|
|
path: ${{ github.workspace }}/test/cli/test-fixtures/cache
|
|
key: ${{ runner.os }}-cli-test-cache-${{ hashFiles('test/cli/test-fixtures/cache.fingerprint') }}
|
|
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: artifacts
|
|
path: snapshot
|
|
|
|
- name: Run CLI Tests (Linux)
|
|
run: make cli
|