mirror of
https://github.com/tailscale/tailscale.git
synced 2024-12-11 10:44:41 +00:00
07991dec83
Pin actions/checkout usage to latest 3.x or 4.x as appropriate. These were previously pointing to `@4` or `@3` which pull in the latest versions at these tags as they are released, with the potential to break our workflows if a breaking change or malicious version for either of these streams are released. Changing this to a pinned version also means that dependabot will keep this in the pinend version format (e.g., referencing a SHA) when it opens a PR to bump the dependency. Updates #cleanup Signed-off-by: Mario Minardi <mario@tailscale.com>
35 lines
886 B
YAML
35 lines
886 B
YAML
name: checklocks
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
paths:
|
|
- '**/*.go'
|
|
- '.github/workflows/checklocks.yml'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-$${{ github.head_ref || github.run_id }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
checklocks:
|
|
runs-on: [ ubuntu-latest ]
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
|
|
|
|
- name: Build checklocks
|
|
run: ./tool/go build -o /tmp/checklocks gvisor.dev/gvisor/tools/checklocks/cmd/checklocks
|
|
|
|
- name: Run checklocks vet
|
|
# TODO(#12625): add more packages as we add annotations
|
|
run: |-
|
|
./tool/go vet -vettool=/tmp/checklocks \
|
|
./envknob \
|
|
./ipn/store/mem \
|
|
./net/stun/stuntest \
|
|
./net/wsconn \
|
|
./proxymap
|