-
Notifications
You must be signed in to change notification settings - Fork 63
89 lines (73 loc) · 3.16 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
name: CI
# Triggers the workflow on push or pull request events but only for the main branch
on:
push:
branches: [main]
pull_request:
branches: [main]
# Only allow one job of this action to be ran at a time
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
jobs:
build-and-validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go environment
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
# The Go version to download (if necessary) and use. Supports semver spec and ranges.
go-version: 1.18
- name: Generate Go sources, CRDs and schemas
run: |
bash ./docker-run.sh ./build.sh
if [[ ! -z $(git status -s) ]]
then
echo 'Command `bash ./docker-run.sh ./build.sh` did introduce changes, which should not be the case if it had been run as part of the PR. Please run it locally and check in the results as part of your PR.'
git --no-pager diff
exit 1
fi
- name: Validate samples against schemas
run: bash ./docker-run.sh ./validate-samples.sh
- name: Run GO tests
run: go test -coverprofile cover.out -v ./...
- name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
- name: Check typescript model generation
run: bash ./build/typescript-model/generate.sh
- name: Check GO mod state
run: |
go mod tidy
go mod vendor
git diff --exit-code || { echo 'Go mod is not clean. Execute "go mod tidy && go mod vendor" locally and commit changes to fix an issue'; exit 1; }
- name: Check GO format
run: |
go fmt -x ./...
git diff --exit-code || { echo 'Go sources need to be formatted. Execute "go fmt -x ./..." locally and commit changes to fix an issue'; exit 1; }
- name: Check Generator GO mod state
working-directory: generator
run: |
go mod tidy
go mod vendor
git diff --exit-code || { echo 'Go mod is not clean. Execute "go mod tidy && go mod vendor" locally in the 'generator' folder and commit changes to fix an issue'; exit 1; }
- name: Check Generator GO format
working-directory: generator
run: |
go fmt -x ./...
git diff --exit-code || { echo 'Go sources need to be formatted. Execute "go fmt -x ./..." locally in the 'generator' folder and commit changes to fix an issue'; exit 1; }
- name: Run Gosec Security Scanner
run: |
export PATH=$PATH:$(go env GOPATH)/bin
go install github.com/securego/gosec/v2/cmd/[email protected]
bash ./run_gosec.sh
if [[ $? != 0 ]]
then
echo "gosec scanner failed to run "
exit 1
fi
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: gosec.sarif