mirror of
https://github.com/hashicorp/vault.git
synced 2026-02-03 20:40:45 -05:00
b3f173756d
Update to the latest actions. The primary motivation here is to get the
latest action-setup-enos.
- actions/cache => v5.0.3: security patches
- actions/checkout => v6.0.2: small fixes to git user-agent and tag
fetching
- hashicorp/action-setup-enos => v1.50: security patches
Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
93 lines
4.1 KiB
YAML
93 lines
4.1 KiB
YAML
# Copyright IBM Corp. 2016, 2025
|
|
# SPDX-License-Identifier: BUSL-1.1
|
|
|
|
---
|
|
name: Set up Go with a shared module cache.
|
|
description: Set up Go with a shared module cache.
|
|
|
|
inputs:
|
|
github-token:
|
|
description: An elevated Github token to access private modules if necessary.
|
|
no-restore:
|
|
description: Whether or not to restore the Go module cache on a cache hit
|
|
default: "false"
|
|
no-save:
|
|
description: Whether or not to create a Go module cache on cache miss
|
|
default: "false"
|
|
go-version:
|
|
description: "Override .go-version"
|
|
default: ""
|
|
|
|
outputs:
|
|
cache-key:
|
|
description: The Go modules cache key
|
|
value: ${{ steps.metadata.outputs.cache-key }}
|
|
cache-path:
|
|
description: The GOMODCACHE path
|
|
value: ${{ steps.metadata.outputs.cache-path }}
|
|
go-version:
|
|
description: "The version of Go used"
|
|
value: ${{ steps.go-version.outputs.go-version }}
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- id: go-version
|
|
shell: bash
|
|
run: |
|
|
if [ "${{ inputs.go-version }}" = "" ]; then
|
|
echo "go-version=$(cat ./.go-version)" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "go-version=${{ inputs.go-version }}" | tee -a "$GITHUB_OUTPUT"
|
|
fi
|
|
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
|
|
with:
|
|
go-version: ${{ steps.go-version.outputs.go-version }}
|
|
cache: false # We use our own caching strategy
|
|
- id: metadata
|
|
shell: bash
|
|
run: |
|
|
# Cache restore have some surprising relative pathing behavior we need
|
|
# to deal with. When actions/cache restores something it does it
|
|
# realtive to the check working directory. Since that can be different
|
|
# depending on our self-hosted vs Github hosted runners
|
|
# /home/runner/actions-runner/_work vs. /home/runner/work
|
|
# we need to factor in the absolute path of our working directory in our
|
|
# cache key. If we don't then cache restores will be incompatible on one
|
|
# or the other runner.
|
|
#
|
|
# See: https://github.com/actions/cache/issues/1127
|
|
wd_hash=$(realpath . | sha256sum | head -c 8)
|
|
{
|
|
echo "cache-path=$(go env GOMODCACHE)/cache"
|
|
echo "cache-key=go-modules-${wd_hash}-${{ hashFiles('**/go.sum') }}"
|
|
} | tee -a "$GITHUB_OUTPUT"
|
|
- id: cache-modules
|
|
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
|
|
with:
|
|
enableCrossOsArchive: true
|
|
lookup-only: ${{ inputs.no-restore }}
|
|
# We need to be very considerate of our caching strategy because Github only allows 10gb
|
|
# of caches per repository before it starts to evict older caches. This is usually fine
|
|
# if you only use the actions cache for cache, but we also use it for Go test time results.
|
|
# These results are used to balance our Go test groups, without which we could have
|
|
# painfully unbalanced Go test execution times. We have to ensure current caches for all
|
|
# active release branches and main do not exceed 10gb. Ideally we'd cache Go modules
|
|
# and Go build cache on a per version/platform/architecture/tag/module basis, but that
|
|
# would result in several hungred gb over all of our build workflows and release branches.
|
|
# Instead, we've chosen a middle ground approach where were share Go modules between build
|
|
# workflows but lose the Go build cache.
|
|
# We intentionally do not use partial restore keys. If we get dont get an exact cache hit
|
|
# we only want to download the latest modules, not append them to a prior cache. This
|
|
# keeps cache upload time, download time, and storage size to a minimum.
|
|
path: ${{ steps.metadata.outputs.cache-path }}
|
|
key: ${{ steps.metadata.outputs.cache-key }}
|
|
- if: steps.cache-modules.outputs.cache-hit != 'true' && inputs.no-save != 'true'
|
|
name: Download go modules
|
|
shell: bash
|
|
env:
|
|
GOPRIVATE: github.com/hashicorp/*
|
|
run: |
|
|
git config --global url."https://${{ inputs.github-token }}@github.com".insteadOf https://github.com
|
|
make go-mod-download
|
|
du -h -d 1 ${{ steps.metadata.outputs.cache-path }}
|