feat: add VPC and VPN management commands #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [main, 'feature/*', 'feat/*', 'fix/*', 'release/*'] | |
| tags: ['[0-9]*'] | |
| pull_request: | |
| branches: [main, 'release/*'] | |
| workflow_dispatch: | |
| jobs: | |
| changes: | |
| name: Detect Changes | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'workflow_dispatch' && !startsWith(github.ref, 'refs/tags/') | |
| outputs: | |
| go: ${{ steps.filter.outputs.go }} | |
| scripts: ${{ steps.filter.outputs.scripts }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| go: | |
| - 'cmd/**' | |
| - 'internal/**' | |
| - 'go.mod' | |
| - 'go.sum' | |
| - 'Makefile' | |
| scripts: | |
| - 'scripts/**' | |
| lint-scripts: | |
| name: Lint Scripts | |
| runs-on: ubuntu-latest | |
| needs: changes | |
| if: needs.changes.outputs.scripts == 'true' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: shellcheck | |
| run: sudo apt-get install -y shellcheck && shellcheck scripts/*.sh | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: changes | |
| if: needs.changes.outputs.go == 'true' || github.event_name == 'workflow_dispatch' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.26.1' | |
| cache: true | |
| - run: go mod download | |
| - run: go vet ./... | |
| - run: go test -v ./... | |
| - run: go test -race ./... | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| needs: changes | |
| if: needs.changes.outputs.go == 'true' || github.event_name == 'workflow_dispatch' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.26.1' | |
| cache: true | |
| - name: govulncheck | |
| run: | | |
| go install golang.org/x/vuln/cmd/govulncheck@latest | |
| govulncheck ./... | |
| build: | |
| name: Build (${{ matrix.os }}/${{ matrix.arch }}) | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| strategy: | |
| matrix: | |
| include: | |
| - os: linux | |
| arch: amd64 | |
| - os: linux | |
| arch: arm64 | |
| - os: darwin | |
| arch: amd64 | |
| - os: darwin | |
| arch: arm64 | |
| - os: windows | |
| arch: amd64 | |
| - os: windows | |
| arch: arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.26.1' | |
| cache: true | |
| - run: go mod download | |
| - name: Build | |
| env: | |
| GOOS: ${{ matrix.os }} | |
| GOARCH: ${{ matrix.arch }} | |
| CGO_ENABLED: 0 | |
| run: | | |
| VERSION=$(git describe --tags --always --dirty) | |
| EXT="" | |
| if [ "${{ matrix.os }}" = "windows" ]; then EXT=".exe"; fi | |
| BINARY="bin/zcp-${{ matrix.os }}-${{ matrix.arch }}${EXT}" | |
| go build -ldflags "-s -w -X github.com/zsoftly/zcp-cli/internal/version.Version=${VERSION}" -o "${BINARY}" ./cmd/zcp | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: zcp-${{ matrix.os }}-${{ matrix.arch }} | |
| path: bin/zcp-${{ matrix.os }}-${{ matrix.arch }}* | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| path: bin/ | |
| merge-multiple: true | |
| - name: Checksums | |
| run: | | |
| cd bin | |
| sha256sum zcp-* > checksums.txt | |
| cat checksums.txt | |
| - name: Create Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| bin/zcp-* | |
| bin/checksums.txt | |
| scripts/install.sh | |
| scripts/install.ps1 | |
| generate_release_notes: true |