-
Notifications
You must be signed in to change notification settings - Fork 3
136 lines (124 loc) · 5.02 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: CI
on:
push:
branches: [main]
pull_request:
permissions:
contents: read # for actions/checkout to fetch code
jobs:
formatting:
name: runner / formatting
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- name: Check out code into the Go module directory
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Format
run: if [ "$(gofmt -s -l . | wc -l)" -gt 0 ]; then exit 1; fi
- name: Run go vet
run: go vet ./...
golangci-lint:
name: runner / golangci-lint
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- name: Check out code into the Go module directory
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: golangci-lint
uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2
with:
fail_on_error: true
golangci_lint_flags: "--config=.github/.golangci.yml ./..."
yamllint:
name: runner / yamllint
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: reviewdog/action-yamllint@4e4ba96d03a0e12a0e71c29e5fef1db309d09201 # v1.18.0
with:
fail_on_error: true
reporter: github-pr-review
yamllint_flags: '-d "{extends: default, rules: {truthy: disable}}" .'
dotenv-linter:
name: runner / dotenv-linter
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: dotenv-linter/action-dotenv-linter@5c7d44c1ddb097d3ae75f6fbb53caf521b23405c # v2.22.0
with:
reporter: github-pr-review
check-dependencies:
name: runner / check-dependencies
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
- name: WriteGoList
run: go list -json -m all > go.list
- name: Nancy
uses: sonatype-nexus-community/nancy-github-action@395e2fb168f674f96502e5652103d112899ea369 # main
continue-on-error: true
- name: "Dependency Review"
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
with:
base-ref: ${{ github.event.pull_request.base.sha || 'main' }}
head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
tests:
name: runner / build and tests
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [1.21.x, 1.22.x]
os: [windows-2019, windows-2022, ubuntu-22.04, ubuntu-20.04]
steps:
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
with:
go-version: ${{ matrix.go-version }}
- name: build go
run: go build ./cmd/app/main.go
- name: Install Test Converter and run tests
run: |
export GOPATH="$HOME/go/"
export PATH=$PATH:$GOPATH/bin
go install github.com/jstemmer/go-junit-report/v2@latest
go test -covermode=atomic -coverprofile=coverage.out -race -v ./... > test_output.txt 2>&1 || true
cat test_output.txt
cat test_output.txt | go-junit-report -set-exit-code > junit-${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}}.xml
if grep -q "FAIL" test_output.txt; then exit 1; fi
- name: Upload Coverage Results
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: GitHub Upload Release Artifacts
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: JUnit Results ${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}}
path: junit-${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}}.xml
# - name: Integration tests
# run: "docker-compose up \
# --build \
# --abort-on-container-exit \
# --exit-code-from integration"