-
Notifications
You must be signed in to change notification settings - Fork 383
145 lines (143 loc) · 3.78 KB
/
go.yml
File metadata and controls
145 lines (143 loc) · 3.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: Go
on:
push:
paths-ignore:
- packaging/**
branches:
- 'master'
pull_request:
paths-ignore:
- packaging/**
branches:
- '**'
jobs:
test:
name: Test
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
cache: true
go-version-file: go.mod
- name: Build
run: make build
- name: Test with race detector (Ubuntu and MacOS)
if: matrix.os != 'windows-latest'
run: make test-ci-race
- name: Test without race detector (Windows)
if: matrix.os == 'windows-latest'
run: make test-ci
test-flaky:
name: Test (flaky)
runs-on: ubuntu-latest
continue-on-error: ${{ github.ref == 'refs/heads/master' }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
cache: true
go-version-file: go.mod
- name: Run flaky test
run: make test-ci-flaky
continue-on-error: ${{ github.ref == 'refs/heads/master' }}
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v5
with:
cache: false
go-version-file: go.mod
- name: Commit linting
if: github.ref != 'refs/heads/master'
uses: wagoid/commitlint-github-action@v5
- name: GolangCI-Lint
uses: golangci/golangci-lint-action@v6
with:
skip-cache: false
version: v1.61.0
- name: Whitespace check
run: make check-whitespace
- name: go mod tidy check
uses: katexochen/go-tidy-check@v2
coverage:
name: Coverage Report
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
cache: false
go-version-file: go.mod
- name: Cache Go Modules
uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-coverage-${{ hashFiles('**/go.sum') }}
- name: Test with code coverage
run: make cover=1 test-ci
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
files: ./cover.out
vuln-check:
name: Vulnerability Check
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Run govulncheck
id: govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-file: go.mod
go-package: ./...
output-format: sarif
output-file: govulncheck.sarif
- name: Upload SARIF to GitHub Code Scanning
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: govulncheck.sarif
trigger-beekeeper:
name: Trigger Beekeeper
runs-on: ubuntu-latest
needs: [test, lint, coverage, vuln-check]
if: github.ref == 'refs/heads/master'
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@v5
with:
cache: false
go-version-file: go.mod
- name: Trigger Beekeeper
uses: peter-evans/repository-dispatch@v2
with:
token: ${{ secrets.GHA_PAT_BASIC }}
repository: ${{ github.repository }}
event-type: trigger-beekeeper
client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}"}'