Bump github/codeql-action from 2 to 3 #76
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| env: | |
| commit_msg: "" | |
| on: | |
| push: | |
| branches: | |
| - "*" | |
| pull_request: | |
| branches: | |
| - master | |
| - main | |
| workflow_dispatch: {} | |
| jobs: | |
| # Scan direct Go dependencies for known vulnerabilities | |
| scan: | |
| name: scan for vulnerabilities | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout code | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| # Configure runner environment | |
| - name: Set up runner environment | |
| run: ./.github/workflows/assets/utils.sh setup | |
| env: | |
| GITHUB_USER: ${{ github.actor }} | |
| ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }} | |
| # Get commit message | |
| - name: Get commit message | |
| run: | | |
| echo 'commit_msg<<EOF' >> $GITHUB_ENV | |
| git log --format=%B -n 1 ${{ github.sha }} >> $GITHUB_ENV | |
| echo 'EOF' >> $GITHUB_ENV | |
| # Go | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: 1.20.x | |
| # List direct dependencies | |
| - name: List dependencies | |
| run: go list -mod=readonly -f '{{if not .Indirect}}{{.}}{{end}}' -m all > go.list | |
| # Scan dependencies using Nancy | |
| # https://github.com/sonatype-nexus-community/nancy-github-action | |
| - name: Scan dependencies | |
| if: ${{ !contains(env.commit_msg, '[skip scan-deps]') }} | |
| uses: sonatype-nexus-community/[email protected] | |
| # Runs on every push and pull request on the selected branches. | |
| # Can also be executed manually. | |
| test: | |
| name: code quality and correctness | |
| needs: scan | |
| strategy: | |
| matrix: | |
| go-version: [1.19.x, 1.20.x, 1.21.x] | |
| os: [ubuntu-latest] | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 15 | |
| steps: | |
| # Checkout code | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # Configure runner environment | |
| - name: Set up runner environment | |
| run: ./.github/workflows/assets/utils.sh setup | |
| env: | |
| GITHUB_USER: ${{ github.actor }} | |
| ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }} | |
| # Get commit message | |
| - name: Get commit message | |
| run: | | |
| echo 'commit_msg<<EOF' >> $GITHUB_ENV | |
| git log --format=%B -n 1 ${{ github.sha }} >> $GITHUB_ENV | |
| echo 'EOF' >> $GITHUB_ENV | |
| # Go | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ matrix.go-version }} | |
| # Style consistency and static analysis using 'golangci-lint' | |
| # https://github.com/marketplace/actions/run-golangci-lint | |
| - name: Static analysis | |
| uses: golangci/golangci-lint-action@v3 | |
| with: | |
| version: v1.54.2 | |
| # Run unit tests | |
| - name: Test | |
| run: make test | |
| # Ensure project compile and build successfully | |
| - name: Build | |
| run: make build-for os=linux arch=amd64 | |
| # Save artifacts | |
| - name: Save artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: assets | |
| path: | | |
| coverage.html |