Skip to content

Update github-actions #465

Update github-actions

Update github-actions #465

Workflow file for this run

name: Opaque
on:
pull_request:
branches:
- main
permissions:
contents: read
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
- name: Checkout repo
uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@df1a11710ed378b187f40c71eb3d6c08d82e7108
with:
go-version-file: ./go.mod
# Linting
- name: Linting
uses: golangci/golangci-lint-action@06c3f3a5515ecb115aa8e1a90cbb3d4b3001936c
with:
version: latest
args: --config=./.github/.golangci.yml ./...
only-new-issues: true
test:
name: Test
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
go: [ '1.22', '1.21' ]
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
proxy.golang.org:443
storage.googleapis.com:443
sum.golang.org:443
- name: Checkout repo
uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@df1a11710ed378b187f40c71eb3d6c08d82e7108
with:
go-version: ${{ matrix.go }}
# Test
- name: Run Tests
run: cd .github && make test
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.codecov.io:443
api.github.com:443
cli.codecov.io:443
ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
scanner.sonarcloud.io:443
sonarcloud.io:443
storage.googleapis.com:443
- name: Checkout repo
uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@df1a11710ed378b187f40c71eb3d6c08d82e7108
with:
go-version-file: ./go.mod
# Coverage
- name: Run coverage
run: cd .github && make cover
# Codecov
- name: Codecov
uses: codecov/codecov-action@bd77bc323cd6112f528fe493c071212824878695
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
file: .github/coverage.out
# Sonar
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@eb211723266fe8e83102bac7361f0a05c3ac1d1b
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.organization=bytemare-github
-Dsonar.projectKey=bytemare_opaque
-Dsonar.go.coverage.reportPaths=.github/coverage.out
-Dsonar.sources=.
-Dsonar.exclusions=examples_test.go
-Dsonar.test.exclusions=examples_test.go,tests/**
-Dsonar.coverage.exclusions=examples_test.go,tests/**
-Dsonar.tests=tests/
-Dsonar.verbose=true