diff --git a/.codecov.yml b/.codecov.yml index 5a9bdf017..e692c0ef8 100644 --- a/.codecov.yml +++ b/.codecov.yml @@ -1,36 +1,19 @@ -# See http://docs.codecov.io/docs/coverage-configuration coverage: - precision: 2 # 2 = xx.xx%, 0 = xx% - round: down - # For example: 20...60 would result in any coverage less than 20% - # would have a red background. The color would gradually change to - # green approaching 60%. Any coverage over 60% would result in a - # solid green color. - range: "20...60" - status: - # project will give us the diff in the total code coverage between a commit - # and its parent - project: yes - # Patch gives just the coverage of the patch - patch: yes - # changes tells us if there are unexpected code co verage changes in other files - # which were not changed by the diff - changes: yes + # allow test coverage to drop by 0.1%, assume that it's typically due to CI problems + patch: + default: + threshold: 0.1 + project: + default: + threshold: 0.1 - # See http://docs.codecov.io/docs/ignoring-paths ignore: + - "api/v1alpha1/*" - "build/*" + - "common/*" - "hack/*" - "openshift-ci/*" + - "vendor/.*" + - "version/*" - "Makefile" - - ".travis.yml" - -# See http://docs.codecov.io/docs/pull-request-comments-1 -comment: - layout: "diff, files" - behavior: "" - # default = posts once then update, posts new if delete - # once = post once then updates - # new = delete old, post new - # spammy = post new \ No newline at end of file diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml new file mode 100644 index 000000000..6217b0d1e --- /dev/null +++ b/.github/workflows/go.yml @@ -0,0 +1,63 @@ +name: Go +on: + push: + branches: + - "master" + pull_request: + branches: + - "master" +env: + # Golang version to use across CI steps + GOLANG_VERSION: '1.20' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + event_file: + name: "Event File" + runs-on: ubuntu-latest + steps: + - name: Upload + uses: actions/upload-artifact@v4 + with: + name: Event File + path: ${{ github.event_path }} + + build: + name: Build + runs-on: ubuntu-latest + steps: + - name: Set up Go + uses: actions/setup-go@v5.0.0 + with: + go-version: ${{ env.GOLANG_VERSION }} + id: go + + - name: Check out code into the Go module directory + uses: actions/checkout@v4 + + - name: Restore go build cache + uses: actions/cache@v4 + with: + path: ~/.cache/go-build + key: ${{ runner.os }}-go-build-v1-${{ github.run_id }} + + - name: Download all Go modules + run: | + go mod download + + - name: Generate code coverage artifacts + uses: actions/upload-artifact@v4 + with: + name: code-coverage + path: coverage.out + + - name: Upload code coverage information to codecov.io + uses: codecov/codecov-action@v3.1.4 + with: + file: coverage.out diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml new file mode 100644 index 000000000..ee786730b --- /dev/null +++ b/.github/workflows/gosec.yaml @@ -0,0 +1,27 @@ +--- +name: Go Test on Pull Requests +on: # yamllint disable-line rule:truthy + pull_request: + types: + - opened + - synchronize + - reopened + paths: + - '**.go' + workflow_dispatch: +jobs: + gosec: + name: Check GO security + runs-on: ubuntu-20.04 + steps: + - name: Check out code + uses: actions/checkout@v3 + with: + fetch-depth: 1 + ref: ${{ github.event.pull_request.head.sha }} + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: -exclude-generated ./... + env: + GOROOT: "" diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr.yml similarity index 61% rename from .github/workflows/pr-checks.yml rename to .github/workflows/pr.yml index 00772a248..ce4e1684c 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr.yml @@ -4,7 +4,17 @@ on: pull_request: branches: - master - - 'v*.*' + +env: + GO111MODULE: on + SDK_VERSION: "1.17.0" + MINIKUBE_WANTUPDATENOTIFICATION: false + MINIKUBE_WANTREPORTERRORPROMPT: false + K8S_VERSION: "1.21.3" + MINIKUBE_VERSION: "1.26.0" + OLM_VERSION: "0.22.0" + TEST_ACCEPTANCE_CLI: "kubectl" + TEST_RESULTS: "out/acceptance-tests" jobs: lint: @@ -26,10 +36,6 @@ jobs: - name: Checkout repo uses: actions/checkout@v4 - - name: Run linters - run: make lint - - unit: name: Unit Tests with Code coverage runs-on: ubuntu-20.04 @@ -44,29 +50,11 @@ jobs: uses: actions/checkout@v4 - name: Unit Tests with Code Coverage - run: | - make test + run: ./scripts/openshiftci-presubmit-unittests.sh - name: Upload Code Coverage Report uses: codecov/codecov-action@v3 with: - file: cover.out + file: coverage.out verbose: true fail_ci_if_error: true - - source-scan: - name: Gosec code scanning - runs-on: ubuntu-20.04 - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run gosec - uses: securego/gosec@v2.18.2 - with: - args: '-no-fail -fmt sarif -out gosec.sarif ./...' - - - name: Upload gosec scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: 'gosec.sarif' diff --git a/Makefile b/Makefile index 3e2efd82b..602a8166b 100644 --- a/Makefile +++ b/Makefile @@ -110,7 +110,12 @@ test-gitopsservice-nondefault: go test -p 1 -timeout 30m ./test/nondefaulte2e -ginkgo.focus="GitOpsServiceNoDefaultInstall" -coverprofile cover.out -ginkgo.v test: manifests generate fmt vet ## Run unit tests. - go test `go list ./... | grep -v test` -coverprofile cover.out + go test `go list ./... | grep -v test` -coverprofile coverage.out + +.PHONY: coverage +coverage: test ## run coverage tests + go tool cover -html=coverage.out -o coverage.html + open coverage.html .PHONY: e2e-tests-sequential e2e-tests-sequential: ## Runs kuttl e2e sequentail tests