deploy/build.yaml - vulndb - Git at Google

 steps:
   - id: Lock
     name: golang:1.21.5
     entrypoint: bash
     args:
       - -ec
       - |
         if [[ "$COMMIT_SHA" = '' ]]; then
           echo "no COMMIT_SHA, not locking"
           exit 0
         fi
         go run golang.org/x/website/cmd/locktrigger@latest \
           -project $PROJECT_ID -build $BUILD_ID -repo https://go.googlesource.com/vulndb

   - id: Unshallow
     name: gcr.io/cloud-builders/git
     entrypoint: bash
     args:
       - -c
       - |
         if ! git fetch --unshallow; then
           echo "git fetch --unshallow failed, no worries mate"
         fi

   - id: Test
     name: golang:1.21.5
     entrypoint: bash
     args:
       - -ec
       - go test ./...

   - id: CopyExisting
     name: gcr.io/cloud-builders/gsutil
     entrypoint: bash
     args:
       - -ec
       - gsutil -q -m cp -r gs://go-vulndb /workspace

   - id: Generate
     name: golang:1.21.5
     entrypoint: bash
     args: ["-ec", "go run ./cmd/gendb -out /workspace/db -zip /workspace/db/vulndb.zip"]

   - id: PreValidate
     name: golang:1.21.5
     entrypoint: bash
     args:
       - -ec
       - go run ./cmd/checkdeploy -new /workspace/db -existing /workspace/go-vulndb

   - id: Deploy
     name: gcr.io/cloud-builders/gsutil
     entrypoint: bash
     args: ["./deploy/gcp-deploy.sh"]

   - id: CopyDeployed
     name: gcr.io/cloud-builders/gsutil
     entrypoint: bash
     args:
       - -ec
       - mkdir /workspace/deployed && gsutil -q -m cp -r gs://go-vulndb /workspace/deployed

   - id: PostValidate
     name: golang:1.20.12
     entrypoint: bash
     args: ["-ec", "go run ./cmd/checkdb /workspace/deployed/go-vulndb"]
     env:
       - 'GOPROXY=https://proxy.golang.org'
	steps:
	- id: Lock
	name: golang:1.21.5
	entrypoint: bash
	args:
	- -ec
	- \|
	if [[ "$COMMIT_SHA" = '' ]]; then
	echo "no COMMIT_SHA, not locking"
	exit 0
	fi
	go run golang.org/x/website/cmd/locktrigger@latest \
	-project $PROJECT_ID -build $BUILD_ID -repo https://go.googlesource.com/vulndb

	- id: Unshallow
	name: gcr.io/cloud-builders/git
	entrypoint: bash
	args:
	- -c
	- \|
	if ! git fetch --unshallow; then
	echo "git fetch --unshallow failed, no worries mate"
	fi

	- id: Test
	name: golang:1.21.5
	entrypoint: bash
	args:
	- -ec
	- go test ./...

	- id: CopyExisting
	name: gcr.io/cloud-builders/gsutil
	entrypoint: bash
	args:
	- -ec
	- gsutil -q -m cp -r gs://go-vulndb /workspace

	- id: Generate
	name: golang:1.21.5
	entrypoint: bash
	args: ["-ec", "go run ./cmd/gendb -out /workspace/db -zip /workspace/db/vulndb.zip"]

	- id: PreValidate
	name: golang:1.21.5
	entrypoint: bash
	args:
	- -ec
	- go run ./cmd/checkdeploy -new /workspace/db -existing /workspace/go-vulndb

	- id: Deploy
	name: gcr.io/cloud-builders/gsutil
	entrypoint: bash
	args: ["./deploy/gcp-deploy.sh"]

	- id: CopyDeployed
	name: gcr.io/cloud-builders/gsutil
	entrypoint: bash
	args:
	- -ec
	- mkdir /workspace/deployed && gsutil -q -m cp -r gs://go-vulndb /workspace/deployed

	- id: PostValidate
	name: golang:1.20.12
	entrypoint: bash
	args: ["-ec", "go run ./cmd/checkdb /workspace/deployed/go-vulndb"]
	env:
	- 'GOPROXY=https://proxy.golang.org'