name: Build Go Tarball on: workflow_dispatch: jobs: build: runs-on: ubuntu-latest steps: - name: Checkout repo uses: actions/checkout@v3 - name: Install dependencies run: | sudo apt-get update -y sudo apt-get install -y curl tar jq - name: Determine latest Go release id: get_go run: | LATEST=$(curl -s https://go.dev/dl/?mode=json | jq -r '.[0].version') LATEST_NUM=${LATEST#go} # strip leading "go" echo "LATEST=$LATEST_NUM" >> $GITHUB_ENV echo "Latest Go version: $LATEST_NUM" - name: Download official Go tarball env: LATEST: ${{ env.LATEST }} run: | echo "Downloading: https://go.dev/dl/go${LATEST}.linux-amd64.tar.gz" curl -LO https://go.dev/dl/go${LATEST}.linux-amd64.tar.gz mkdir -p golang-${LATEST}-linux-amd64-debian-12/files tar -xzf go${LATEST}.linux-amd64.tar.gz -C golang-${LATEST}-linux-amd64-debian-12/files - name: Package tarball env: LATEST: ${{ env.LATEST }} run: | tar -czf golang-${LATEST}-linux-amd64-debian-12.tar.gz golang-${LATEST}-linux-amd64-debian-12 - name: Install Syft run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b . - name: Generate SPDX SBOM run: | ./syft packages golang-${LATEST}-linux-amd64-debian-12.tar.gz -o spdx-json \ > golang-${LATEST}-linux-amd64-debian-12.spdx - name: Generate SHA256 checksum run: | sha256sum golang-${LATEST}-linux-amd64-debian-12.tar.gz > golang-${LATEST}-linux-amd64-debian-12.tar.gz.sha256 cat golang-${LATEST}-linux-amd64-debian-12.tar.gz.sha256 - name: Install MinIO Client run: | wget https://dl.min.io/client/mc/release/linux-amd64/mc chmod +x mc - name: Configure MinIO env: MINIO_USER: ${{ secrets.CI_MINIO_USERNAME }} MINIO_PASSWORD: ${{ secrets.CI_MINIO_PASSWORD }} run: | ./mc alias set upload http://10.0.1.16:9000 $MINIO_USER $MINIO_PASSWORD - name: Upload to MinIO run: | ./mc cp golang-${LATEST}-linux-amd64-debian-12.tar.gz upload/downloads/stacksmith/ ./mc cp golang-${LATEST}-linux-amd64-debian-12.tar.gz.sha256 upload/downloads/stacksmith/ ./mc cp golang-${LATEST}-linux-amd64-debian-12.spdx upload/downloads/stacksmith/