-
-
Notifications
You must be signed in to change notification settings - Fork 0
137 lines (130 loc) · 3.5 KB
/
ci.yml
File metadata and controls
137 lines (130 loc) · 3.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: Continuous Integration
on:
push:
branches: [main, dev]
pull_request:
branches: [main, dev]
schedule:
- cron: '0 0 * * 0'
workflow_dispatch:
permissions:
contents: read
security-events: write
jobs:
build:
name: Go Build
runs-on: ubuntu-latest
steps:
- name: Git Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: ./.github/actions/setup-go
- name: Go Build
run: go build -v ./...
lint:
name: Linters
runs-on: ubuntu-latest
needs: build
permissions:
issues: write
pull-requests: write
steps:
- name: Git Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: ./.github/actions/setup-go
- name: GolangCI Lint
uses: golangci/golangci-lint-action@v8
with:
version: v2.1
args: --config=.linters/.golangci.yml
- name: MegaLinter
uses: oxsecurity/megalinter/flavors/go@v8
id: ml
env:
VALIDATE_ALL_CODEBASE: true
DEFAULT_WORKSPACE: ${{ github.workspace }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Archive reports
uses: actions/upload-artifact@v4
if: ${{ success() || failure() }}
with:
name: MegaLinter reports
path: |
.ml-reports/
mega-linter.log
tests:
name: Go All Tests
runs-on: ubuntu-latest
needs: build
strategy:
matrix:
tf-version: ['1.11.*', '1.12.*']
steps:
- name: Git Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: ./.github/actions/setup-go
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ matrix.tf-version }}
terraform_wrapper: false
- name: Run Tests
run: go test ./internal/provider -v -coverprofile=tests-report.lcov -json > tests-report.log
env:
TF_ACC: '1'
- name: Codecov Upload Coverage
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
files: tests-report.lcov
- name: Codecov Upload Test Results
if: ${{ !cancelled() }}
uses: codecov/test-results-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload Test Artifacts
uses: actions/upload-artifact@v4
with:
name: tests-report-${{ github.sha }}
path: |
tests-report.lcov
tests-report.log
retention-days: 7
overwrite: true
sonar:
name: SonarCloud Scan
if: github.event_name == 'push'
runs-on: ubuntu-latest
needs: [tests]
steps:
- name: Git Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download Artifacts
uses: actions/download-artifact@v4
with:
name: tests-report-${{ github.sha }}
- name: Sonarqube Scan
uses: SonarSource/sonarqube-scan-action@v5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
codeql:
name: CodeQL Scan
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
needs: build
steps:
- name: Git Checkout
uses: actions/checkout@v4
- name: CodeQL Analysis
uses: github/codeql-action/init@v3
with:
languages: go
- name: CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: '/language:go'