From 788e351a1860bd30596f0781f9ee2f0294df1b4c Mon Sep 17 00:00:00 2001
From: Jean-Philippe Evrard <open-source@a.spamming.party>
Date: Wed, 14 Sep 2022 16:38:32 +0200
Subject: [PATCH] ci: Ignore cache to pick latest matching go ver

Instead of requiring major.minor.x, it makes sense, in our CI,
to test major.minor.<latest>.

Without this, it is possible that the CI has a cached version
which is not yet the latest version.

This is a problem, as the current cached version on some workers
is 1.18.5, which has a CVE. Forcing the latest would fix it.
---
 .github/workflows/on-main-push.yaml    |  3 ++-
 .github/workflows/on-pr.yaml           | 15 ++++++++++-----
 .github/workflows/on-tag.yaml          |  3 ++-
 .github/workflows/periodics-daily.yaml |  6 ++++--
 4 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/on-main-push.yaml b/.github/workflows/on-main-push.yaml
index 4933325..e35a87f 100644
--- a/.github/workflows/on-main-push.yaml
+++ b/.github/workflows/on-main-push.yaml
@@ -21,7 +21,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
 
       - name: Login to DockerHub
         uses: docker/login-action@v2
diff --git a/.github/workflows/on-pr.yaml b/.github/workflows/on-pr.yaml
index 390d27e..5a722f5 100644
--- a/.github/workflows/on-pr.yaml
+++ b/.github/workflows/on-pr.yaml
@@ -18,7 +18,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - name: run tests
         run: go test -json ./... > test.json
       - name: Annotate tests
@@ -48,7 +49,8 @@ jobs:
     - name: Ensure go version
       uses: actions/setup-go@v3
       with:
-        go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+        go-version: "${{ steps.awk_gomod.outputs.version }}"
+        check-latest: true
     - name: Lint cmd folder
       uses: Jerome1337/golint-action@v1.0.2
       with:
@@ -87,7 +89,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - run: make DH_ORG="${{ github.repository_owner }}" VERSION="${{ github.sha }}" image
       - uses: Azure/container-scan@v0
         env:
@@ -122,7 +125,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - name: Build artifacts
         run: |
           make DH_ORG="${{ github.repository_owner }}" VERSION="${{ github.sha }}" image
@@ -193,7 +197,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - name: Build artifacts
         run: |
           make DH_ORG="${{ github.repository_owner }}" VERSION="${{ github.sha }}" image
diff --git a/.github/workflows/on-tag.yaml b/.github/workflows/on-tag.yaml
index 65bdb10..a04c975 100644
--- a/.github/workflows/on-tag.yaml
+++ b/.github/workflows/on-tag.yaml
@@ -21,7 +21,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - name: Find current tag version
         run: echo "::set-output name=version::${GITHUB_REF#refs/tags/}"
         id: tags
diff --git a/.github/workflows/periodics-daily.yaml b/.github/workflows/periodics-daily.yaml
index 0ab9c02..9d262d5 100644
--- a/.github/workflows/periodics-daily.yaml
+++ b/.github/workflows/periodics-daily.yaml
@@ -61,7 +61,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
       - run: make DH_ORG="${{ github.repository_owner }}" VERSION="${{ github.sha }}" image
       - uses: Azure/container-scan@v0
         env:
@@ -90,7 +91,8 @@ jobs:
       - name: Ensure go version
         uses: actions/setup-go@v3
         with:
-          go-version: "${{ steps.awk_gomod.outputs.version }}.x"
+          go-version: "${{ steps.awk_gomod.outputs.version }}"
+          check-latest: true
 
       - name: "Workaround 'Failed to attach 1 to compat systemd cgroup /actions_job/...' on gh actions"
         run: |