transcend-io · Almenon · Feb 10, 2024 · Jun 7, 2023 · Jun 7, 2023 · Jun 20, 2023
diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml
@@ -26,11 +26,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the latest SHA for this branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         if: github.event_name != 'workflow_dispatch'
 
       - name: Checkout the specified tag
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         if: github.event_name == 'workflow_dispatch'
         with:
           ref: ${{ github.event.inputs.tag }}
@@ -43,38 +43,24 @@ jobs:
             git checkout origin/master -- Dockerfile
           fi
 
-      - name: Build and cache first build stage
-        # update the first stage cache only when pushing to or tagging main
-        if: github.event_name == 'push'
-        uses: docker/build-push-action@v1
-        env:
-          # use BuildKit to speed up builds and improve caching
-          DOCKER_BUILDKIT: 1
+      - name: Setup Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.CR_PAT }}
-          registry: ${{ env.GHCR_HOSTNAME }}
-          repository: ${{ github.repository }}
-          target: build
-          tags: build
-          build_args: BUILDKIT_INLINE_CACHE=1
-          cache_froms: ${{ env.GHCR_HOSTNAME }}/${{ github.repository }}:build
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build the container image
-        uses: docker/build-push-action@v1
-        env:
-          # use BuildKit to speed up builds and improve caching
-          DOCKER_BUILDKIT: 1
+        uses: docker/build-push-action@v5
         with:
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.CR_PAT }}
-          registry: ${{ env.GHCR_HOSTNAME }}
-          repository: ${{ github.repository }}
-          # auto create the tag if we're in a push/pull_request
-          tag_with_ref: ${{ github.event_name != 'workflow_dispatch' }}
+          push: ${{ github.event_name != 'pull_request' }}
+          builder: ${{ steps.buildx.outputs.name }}
+          platforms: linux/amd64,linux/arm64
           # this will add the proper tag if we're in workflow_dispatch
           tags: ${{ github.event.inputs.tag }}
-          build_args: BUILDKIT_INLINE_CACHE=1
-          cache_froms: >
-            ${{ env.GHCR_HOSTNAME }}/${{ github.repository }}:build,
-            ${{ env.GHCR_HOSTNAME }}/${{ github.repository }}:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml
@@ -7,8 +7,8 @@ jobs:
   contributors:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: wow-actions/contributors-list@v1
+      - uses: actions/checkout@v4
+      - uses: wow-actions/contributors-list@a9cb338523e20921d1a535d29f00dc8458fa8fe2
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           svgPath: CONTRIBUTORS.svg
@@ -26,10 +26,10 @@ jobs:
               </a>
             </g>
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38
         with:
-          commit-message: '[Chore] Update Contributors SVG'
-          title: '[Chore] Update Contributors SVG'
+          commit-message: "[Chore] Update Contributors SVG"
+          title: "[Chore] Update Contributors SVG"
           delete-branch: true
           assignees: dmattia
-          reviewers: dmattia
+          reviewers: dmattia
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -12,44 +12,41 @@ jobs:
 
     steps:
       # Install golang
-      - uses: actions/setup-go@v2
+      - uses: actions/setup-go@v5
         with:
-          go-version: '^1.16'
-
-      # Install external go modules before cloning
-      - run: go install github.com/laher/goxc@latest
+          go-version: "^1.21"
 
       # Checkout code
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       # Install golang deps, using a cache
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ~/go/pkg/mod
-          key: ubuntu-latest-1.16-go-${{ hashFiles('**/go.sum') }}
+          key: ubuntu-latest-1.21-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
-            ubuntu-latest-1.16-go-
-      
+            ubuntu-latest-1.21-go-
+
       # build binaries for all supported environments
       - run: sudo apt update && sudo apt install -y make
       - run: make build-all
 
       # Create the binary checksums
       - name: Get the version
         id: get_version
-        run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/v}
-      - name: Create checksums
-        run: |
-          readonly BUILD_DIR="build/${{ steps.get_version.outputs.VERSION }}"
-          find "$BUILD_DIR" -type f -exec sha256sum {} + | awk -v build_dir="$BUILD_DIR" '{sub("^"build_dir"/", ""); print $1, $2}' > SHA256SUMS
-          find "$BUILD_DIR" -type f -exec sha512sum {} + | awk -v build_dir="$BUILD_DIR" '{sub("^"build_dir"/", ""); print $1, $2}' > SHA512SUMS
+        run: echo VERSION=${GITHUB_REF#refs/tags/v} >> $GITHUB_OUTPUT
+      - uses: jmgilman/actions-generate-checksum@24a35957fba81c6cbaefeb1e3d59ee56e3db5077
+        id: checksums
+        with:
+          patterns: "build/${{ steps.get_version.outputs.VERSION }}/*"
+          method: sha512
+          output: checksums.txt
 
       # Create the release
-      - uses: "marvinpinto/action-automatic-releases@latest"
+      - uses: "marvinpinto/action-automatic-releases@d68defdd11f9dcc7f52f35c1b7c236ee7513bcc1"
         with:
           repo_token: "${{ secrets.GITHUB_TOKEN }}"
           prerelease: false
           files: |
             build/${{ steps.get_version.outputs.VERSION }}/*
-            SHA256SUMS
-            SHA512SUMS
+            checksums.txt
diff --git a/.github/workflows/run_tests.yml b/.github/workflows/run_tests.yml
@@ -6,15 +6,15 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest]
-        golang-version: [1.13, 1.14, 1.15, 1.16, 1.17]
+        golang-version: [1.21]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Setup golang v${{ matrix.golang-version }}
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v5
         with:
           go-version: "^${{ matrix.golang-version }}"
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ~/go/pkg/mod
           key: ${{ matrix.os }}-${{ matrix.golang-version }}-go-${{ hashFiles('**/go.sum') }}

diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
-FROM golang AS build
+ARG GO_VERSION=1.21
+FROM golang:${GO_VERSION} AS build
 
-ENV GO111MODULE=on
 WORKDIR /app
 
 # copy source
@@ -11,7 +11,8 @@ RUN go mod download
 
 # build the executable
 COPY cmd ./cmd
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build
+ENV CGO_ENABLED=0
+RUN go build
 
 # create super thin container with the binary only
 FROM scratch

diff --git a/Makefile b/Makefile
@@ -1,37 +1,44 @@
 VERSION=1.17.4
 PATH_BUILD=build/
 FILE_COMMAND=terragrunt-atlantis-config
-FILE_ARCH=darwin_amd64
-S3_BUCKET_NAME=cloudfront-origin-homebrew-tap-transcend-io
-PROFILE=transcend-prod
+FILE_ARCH=$(shell go env GOOS)_$(shell go env GOARCH)
 
 # Determine the arch/os combos we're building for
-XC_ARCH=amd64 arm
+XC_ARCH=amd64 arm64
 XC_OS=linux darwin windows
 
 .PHONY: clean
 clean:
 	rm -rf ./build
-	rm -rf '$(HOME)/bin/$(FILE_COMMAND)'
+	rm -rf "$(HOME)/.local/bin/$(FILE_COMMAND)"
 
 .PHONY: build
 build: clean
 	CGO_ENABLED=0 \
-	goxc \
-    -bc="darwin,amd64" \
-    -pv=$(VERSION) \
-    -d=$(PATH_BUILD) \
-    -build-ldflags "-X main.VERSION=$(VERSION)"
+	go build \
+	-trimpath \
+	-mod=readonly \
+	-modcacherw \
+	-ldflags "-X main.VERSION=$(VERSION)" \
+	-o $(PATH_BUILD)$(VERSION)/$(FILE_COMMAND)_$(VERSION)_$(FILE_ARCH)
 
 .PHONY: build-all
 build-all: clean
-	CGO_ENABLED=0 \
-	goxc \
-	-os="$(XC_OS)" \
-	-arch="$(XC_ARCH)" \
-    -pv=$(VERSION) \
-    -d=$(PATH_BUILD) \
-    -build-ldflags "-X main.VERSION=$(VERSION)"
+	for arch in $(XC_ARCH); do \
+		for os in $(XC_OS); do \
+			echo "Building for '$$os/$$arch'" ; \
+			ext="" ; [ "$$os" = "windows" ] && ext=".exe" ; \
+			CGO_ENABLED=0 \
+			GOARCH=$$arch \
+			GOOS=$$os \
+			go build \
+			-trimpath \
+			-mod=readonly \
+			-modcacherw \
+			-ldflags "-X main.VERSION=$(VERSION)" \
+			-o $(PATH_BUILD)$(VERSION)/$(FILE_COMMAND)_$(VERSION)_$${os}_$${arch}$${ext} ; \
+		done \
+	done
 
 .PHONY: gotestsum
 gotestsum:
@@ -51,10 +58,10 @@ version:
 
 .PHONY: sign
 sign:  build-all
-	rm -f $(PATH_BUILD)${VERSION}/SHA256SUMS
-	shasum -a256 $(PATH_BUILD)${VERSION}/* > $(PATH_BUILD)${VERSION}/SHA256SUMS
+	rm -f $(PATH_BUILD)$(VERSION)/SHA256SUMS
+	shasum -a256 $(PATH_BUILD)$(VERSION)/* > $(PATH_BUILD)$(VERSION)/SHA256SUMS
 
 .PHONY: install
 install:
-	install -d -m 755 '$(HOME)/bin/'
-	install $(PATH_BUILD)$(FILE_COMMAND)/$(VERSION)/$(FILE_COMMAND)_$(VERSION)_$(FILE_ARCH) '$(HOME)/bin/$(FILE_COMMAND)'
+	install -d -m 755 '$(HOME)/.local/bin/'
+	install $(PATH_BUILD)$(VERSION)/$(FILE_COMMAND)_$(VERSION)_$(FILE_ARCH) '$(HOME)/.local/bin/$(FILE_COMMAND)'