Add workflow permissions
This commit is contained in:
87
.github/workflows/build.yml
vendored
Normal file
87
.github/workflows/build.yml
vendored
Normal file
@@ -0,0 +1,87 @@
|
||||
name: Go Build Multi-Platform
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "main" ]
|
||||
tags:
|
||||
- 'v*'
|
||||
pull_request:
|
||||
branches: [ "main" ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
permissions:
|
||||
contents: write
|
||||
strategy:
|
||||
matrix:
|
||||
goos: [linux, windows, darwin, freebsd]
|
||||
goarch: [amd64, arm64, arm]
|
||||
exclude:
|
||||
- goos: darwin
|
||||
goarch: arm
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
outputs:
|
||||
build_complete: ${{ steps.build_step.outcome == 'success' }}
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: '1.24'
|
||||
|
||||
- name: Build
|
||||
id: build_step
|
||||
env:
|
||||
GOOS: ${{ matrix.goos }}
|
||||
GOARCH: ${{ matrix.goarch }}
|
||||
GOARM: ${{ matrix.goarch == 'arm' && '6' || '' }}
|
||||
run: |
|
||||
output_name="arcgis-utils-go-${GOOS}-${GOARCH}"
|
||||
if [ "$GOOS" = "windows" ]; then
|
||||
output_name+=".exe"
|
||||
fi
|
||||
go build -v -ldflags="-s -w" -o "${output_name}" ./cmd/arcgis-utils
|
||||
echo "Built: ${output_name}"
|
||||
|
||||
- name: Calculate SHA256 Checksum
|
||||
run: |
|
||||
output_name="arcgis-utils-go-${{ matrix.goos }}-${{ matrix.goarch }}"
|
||||
if [ "${{ matrix.goos }}" = "windows" ]; then
|
||||
output_name+=".exe"
|
||||
fi
|
||||
sha256sum "${output_name}" > "${output_name}.sha256"
|
||||
echo "Calculated SHA256 for ${output_name}"
|
||||
|
||||
- name: Upload Artifact
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: arcgis-utils-go-${{ matrix.goos }}-${{ matrix.goarch }}
|
||||
path: arcgis-utils-go-${{ matrix.goos }}-${{ matrix.goarch }}*
|
||||
|
||||
release:
|
||||
name: Create Release
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
if: startsWith(github.ref, 'refs/tags/')
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
|
||||
steps:
|
||||
- name: Download All Build Artifacts
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
path: ./release-assets
|
||||
|
||||
- name: List downloaded files (for debugging)
|
||||
run: ls -R ./release-assets
|
||||
|
||||
- name: Create GitHub Release
|
||||
uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
files: ./release-assets/*/*
|
||||
3
.github/workflows/go-test.yml
vendored
3
.github/workflows/go-test.yml
vendored
@@ -8,6 +8,9 @@ on:
|
||||
branches:
|
||||
- main
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
2
.github/workflows/gosec.yml
vendored
2
.github/workflows/gosec.yml
vendored
@@ -6,6 +6,8 @@ on:
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
permissions:
|
||||
contents: read
|
||||
jobs:
|
||||
tests:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
Reference in New Issue
Block a user