Skip to content

feat: add check if the covenant is the covenant committee (#91) #76

feat: add check if the covenant is the covenant committee (#91)

feat: add check if the covenant is the covenant committee (#91) #76

Workflow file for this run

name: docker_publish
on:
push:
branches:
- 'main'
tags:
- '*'
jobs:
lint_test:
uses: babylonlabs-io/.github/.github/workflows/[email protected]
with:
go-version: '1.23'
go-lint-version: 'v1.60.2'
run-unit-tests: true
run-integration-tests: true
run-lint: true
run-build: true
run-gosec: true
gosec-args: "-exclude-generated -exclude-dir=itest -exclude-dir=testutil -exclude-dir=covenant-signer ./..."
docker_pipeline:
needs: ["lint_test"]
uses: babylonlabs-io/.github/.github/workflows/[email protected]
secrets: inherit
with:
publish: true
dockerfile: ./Dockerfile
repoName: covenant-emulator
docker_scan: true
permissions:
# required for all workflows
security-events: write
# required to fetch internal or private CodeQL packs
packages: read
go_sec_covenant_signer:
runs-on: ubuntu-24.04
env:
GO111MODULE: on
steps:
- name: Fetch Repository
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: '^1.23.x'
check-latest: true
cache: false
- name: Install Gosec
run: go install github.com/securego/gosec/v2/cmd/gosec@latest
- name: Run Gosec (covenant-signer)
working-directory: ./covenant-signer
run: gosec ./...
docker_pipeline_covenant_signer:
needs: ["go_sec_covenant_signer"]
uses: babylonlabs-io/.github/.github/workflows/[email protected]
secrets: inherit
with:
publish: true
dockerfile: ./covenant-signer/Dockerfile
dockerContext: ./
repoName: covenant-signer
docker_scan: true
permissions:
# required for all workflows
security-events: write
# required to fetch internal or private CodeQL packs
packages: read