build(deps): bump github/codeql-action from 3.27.7 to 3.27.9 #1728
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
permissions: | |
contents: read # for actions/checkout to fetch code | |
jobs: | |
formatting: | |
name: runner / formatting | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Format | |
run: if [ "$(gofmt -s -l . | wc -l)" -gt 0 ]; then exit 1; fi | |
- name: Run go vet | |
run: go vet ./... | |
golangci-lint: | |
name: runner / golangci-lint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: golangci-lint | |
uses: reviewdog/action-golangci-lint@dd3fda91790ca90e75049e5c767509dc0ec7d99b # v2.7.0 | |
with: | |
fail_on_error: true | |
golangci_lint_flags: "--config=.github/.golangci.yml ./..." | |
yamllint: | |
name: runner / yamllint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- uses: reviewdog/action-yamllint@1dca3ad811867be18fbe293a9818d715a6c2cd46 # v1.20.0 | |
with: | |
fail_on_error: true | |
reporter: github-pr-review | |
yamllint_flags: '-d "{extends: default, rules: {truthy: disable}}" .' | |
dotenv-linter: | |
name: runner / dotenv-linter | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- uses: dotenv-linter/action-dotenv-linter@9c9a09ba60235ae0b92b2e2ed8f4268ac76d075f # v2.23.0 | |
with: | |
reporter: github-pr-review | |
check-dependencies: | |
name: runner / check-dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a | |
- name: WriteGoList | |
run: go list -json -m all > go.list | |
- name: Nancy | |
uses: sonatype-nexus-community/nancy-github-action@395e2fb168f674f96502e5652103d112899ea369 # main | |
continue-on-error: true | |
- name: "Dependency Review" | |
uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 | |
with: | |
base-ref: ${{ github.event.pull_request.base.sha || 'main' }} | |
head-ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
tests: | |
name: runner / build and tests | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
go-version: [1.22.x, 1.23.x] | |
os: [windows-2019, windows-2022, ubuntu-22.04, ubuntu-20.04, ubuntu-24.04] | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a | |
with: | |
go-version: ${{ matrix.go-version }} | |
- name: build go | |
run: go build ./cmd/app/main.go | |
- name: Install Test Converter and run tests | |
run: | | |
export GOPATH="$HOME/go/" | |
export PATH=$PATH:$GOPATH/bin | |
go install github.com/jstemmer/go-junit-report/v2@latest | |
go test -covermode=atomic -coverprofile=coverage.out -race -v ./... > test_output.txt 2>&1 || true | |
cat test_output.txt | |
cat test_output.txt | go-junit-report -set-exit-code > junit-${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}}.xml | |
if grep -q "FAIL" test_output.txt; then exit 1; fi | |
- name: Upload Coverage Results | |
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: GitHub Upload Release Artifacts | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: JUnit Results ${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}} | |
path: junit-${{matrix.os}}-${{matrix.go-version}}-${{github.run_attempt}}.xml | |
# - name: Integration tests | |
# run: "docker-compose up \ | |
# --build \ | |
# --abort-on-container-exit \ | |
# --exit-code-from integration" |