Merge pull request #260 from SamYuan1990/memoryleakcheck

rootfs · web-flow · commit f8634d718504 · 2022-09-28T09:55:30.000-04:00
CI:impl for escapes detect as github action
diff --git a/.github/workflows/gogc.yml b/.github/workflows/gogc.yml
@@ -0,0 +1,15 @@
+name: go escapes detect
+
+on:
+  pull_request:
+
+jobs:
+  escapes_detect:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@main
+      - uses: actions/setup-go@main
+        with:
+          go-version: 1.18
+      - name: run escapes detect
+        run: make escapes_detect
diff --git a/.github/workflows/govulnerability.yml b/.github/workflows/govulnerability.yml
@@ -0,0 +1,15 @@
+name: go vulnerability detect
+
+on:
+  pull_request:
+
+jobs:
+  vulnerability_detect:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@main
+      - uses: actions/setup-go@main
+        with:
+          go-version: 1.18
+      - name: run vulnerability detect
+        run: make govulncheck
diff --git a/Makefile b/Makefile
@@ -141,6 +141,15 @@ test: ginkgo-set tidy-vendor
 test-verbose: ginkgo-set tidy-vendor
 	@go test -tags $(GO_BUILD_TAGS) -covermode=atomic -coverprofile=coverage.out -v ./... --race --bench=. -cover --count=1 --vet=all
 
+escapes_detect: tidy-vendor
+	@go build -tags $(GO_BUILD_TAGS) -gcflags="-m -l" ./... | grep "escapes to heap" || true
+
+set_govulncheck:
+	@go install golang.org/x/vuln/cmd/govulncheck@latest
+
+govulncheck: set_govulncheck tidy-vendor
+	@govulncheck -v ./... || true
+
 format:
 	gofmt -e -d -s -l -w pkg/ cmd/
 
