Chore(deps): Bump golang.org/x/net from 0.51.0 to 0.55.0 #2603
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| release: | |
| types: | |
| - published | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - .github/workflows/ci.yml | |
| - cmd/** | |
| - internal/** | |
| - pkg/** | |
| - .dockerignore | |
| - .golangci.yml | |
| - Dockerfile | |
| - go.mod | |
| - go.sum | |
| pull_request: | |
| paths: | |
| - .github/workflows/ci.yml | |
| - cmd/** | |
| - internal/** | |
| - pkg/** | |
| - .dockerignore | |
| - .golangci.yml | |
| - Dockerfile | |
| - go.mod | |
| - go.sum | |
| jobs: | |
| verify: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| env: | |
| DOCKER_BUILDKIT: "1" | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: reviewdog/action-misspell@v1 | |
| with: | |
| locale: "US" | |
| level: error | |
| exclude: | | |
| ./internal/storage/servers.json | |
| ./.golangci.yml | |
| *.md | |
| - name: Linting | |
| run: docker build --target lint . | |
| - name: Mocks check | |
| run: docker build --target mocks . | |
| - name: Build test image | |
| run: docker build --target test -t test-container . | |
| - name: Run tests in test container | |
| run: | | |
| touch coverage.txt | |
| docker run --rm --cap-add=NET_ADMIN --device /dev/net/tun \ | |
| -v "$(pwd)/coverage.txt:/tmp/gobuild/coverage.txt" \ | |
| test-container | |
| - name: Verify dev cross platform compatibility | |
| run: docker build --target xcompile . | |
| - name: Build final image | |
| run: docker build -t final-image . | |
| verify-tools: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: ./devrun/go.mod | |
| - run: go test ./... | |
| working-directory: ./devrun | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: ./ci/go.mod | |
| - run: go test ./... | |
| working-directory: ./ci | |
| verify-private: | |
| if: | | |
| github.repository == 'passteque/gluetun' && | |
| ( | |
| github.event_name == 'push' || | |
| github.event_name == 'release' || | |
| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') | |
| ) | |
| needs: [ verify ] | |
| runs-on: ubuntu-latest | |
| environment: secrets | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - run: docker build -t qmcgaw/gluetun . | |
| - name: Setup Go for CI utility | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: ci/go.mod | |
| - name: Build utility | |
| run: go build -C ./ci -o runner ./cmd/main.go | |
| - name: Run Gluetun container with Mullvad configuration | |
| run: echo -e "${{ secrets.MULLVAD_WIREGUARD_PRIVATE_KEY }}\n${{ | |
| secrets.MULLVAD_WIREGUARD_ADDRESS }}" | ./ci/runner mullvad | |
| - name: Run Gluetun container with ProtonVPN Wireguard and port forwarding | |
| configuration | |
| run: echo -e "${{ secrets.PROTONVPN_WIREGUARD_PRIVATE_KEY }}" | ./ci/runner | |
| protonvpn-wireguard-port-forwarding | |
| - name: Run Gluetun container with ProtonVPN OpenVPN and port forwarding | |
| configuration | |
| run: echo -e "${{ secrets.PROTONVPN_OPENVPN_USER }}\n${{ | |
| secrets.PROTONVPN_OPENVPN_PASSWORD }}" | ./ci/runner | |
| protonvpn-openvpn-port-forwarding | |
| - name: Run Gluetun container with Private Internet Access OpenVPN and port | |
| forwarding configuration | |
| run: echo -e "${{ secrets.PRIVATEINTERNETACCESS_OPENVPN_USER }}\n${{ | |
| secrets.PRIVATEINTERNETACCESS_OPENVPN_PASSWORD }}" | ./ci/runner | |
| private-internet-access-openvpn-port-forwarding | |
| - name: Run Gluetun container with AirVPN Wireguard configuration | |
| run: echo -e "${{ secrets.AIRVPN_WIREGUARD_PRIVATE_KEY }}\n${{ | |
| secrets.AIRVPN_WIREGUARD_PRESHARED_KEY }}\n${{ | |
| secrets.AIRVPN_WIREGUARD_ADDRESSES }}" | ./ci/runner airvpn-wireguard | |
| - name: Run Gluetun container with AirVPN OpenVPN configuration | |
| run: echo -e "${{ secrets.AIRVPN_OPENVPN_KEY }}\n${{ secrets.AIRVPN_OPENVPN_CERT | |
| }}" | ./ci/runner airvpn-openvpn | |
| codeql: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| - uses: github/codeql-action/init@v4 | |
| with: | |
| languages: go | |
| - uses: github/codeql-action/autobuild@v4 | |
| - uses: github/codeql-action/analyze@v4 | |
| publish: | |
| if: | | |
| github.repository == 'passteque/gluetun' && | |
| ( | |
| github.event_name == 'push' || | |
| github.event_name == 'release' || | |
| (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') | |
| ) | |
| needs: [ verify, verify-private, codeql ] | |
| permissions: | |
| actions: read | |
| contents: read | |
| packages: write | |
| runs-on: ubuntu-latest | |
| environment: secrets | |
| steps: | |
| - uses: actions/checkout@v6 | |
| # extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v6 | |
| with: | |
| flavor: | | |
| latest=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| images: | | |
| ghcr.io/qdm12/gluetun | |
| qmcgaw/gluetun | |
| qmcgaw/private-internet-access | |
| tags: | | |
| type=ref,event=pr | |
| type=semver,pattern=v{{major}}.{{minor}}.{{patch}} | |
| type=semver,pattern=v{{major}}.{{minor}} | |
| type=semver,pattern=v{{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }} | |
| type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} | |
| - uses: docker/setup-qemu-action@v4 | |
| - uses: docker/setup-buildx-action@v4 | |
| - uses: docker/login-action@v4 | |
| with: | |
| username: qmcgaw | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - uses: docker/login-action@v4 | |
| with: | |
| registry: ghcr.io | |
| username: qdm12 | |
| password: ${{ secrets.GHCR_PAT }} | |
| - name: Short commit | |
| id: shortcommit | |
| run: | | |
| # Use the PR head SHA if it exists, otherwise fallback to GITHUB_SHA | |
| FULL_SHA="${{ github.event.pull_request.head.sha || github.sha }}" | |
| SHORT_SHA= | |
| echo "value=$(echo $FULL_SHA | cut -c1-7)" >> $GITHUB_OUTPUT | |
| - name: Build and push final image | |
| uses: docker/build-push-action@v7 | |
| with: | |
| platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7,linux/ppc64le | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| CREATED=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} | |
| COMMIT=${{ steps.shortcommit.outputs.value }} | |
| VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| push: true |