Skip to content

Commit

Permalink
feat: Support go-version-file (#2156)
Browse files Browse the repository at this point in the history 
Fixes #1807

---------

Signed-off-by: Ian Lewis <ianlewis@google.com>
  • Loading branch information
Ian Lewis authored May 23, 2023
1 parent f9f5a49 commit 06f926f
Show file tree
Hide file tree
Showing 4 changed files with 48 additions and 4 deletions.
18 changes: 17 additions & 1 deletion .github/actions/secure-project-checkout-go/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,10 @@ inputs:
default: ${{ github.token }}
go-version:
description: "The Go version to use, as expected by https://github.com/actions/setup-go."
required: true
required: false
go-version-file:
description: "Path to the go.mod or go.work file."
required: false

runs:
using: "composite"
Expand All @@ -26,7 +29,20 @@ runs:
token: ${{ inputs.token }}
path: ${{ inputs.path }}

- name: Validate Go version.
shell: bash
env:
GO_VERSION: ${{ inputs.go-version }}
GO_VERSION_FILE: ${{ inputs.go-version-file }}
run: |
set -euo pipefail
if [ "${GO_VERSION}" == "" ] && [ "${GO_VERSION_FILE}" == "" ]; then
echo "::error::One of go-version or go-version-file should be specified."
exit 1
fi
- name: Set up Go environment
uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
with:
go-version: ${{ inputs.go-version }}
go-version-file: ${{ inputs.go-version-file }}
8 changes: 7 additions & 1 deletion .github/workflows/builder_go_slsa3.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,11 @@ on:
inputs:
go-version:
description: "The go version to use."
required: true
required: false
type: string
go-version-file:
description: "The go version to use."
required: false
type: string
upload-assets:
description: >
Expand Down Expand Up @@ -184,6 +188,7 @@ jobs:
with:
path: __PROJECT_CHECKOUT_DIR__
go-version: ${{ inputs.go-version }}
go-version-file: ${{ inputs.go-version-file }}

- name: Download builder
uses: ./__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact
Expand Down Expand Up @@ -230,6 +235,7 @@ jobs:
with:
path: __PROJECT_CHECKOUT_DIR__
go-version: ${{ inputs.go-version }}
go-version-file: ${{ inputs.go-version-file }}

- name: Download builder
uses: ./__BUILDER_CHECKOUT_DIR__/.github/actions/secure-download-artifact
Expand Down
23 changes: 22 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,16 @@
# CHANGELOG

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

<!-- markdown-toc --bullets="-" -i CHANGELOG.md -->

<!-- toc -->

- [Unreleased](#unreleased)
- [X.Y.Z: Go builder](#xyz-go-builder)
- [v1.6.0](#v160)
- [Summary of changes](#summary-of-changes)
- [Go builder](#go-builder)
Expand Down Expand Up @@ -71,7 +78,21 @@

<!-- tocstop -->

<!-- Information on the next release will be added here. -->
## Unreleased

<!--
Information on the next release will be added here.
Use the format "X.Y.Z: Go builder" etc. for format headers to avoid header name
duplication."
-->

### X.Y.Z: Go builder

- **Added**: A new
[go-version-file](https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#workflow-inputs)
input was added. This allows you to specify a go.mod file in order to track
which version of Go is used for your project.

## v1.6.0

Expand Down
3 changes: 2 additions & 1 deletion internal/builders/go/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,8 @@ The builder workflow [slsa-framework/slsa-github-generator/.github/workflows/bui
| -------------------- | -------- | --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `config-file` | no | `.github/workflows/slsa-goreleaser.yml` | The configuration file for the builder. A path within the calling repository. |
| `evaluated-envs` | no | empty value | A list of environment variables, seperated by `,`: `VAR1: value, VAR2: value`. This is typically used to pass dynamically-generated values, such as `ldflags`. Note that only environment variables with names starting with `CGO_` or `GO` are accepted. |
| `go-version` | yes | | The go version for your project. This value is passed, unchanged, to the [actions/setup-go](https://github.com/actions/setup-go) action when setting up the environment |
| `go-version` | no | | The go version for your project. This value is passed, unchanged, to the [actions/setup-go](https://github.com/actions/setup-go) action when setting up the environment. One of `go-version` or `go-version-file` is required. |
| `go-version-file` | no | | The go version file (e.g. `go.mod`) for your project. This value is passed, unchanged, to the [actions/setup-go](https://github.com/actions/setup-go) action when setting up the environment. One of `go-version` or `go-version-file` is required. |
| `upload-assets` | no | true on new tags | Whether to upload assets to a GitHub release or not. |
| `upload-tag-name` | no | | If specified and `upload-assets` is set to true, the provenance will be uploaded to a Github release identified by the tag-name regardless of the triggering event. |
| `prerelease` | no | | If specified and `upload-assets` is set to true, the release is created as prerelease. |
Expand Down

0 comments on commit 06f926f

Please sign in to comment.