Add support for .tool-versions file in setup-go, update workflow (#673)

* setup go in local

* add .tool-versions file support

.github/workflows/publish-immutable-actions.yml

@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Checking out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Publish
         id: publish
         uses: actions/publish-immutable-action@v0.0.4

.github/workflows/versions.yml

@@ -18,9 +18,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go Stable
         uses: ./
         with:
@@ -33,9 +33,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go oldStable
         uses: ./
         with:
@@ -48,16 +48,16 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         version: [stable, oldstable]
         architecture: [x64, x32]
         exclude:
           - os: macos-latest
             architecture: x32
-          - os: macos-13
+          - os: macos-latest-large
             architecture: x32
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go ${{ matrix.version }} ${{ matrix.architecture }}
         uses: ./
         with:
@@ -72,7 +72,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [macos-latest, windows-latest, ubuntu-latest, macos-13]
+        os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.21.13, 1.22.8, 1.23.2]
         include:
           - os: windows-latest
@@ -82,7 +82,7 @@ jobs:
             go: 1.23.2
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -98,10 +98,10 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         go-version: ['1.20', '1.21', '1.22', '1.23']
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -115,9 +115,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -131,9 +131,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -142,16 +142,32 @@ jobs:
         run: __tests__/verify-go.sh 1.21
         shell: bash
 
+  go-version-file-with-tool-versions:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
+    steps:
+      - uses: actions/checkout@v5
+      - name: Setup Go and check latest
+        uses: ./
+        with:
+          go-version-file: __tests__/data/.tool-versions
+      - name: verify go
+        run: __tests__/verify-go.sh 1.23.2
+        shell: bash
+
   setup-versions-from-manifest:
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
-        os: [macos-latest, windows-latest, ubuntu-latest, macos-13]
+        os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.20.14, 1.21.10, 1.22.8, 1.23.2]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -167,11 +183,11 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [windows-latest, ubuntu-latest, macos-13]
+        os: [windows-latest, ubuntu-latest, macos-latest-large]
         go: [1.11.12]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -187,7 +203,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-latest-large]
         go-version: [1.20.14, 1.21, 1.22, 1.23]
         include:
           - os: macos-latest
@@ -196,10 +212,10 @@ jobs:
             architecture: x64
           - os: windows-latest
             architecture: x64
-          - os: macos-13
+          - os: macos-latest-large
             architecture: x64
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Setup Go and check latest
         uses: ./
         with:

.github/workflows/windows-validation.yml

@@ -19,7 +19,7 @@ jobs:
         cache: [false, true]
         go: [1.20.1]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: 'Setup ${{ matrix.cache }}, cache: ${{ matrix.go }}'
         uses: ./
@@ -88,7 +88,7 @@ jobs:
       matrix:
         cache: [false, true]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: 'Setup default go, cache: ${{ matrix.cache }}'
         uses: ./
@@ -121,7 +121,7 @@ jobs:
         cache: [false]
         go: [1.20.1]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: 'Setup ${{ matrix.go }}, cache: ${{ matrix.cache }}'
         uses: ./

README.md

@@ -8,6 +8,14 @@ This action sets up a go environment for use in actions by:
 - Optionally downloading and caching a version of Go by version and adding to `PATH`.
 - Registering problem matchers for error output.
 
+# Breaking changes in V6
+
+- Improve toolchain handling to ensure more reliable and consistent toolchain selection and management.
+- Upgraded from node20 to node24.
+  > Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1)
+
+For more details,  see the full release notes on the [releases page](https://github.com/actions/setup-go/releases/tag/v6.0.0)
+
 # V5
 
 The V5 edition of the action offers:
@@ -16,31 +24,10 @@ The V5 edition of the action offers:
 
 See full release notes on the [releases page](https://github.com/actions/setup-go/releases).
 
-# V4
-
-The V4 edition of the action offers:
-
- - Enabled caching by default
-
-The action will try to enable caching unless the `cache` input is explicitly set to false.
-
-Please see "[Caching dependency files and build outputs](https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs)" for more information.
-
-# V3
-
-The V3 edition of the action offers:
-
-- Adds `GOBIN` to the `PATH`
-- Proxy support
-- Check latest version
-- Caching packages dependencies
-- stable and oldstable aliases
-- Bug Fixes (including issues around version matching and semver)
-
 The action will first check the local cache for a version match. If a version is not found locally, it will pull it from
 the `main` branch of the [go-versions](https://github.com/actions/go-versions/blob/main/versions-manifest.json)
 repository. On miss or failure, it will fall back to downloading directly
-from [go dist](https://storage.googleapis.com/golang). To change the default behavior, please use
+from [go dist](https://go.dev/dl). To change the default behavior, please use
 the [check-latest input](#check-latest-version).
 
 **Note:** The `setup-go` action uses executable binaries which are built by Golang side. The action does not build
@@ -191,9 +178,15 @@ steps:
 
 ## Getting go version from the go.mod file
 
-The `go-version-file` input accepts a path to a `go.mod` file or a `go.work` file that contains the version of Go to be used by a project.
+The `go-version-file` input accepts a path to a `go.mod` file, `.tool-versions` file or a `go.work`
+file that contains the version of Go to be used by a project. The version taken
+from thils file will be:
+
+  - The version from the `toolchain` directive, if there is one, otherwise
+  - The version from the `go` directive
+
+The version can specify a patch version or omit it altogether (e.g., `go 1.22.0` or `go 1.22`).
 
-The `go` directive in `go.mod` can specify a patch version or omit it altogether (e.g., `go 1.22.0` or `go 1.22`).  
 If a patch version is specified, that specific patch version will be used.  
 If no patch version is specified, it will search for the latest available patch version in the cache,
 [versions-manifest.json](https://github.com/actions/go-versions/blob/main/versions-manifest.json), and the
@@ -210,6 +203,15 @@ steps:
       go-version-file: 'path/to/go.mod'
   - run: go version
 ```
+```yaml
+steps:
+  - uses: actions/checkout@v5
+  - uses: actions/setup-go@v6
+    with:
+      go-version-file: '.tool-versions'
+  - run: go version
+```
+> The [.tool-versions file](https://asdf-vm.com/manage/configuration.html#tool-versions) supports version specifications in accordance with asdf standards, adhering to Semantic Versioning ([semver](https://semver.org)).
 
 ## Matrix testing
 
@@ -247,7 +249,7 @@ When dynamically downloading Go distributions, `setup-go` downloads distribution
 
 These calls to `actions/go-versions` are made via unauthenticated requests, which are limited to [60 requests per hour per IP](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting).
 If more requests are made within the time frame, then the action leverages the `raw API` to retrieve the version-manifest. This approach does not impose a rate limit and hence facilitates unrestricted consumption. This is particularly beneficial for GHES runners, which often share the same IP, to avoid the quick exhaustion of the unauthenticated rate limit.
-If that fails as well the action will try to download versions directly from https://storage.googleapis.com/golang.
+If that fails as well the action will try to download versions directly from https://go.dev/dl.
 
 If that fails as well you can get a higher rate limit with [generating a personal access token on github.com](https://github.com/settings/tokens/new) and passing it as the `token` input to the action:
 

__tests__/data/.tool-versions

@@ -0,0 +1 @@
+golang 1.23.2

__tests__/setup-go.test.ts

@@ -129,6 +129,9 @@ describe('setup-go', () => {
   });
 
   afterEach(() => {
+    // clear out env var set during 'run'
+    delete process.env[im.GOTOOLCHAIN_ENV_VAR];
+
     //jest.resetAllMocks();
     jest.clearAllMocks();
     //jest.restoreAllMocks();
@@ -285,7 +288,7 @@ describe('setup-go', () => {
     expect(logSpy).toHaveBeenCalledWith(`Setup go version spec 1.13.0`);
   });
 
-  it('does not export any variables for Go versions >=1.9', async () => {
+  it('does not export GOROOT for Go versions >=1.9', async () => {
     inputs['go-version'] = '1.13.0';
     inSpy.mockImplementation(name => inputs[name]);
 
@@ -298,7 +301,7 @@ describe('setup-go', () => {
     });
 
     await main.run();
-    expect(vars).toStrictEqual({});
+    expect(vars).not.toHaveProperty('GOROOT');
   });
 
   it('exports GOROOT for Go versions <1.9', async () => {
@@ -314,9 +317,7 @@ describe('setup-go', () => {
     });
 
     await main.run();
-    expect(vars).toStrictEqual({
-      GOROOT: toolPath
-    });
+    expect(vars).toHaveProperty('GOROOT', toolPath);
   });
 
   it('finds a version of go already in the cache', async () => {
@@ -388,7 +389,7 @@ describe('setup-go', () => {
 
     const expPath = path.win32.join(toolPath, 'bin');
     expect(dlSpy).toHaveBeenCalledWith(
-      'https://storage.googleapis.com/golang/go1.13.1.windows-amd64.zip',
+      'https://go.dev/dl/go1.13.1.windows-amd64.zip',
       'C:\\temp\\go1.13.1.windows-amd64.zip',
       undefined
     );
@@ -865,6 +866,9 @@ exclude example.com/thismodule v1.3.0
 
 use .
 
+`;
+
+    const toolVersionsContents = `golang 1.23
 `;
 
     it('reads version from go.mod', async () => {
@@ -891,6 +895,18 @@ use .
       expect(logSpy).toHaveBeenCalledWith('matching 1.19...');
     });
 
+    it('reads version from .tool-versions', async () => {
+      inputs['go-version-file'] = '.tool-versions';
+      existsSpy.mockImplementation(() => true);
+      readFileSpy.mockImplementation(() => Buffer.from(toolVersionsContents));
+
+      await main.run();
+
+      expect(logSpy).toHaveBeenCalledWith('Setup go version spec 1.23');
+      expect(logSpy).toHaveBeenCalledWith('Attempting to download 1.23...');
+      expect(logSpy).toHaveBeenCalledWith('matching 1.23...');
+    });
+
     it('reads version from .go-version', async () => {
       inputs['go-version-file'] = '.go-version';
       existsSpy.mockImplementation(() => true);
@@ -945,7 +961,7 @@ use .
         const expectedUrl =
           platform === 'win32'
             ? `https://github.com/actions/go-versions/releases/download/${version}/go-${version}-${platform}-${arch}.${fileExtension}`
-            : `https://storage.googleapis.com/golang/go${version}.${osSpec}-${arch}.${fileExtension}`;
+            : `https://go.dev/dl/go${version}.${osSpec}-${arch}.${fileExtension}`;
 
         // ... but not in the local cache
         findSpy.mockImplementation(() => '');
@@ -989,4 +1005,104 @@ use .
       }
     );
   });
+
+  describe('go-version-file-toolchain', () => {
+    const goVersions = ['1.22.0', '1.21rc2', '1.18'];
+    const placeholderVersion = '1.19';
+    const buildGoMod = (
+      goVersion: string,
+      toolchainVersion: string
+    ) => `module example.com/mymodule
+
+go ${goVersion}
+
+toolchain go${toolchainVersion}
+
+require (
+	example.com/othermodule v1.2.3
+	example.com/thismodule v1.2.3
+	example.com/thatmodule v1.2.3
+)
+
+replace example.com/thatmodule => ../thatmodule
+exclude example.com/thismodule v1.3.0
+`;
+
+    const buildGoWork = (
+      goVersion: string,
+      toolchainVersion: string
+    ) => `go 1.19
+
+toolchain go${toolchainVersion}
+
+use .
+
+`;
+
+    goVersions.forEach(version => {
+      [
+        {
+          goVersionfile: 'go.mod',
+          fileContents: Buffer.from(buildGoMod(placeholderVersion, version)),
+          expected_version: version,
+          desc: 'from toolchain directive'
+        },
+        {
+          goVersionfile: 'go.work',
+          fileContents: Buffer.from(buildGoMod(placeholderVersion, version)),
+          expected_version: version,
+          desc: 'from toolchain directive'
+        },
+        {
+          goVersionfile: 'go.mod',
+          fileContents: Buffer.from(buildGoMod(placeholderVersion, version)),
+          gotoolchain_env: 'local',
+          expected_version: placeholderVersion,
+          desc: 'from go directive when GOTOOLCHAIN is local'
+        },
+        {
+          goVersionfile: 'go.work',
+          fileContents: Buffer.from(buildGoMod(placeholderVersion, version)),
+          gotoolchain_env: 'local',
+          expected_version: placeholderVersion,
+          desc: 'from go directive when GOTOOLCHAIN is local'
+        }
+      ].forEach(test => {
+        it(`reads version (${version}) in ${test.goVersionfile} ${test.desc}`, async () => {
+          inputs['go-version-file'] = test.goVersionfile;
+          if (test.gotoolchain_env !== undefined) {
+            process.env[im.GOTOOLCHAIN_ENV_VAR] = test.gotoolchain_env;
+          }
+          existsSpy.mockImplementation(() => true);
+          readFileSpy.mockImplementation(() => Buffer.from(test.fileContents));
+
+          await main.run();
+
+          expect(logSpy).toHaveBeenCalledWith(
+            `Setup go version spec ${test.expected_version}`
+          );
+          expect(logSpy).toHaveBeenCalledWith(
+            `Attempting to download ${test.expected_version}...`
+          );
+          expect(logSpy).toHaveBeenCalledWith(
+            `matching ${test.expected_version}...`
+          );
+        });
+      });
+    });
+  });
+
+  it('exports GOTOOLCHAIN and sets it in current process env', async () => {
+    inputs['go-version'] = '1.21.0';
+    inSpy.mockImplementation(name => inputs[name]);
+
+    const vars: {[key: string]: string} = {};
+    exportVarSpy.mockImplementation((name: string, val: string) => {
+      vars[name] = val;
+    });
+
+    await main.run();
+    expect(vars).toStrictEqual({GOTOOLCHAIN: 'local'});
+    expect(process.env).toHaveProperty('GOTOOLCHAIN', 'local');
+  });
 });

action.yml

@@ -5,7 +5,7 @@ inputs:
   go-version:
     description: 'The Go version to download (if necessary) and use. Supports semver spec and ranges. Be sure to enclose this option in single quotation marks.'
   go-version-file:
-    description: 'Path to the go.mod or go.work file.'
+    description: 'Path to the go.mod, .tool-versions, or go.work file.'
   check-latest:
     description: 'Set this option to true if you want the action to always check for the latest available version that satisfies the version spec'
     default: false

dist/setup/index.js

@@ -94312,6 +94312,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.GOTOOLCHAIN_LOCAL_VAL = exports.GOTOOLCHAIN_ENV_VAR = void 0;
 exports.getGo = getGo;
 exports.extractGoArchive = extractGoArchive;
 exports.getManifest = getManifest;
@@ -94330,6 +94331,8 @@ const sys = __importStar(__nccwpck_require__(5632));
 const fs_1 = __importDefault(__nccwpck_require__(7147));
 const os_1 = __importDefault(__nccwpck_require__(2037));
 const utils_1 = __nccwpck_require__(1314);
+exports.GOTOOLCHAIN_ENV_VAR = 'GOTOOLCHAIN';
+exports.GOTOOLCHAIN_LOCAL_VAL = 'local';
 const MANIFEST_REPO_OWNER = 'actions';
 const MANIFEST_REPO_NAME = 'go-versions';
 const MANIFEST_REPO_BRANCH = 'main';
@@ -94580,7 +94583,7 @@ function getInfoFromDist(versionSpec, arch) {
         if (!version) {
             return null;
         }
-        const downloadUrl = `https://storage.googleapis.com/golang/${version.files[0].filename}`;
+        const downloadUrl = `https://go.dev/dl/${version.files[0].filename}`;
         return {
             type: 'dist',
             downloadUrl: downloadUrl,
@@ -94663,8 +94666,22 @@ function parseGoVersionFile(versionFilePath) {
     const contents = fs_1.default.readFileSync(versionFilePath).toString();
     if (path.basename(versionFilePath) === 'go.mod' ||
         path.basename(versionFilePath) === 'go.work') {
-        const match = contents.match(/^go (\d+(\.\d+)*)/m);
-        return match ? match[1] : '';
+        // for backwards compatibility: use version from go directive if
+        // 'GOTOOLCHAIN' has been explicitly set
+        if (process.env[exports.GOTOOLCHAIN_ENV_VAR] !== exports.GOTOOLCHAIN_LOCAL_VAL) {
+            // toolchain directive: https://go.dev/ref/mod#go-mod-file-toolchain
+            const matchToolchain = contents.match(/^toolchain go(1\.\d+(?:\.\d+|rc\d+)?)/m);
+            if (matchToolchain) {
+                return matchToolchain[1];
+            }
+        }
+        // go directive: https://go.dev/ref/mod#go-mod-file-go
+        const matchGo = contents.match(/^go (\d+(\.\d+)*)/m);
+        return matchGo ? matchGo[1] : '';
+    }
+    else if (path.basename(versionFilePath) === '.tool-versions') {
+        const match = contents.match(/^golang\s+([^\n#]+)/m);
+        return match ? match[1].trim() : '';
     }
     return contents.trim();
 }
@@ -94782,6 +94799,7 @@ function run() {
             // If not supplied then problem matchers will still be setup.  Useful for self-hosted.
             //
             const versionSpec = resolveVersionInput();
+            setGoToolchain();
             const cache = core.getBooleanInput('cache');
             core.info(`Setup go version spec ${versionSpec}`);
             let arch = core.getInput('architecture');
@@ -94890,6 +94908,19 @@ function resolveVersionInput() {
     }
     return version;
 }
+function setGoToolchain() {
+    // docs: https://go.dev/doc/toolchain
+    // "local indicates the bundled Go toolchain (the one that shipped with the go command being run)"
+    // this is so any 'go' command is run with the selected Go version
+    // and doesn't trigger a toolchain download and run commands with that
+    // see e.g. issue #424
+    // and a similar discussion: https://github.com/docker-library/golang/issues/472.
+    // Set the value in process env so any `go` commands run as child-process
+    // don't cause toolchain downloads
+    process.env[installer.GOTOOLCHAIN_ENV_VAR] = installer.GOTOOLCHAIN_LOCAL_VAL;
+    // and in the runner env so e.g. a user running `go mod tidy` won't cause it
+    core.exportVariable(installer.GOTOOLCHAIN_ENV_VAR, installer.GOTOOLCHAIN_LOCAL_VAL);
+}
 
 
 /***/ }),

package-lock.json

@@ -26,7 +26,7 @@
         "@typescript-eslint/parser": "^8.35.1",
         "@vercel/ncc": "^0.38.1",
         "eslint": "^8.57.0",
-        "eslint-config-prettier": "^10.0.1",
+        "eslint-config-prettier": "^10.1.8",
         "eslint-plugin-jest": "^29.0.1",
         "eslint-plugin-node": "^11.1.0",
         "jest": "^29.7.0",
@@ -2984,12 +2984,16 @@
       }
     },
     "node_modules/eslint-config-prettier": {
-      "version": "10.0.1",
-      "resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-10.0.1.tgz",
-      "integrity": "sha512-lZBts941cyJyeaooiKxAtzoPHTN+GbQTJFAIdQbRhA4/8whaAraEh47Whw/ZFfrjNSnlAxqfm9i0XVAEkULjCw==",
+      "version": "10.1.8",
+      "resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-10.1.8.tgz",
+      "integrity": "sha512-82GZUjRS0p/jganf6q1rEO25VSoHH0hKPCTrgillPjdI/3bgBhAE1QzHrHTizjpRvy6pGAvKjDJtk2pF9NDq8w==",
       "dev": true,
+      "license": "MIT",
       "bin": {
-        "eslint-config-prettier": "build/bin/cli.js"
+        "eslint-config-prettier": "bin/cli.js"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint-config-prettier"
       },
       "peerDependencies": {
         "eslint": ">=7.0.0"

package.json

@@ -45,7 +45,7 @@
     "@typescript-eslint/parser": "^8.35.1",
     "@vercel/ncc": "^0.38.1",
     "eslint": "^8.57.0",
-    "eslint-config-prettier": "^10.0.1",
+    "eslint-config-prettier": "^10.1.8",
     "eslint-plugin-jest": "^29.0.1",
     "eslint-plugin-node": "^11.1.0",
     "jest": "^29.7.0",

src/cache-save.ts

@@ -15,6 +15,7 @@ process.on('uncaughtException', e => {
 // Added early exit to resolve issue with slow post action step:
 // - https://github.com/actions/setup-node/issues/878
 // https://github.com/actions/cache/pull/1217
+
 export async function run(earlyExit?: boolean) {
   try {
     const cacheInput = core.getBooleanInput('cache');

src/installer.ts

@@ -9,6 +9,8 @@ import os from 'os';
 import {StableReleaseAlias, isSelfHosted} from './utils';
 import {Architecture} from './types';
 
+export const GOTOOLCHAIN_ENV_VAR = 'GOTOOLCHAIN';
+export const GOTOOLCHAIN_LOCAL_VAL = 'local';
 const MANIFEST_REPO_OWNER = 'actions';
 const MANIFEST_REPO_NAME = 'go-versions';
 const MANIFEST_REPO_BRANCH = 'main';
@@ -387,7 +389,7 @@ async function getInfoFromDist(
     return null;
   }
 
-  const downloadUrl = `https://storage.googleapis.com/golang/${version.files[0].filename}`;
+  const downloadUrl = `https://go.dev/dl/${version.files[0].filename}`;
 
   return <IGoVersionInfo>{
     type: 'dist',
@@ -496,8 +498,24 @@ export function parseGoVersionFile(versionFilePath: string): string {
     path.basename(versionFilePath) === 'go.mod' ||
     path.basename(versionFilePath) === 'go.work'
   ) {
-    const match = contents.match(/^go (\d+(\.\d+)*)/m);
-    return match ? match[1] : '';
+    // for backwards compatibility: use version from go directive if
+    // 'GOTOOLCHAIN' has been explicitly set
+    if (process.env[GOTOOLCHAIN_ENV_VAR] !== GOTOOLCHAIN_LOCAL_VAL) {
+      // toolchain directive: https://go.dev/ref/mod#go-mod-file-toolchain
+      const matchToolchain = contents.match(
+        /^toolchain go(1\.\d+(?:\.\d+|rc\d+)?)/m
+      );
+      if (matchToolchain) {
+        return matchToolchain[1];
+      }
+    }
+
+    // go directive: https://go.dev/ref/mod#go-mod-file-go
+    const matchGo = contents.match(/^go (\d+(\.\d+)*)/m);
+    return matchGo ? matchGo[1] : '';
+  } else if (path.basename(versionFilePath) === '.tool-versions') {
+    const match = contents.match(/^golang\s+([^\n#]+)/m);
+    return match ? match[1].trim() : '';
   }
 
   return contents.trim();

src/main.ts

@@ -17,6 +17,7 @@ export async function run() {
     // If not supplied then problem matchers will still be setup.  Useful for self-hosted.
     //
     const versionSpec = resolveVersionInput();
+    setGoToolchain();
 
     const cache = core.getBooleanInput('cache');
     core.info(`Setup go version spec ${versionSpec}`);
@@ -161,3 +162,20 @@ function resolveVersionInput(): string {
 
   return version;
 }
+
+function setGoToolchain() {
+  // docs: https://go.dev/doc/toolchain
+  // "local indicates the bundled Go toolchain (the one that shipped with the go command being run)"
+  // this is so any 'go' command is run with the selected Go version
+  // and doesn't trigger a toolchain download and run commands with that
+  // see e.g. issue #424
+  // and a similar discussion: https://github.com/docker-library/golang/issues/472.
+  // Set the value in process env so any `go` commands run as child-process
+  // don't cause toolchain downloads
+  process.env[installer.GOTOOLCHAIN_ENV_VAR] = installer.GOTOOLCHAIN_LOCAL_VAL;
+  // and in the runner env so e.g. a user running `go mod tidy` won't cause it
+  core.exportVariable(
+    installer.GOTOOLCHAIN_ENV_VAR,
+    installer.GOTOOLCHAIN_LOCAL_VAL
+  );
+}