Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

externally configured Go version for automation support

See original GitHub issue

I’ve got a GitHub Action I wrote to update the Go versions in my various configuration files[1]. Especially, for my security projects, I’d like an auditable but automated way to keep the Go versions I use up to date.

(Using a .x version number isn’t enough because doing that wouldn’t kick off new builds when a new version is released and it’s difficult to audit when a new Go version was brought in.)

But, unfortunately (and totally understandably from a security perspective!), GitHub Actions can’t modify integration configs. So, I’ve got a plan to keep my Go versions in a file outside of my workflow configs, have my workflows read in that file and use it for go_version, and then have my tool update that external file.

Would y’all be open to me posting a PR to make that an explicitly supported thing in setup-go? Say, reading a file in something like .github/versions/go.yml or similar?

[1] https://github.com/jmhodges/ensure-latest-go

Issue Analytics

State:
Created 4 years ago
Comments:18 (4 by maintainers)

Top GitHub Comments

8reactions

ccremercommented, Nov 23, 2020

I’m using this:

jobs:
  dist:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Determine Go version from go.mod
      run: echo "GO_VERSION=$(grep "go 1." go.mod | cut -d " " -f 2)" >> $GITHUB_ENV
    - uses: actions/setup-go@v2
      with:
        go-version: ${{ env.GO_VERSION }}

So I only have to maintain go.mod. Only works if you don’t need matrix builds ofc 😃

But it would be nice if this action could do that on its own, e.g. have a property go-mod-path: go.mod

2reactions

hazcodcommented, Jun 22, 2020

For reference my GitHub Action as seen on iron-go-project:

name: benchmark
on: pull_request

jobs:
  gobench:
    name: benchmarking
    runs-on: ubuntu-latest
    steps:
      -
        uses: actions/checkout@v2
      -
        id: vars
        run: |
          echo ::set-output name=go_version::$(grep '^FROM go' .github/go/Dockerfile | cut -d ' ' -f 2 | cut -d ':' -f 2)
          echo "Using Go version ${{ steps.vars.outputs.go_version }}"
      -
        name: Setup go
        uses: actions/setup-go@v2
        with:
          go-version: ${{ steps.vars.outputs.go_version }}

My file .github/go/Dockerfile:

FROM golang:1.14.1

And keeping the file updated automatically in .github/dependabot.yml:


version: 2
updates:
- package-ecosystem: docker
  directory: "/.github/go"
  schedule:
    interval: daily
    time: '04:00'
  open-pull-requests-limit: 10
  target-branch: dev

Top Results From Across the Web

Manage connections in Azure Automation

This article tells how to manage Azure Automation connections to external services or applications and how to work with them in runbooks.

Customize pipeline configuration - GitLab Docs

Specify a custom CI/CD configuration file. Support for external .gitlab-ci.yml locations introduced in GitLab 12.6. GitLab expects to find the CI/CD ...

Jira automation triggers

Triggers kick off the execution of your automation rules. Triggers will listen for events in Jira Cloud, such as when an issue is...

Deploy a registry server

This topic provides basic information about deploying and configuring a registry. ... In order to make your registry accessible to external hosts, ...

Configure Ingress for external load balancing

Any Pod that has both the greeting: hello label and the version: one label is a member of the Service. GKE forwards requests...