build-dev.yaml

name: Test Build
env:
  EXPORT_RESULT: true
on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]
jobs:
  build-container:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."

      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "^1.21"

      - name: Verify that generated manifests committed to the repository are up to date
        run: make verify-manifests

      - name: Build
        run: make generate fmt vet build

      - name: Run unit tests
        run: make unit-test

      - name: Run coverage report
        run: make coverage

      - name: Codecov
        uses: codecov/codecov-action@v3.1.4
        with:
          file: ./coverage.xml  # Replace with the path to your coverage report
          fail_ci_if_error: true

      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@0.16.1
        with:
          scan-type: "fs"
          ignore-unfixed: true
          format: "table"
          exit-code: "1"
          vuln-type: "os,library"
          severity: "CRITICAL,HIGH"