feat: Track code coverage #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Go | |
on: | |
push: | |
branches: | |
- "master" | |
pull_request: | |
branches: | |
- "master" | |
env: | |
# Golang version to use across CI steps | |
GOLANG_VERSION: '1.20' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
jobs: | |
event_file: | |
name: "Event File" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Upload | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Event File | |
path: ${{ github.event_path }} | |
lint-go: | |
permissions: | |
contents: read # for actions/checkout to fetch code | |
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests | |
name: Lint Go code | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v5.0.0 | |
with: | |
go-version: ${{ env.GOLANG_VERSION }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Run golangci-lint | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: v1.53.3 | |
args: --timeout 6m | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v5.0.0 | |
with: | |
go-version: ${{ env.GOLANG_VERSION }} | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Restore go build cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.cache/go-build | |
key: ${{ runner.os }}-go-build-v1-${{ github.run_id }} | |
- name: Download all Go modules | |
run: | | |
go mod download | |
- name: Compile all packages | |
run: make controller plugin | |
- name: Test | |
run: make test-unit | |
- name: Upload Unit Test Results | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Unit Test Results | |
path: | | |
junit.xml | |
- name: Generate code coverage artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: code-coverage | |
path: coverage.out | |
- name: Upload code coverage information to codecov.io | |
uses: codecov/codecov-action@v3.1.4 | |
with: | |
file: coverage.out | |
source-scan: | |
name: Gosec code scanning | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Run gosec | |
uses: securego/gosec@v2.18.2 | |
with: | |
args: '-no-fail -fmt sarif -out gosec.sarif ./...' | |
- name: Upload gosec scan results to GitHub Security tab | |
uses: github/codeql-action/upload-sarif@v2 | |
with: | |
sarif_file: 'gosec.sarif' |