chore: update scorecard allow list #451
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Go Conformance CI | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| # Declare default permissions as read only. | |
| permissions: read-all | |
| jobs: | |
| # Download the Go conformance client binary in it's own Github runner so that the version of Go used doesn't matter | |
| download-conformance-client: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| cache-key: ${{ steps.resolve-latest-client.outputs.version }} | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 | |
| with: | |
| egress-policy: block | |
| allowed-endpoints: > | |
| api.github.com:443 | |
| proxy.golang.org:443 | |
| sum.golang.org:443 | |
| storage.googleapis.com:443 | |
| - name: Resolve latest client version | |
| id: resolve-latest-client | |
| uses: GoogleCloudPlatform/functions-framework-conformance/.github/actions/client/resolve-latest@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 | |
| # Check if it's already in the cache | |
| - name: Cache client | |
| id: check-for-cached-client | |
| uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 | |
| with: | |
| path: ~/go/bin/client | |
| key: ${{ steps.resolve-latest-client.outputs.version }} | |
| - name: Install and cache client | |
| if: ${{ steps.check-for-cached-client.outputs.cache-hit != 'true' }} | |
| uses: GoogleCloudPlatform/functions-framework-conformance/.github/actions/client/install@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 | |
| with: | |
| cache-path: ~/go/bin/client | |
| cache-key: ${{ steps.resolve-latest-client.outputs.version }} | |
| build: | |
| needs: | |
| - download-conformance-client | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| go-version: [1.13, 1.16, 1.18] | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 | |
| with: | |
| egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | |
| - name: Check out code | |
| uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| - name: Set up Go ${{ matrix.go-version }} | |
| uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
| with: | |
| go-version: '${{ matrix.go-version }}' | |
| - name: Pre-fetch go dependencies and build | |
| run: 'go build ./...' | |
| - name: Fetch conformance client | |
| uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 | |
| with: | |
| path: ~/go/bin/client | |
| key: ${{ needs.download-conformance-client.outputs.cache-key }} | |
| - name: Run HTTP conformance tests | |
| run: | | |
| client \ | |
| -type=http \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/http/main.go" | |
| - name: Run event conformance tests | |
| run: | | |
| client \ | |
| -type=legacyevent \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/legacyevent/main.go" | |
| - name: Run CloudEvent conformance tests | |
| run: | | |
| client \ | |
| -type=cloudevent \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/cloudevent/main.go" | |
| - name: Run HTTP conformance tests using declarative API | |
| run: | | |
| FUNCTION_TARGET=declarativeHTTP client \ | |
| -type=http \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/declarative/main.go" | |
| - name: Run Typed conformance tests using declarative API | |
| run: | | |
| FUNCTION_TARGET=declarativeTyped client \ | |
| -type=http \ | |
| -declarative-type=typed \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/declarative/main.go" | |
| - name: Run CloudEvent conformance tests using declarative API | |
| run: | | |
| FUNCTION_TARGET=declarativeCloudEvent client \ | |
| -type=cloudevent \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/declarative/main.go" | |
| - name: Run HTTP concurrency conformance tests | |
| run: | | |
| FUNCTION_TARGET=concurrentHTTP client \ | |
| -type=http \ | |
| -buildpacks=false \ | |
| -start-delay=5 \ | |
| -cmd="go run testdata/conformance/cmd/declarative/main.go" \ | |
| -validate-concurrency=true |