ivuorinen/gibidify
1
0
Fork 0
mirror of https://github.com/ivuorinen/gibidify.git synced 2026-01-26 11:34:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(tests): more tests and ci action (#14)

Browse Source 
* feat(tests): more tests and ci action
* fix(ci): coverage and pr-lint
* fix(ci): renovate rules, permissions, linting, actions
* fix(lint): editorconfig fixes
* fix(lint): kics.config
* fix(lint): formatting, permissions, pre-commit config
* chore(ci): set workflow to use go 1.23, go mod tidy
* chore(ci): fixes and stuff
* chore(ci): disable GO_GOLANGCI_LINT
* chore(ci): pinning, permissions
This commit is contained in:
Ismo Vuorinen
2025-03-23 19:41:39 +02:00
committed by GitHub
parent 2aa2a94a38
commit 4b8d66c778
22 changed files with 680 additions and 197 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
.github/workflows/ci.yml vendored
View File

@@ -2,13 +2,14 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Build and Publish
# yamllint disable-line rule:truthy
on:
push:
branches: [ main ]
branches: [main]
pull_request:
branches: [ main ]
branches: [main]
release:
types: [ created ]
types: [created]
permissions: read-all
@@ -16,17 +17,30 @@ jobs:
build:
name: Build Binaries
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
actions: write
strategy:
matrix:
goos: [ "linux", "darwin" ]
goos: ["linux", "darwin"]
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Go
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.24'
go-version-file: "./go.mod"
- name: Run go mod tidy
shell: bash
run: go mod tidy
- name: Build binary for ${{ matrix.goos }}
shell: bash
@@ -37,22 +51,27 @@ jobs:
.
- name: Upload artifact for ${{ matrix.goos }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: gibidify-${{ matrix.goos }}
path: gibidify-${{ matrix.goos }}
docker:
name: Build and Publish Docker Image
if: github.event_name == 'release'
needs: build
runs-on: ubuntu-latest
if: github.event_name == 'release'
permissions:
packages: write
actions: write
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Download Linux binary artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: gibidify-linux
path: .

29
.github/workflows/pr-lint.yml vendored Normal file
View File

@@ -0,0 +1,29 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: PR Lint
# yamllint disable-line rule:truthy
on:
push:
branches: [master, main]
pull_request:
branches: [master, main]
permissions: read-all
env:
TRIVY_SEVERITY: CRITICAL,HIGH
DISABLE_LINTERS: GO_GOLANGCI_LINT
jobs:
Linter:
name: PR Lint
runs-on: ubuntu-latest
permissions:
contents: write # only for delete-branch option
issues: write
pull-requests: write
statuses: write
steps:
- uses: ivuorinen/actions/pr-lint@eb085adfe2779a1c52bfe1b2d0945b6c4241f54e # 25.3.19

25
.github/workflows/sync-labels.yml vendored Normal file
View File

@@ -0,0 +1,25 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Sync labels
permissions: read-all
# yamllint disable-line rule:truthy
on:
push:
paths:
- .github/workflows/sync-labels.yml
- .github/labels.yml
schedule:
- cron: "34 5 * * *"
workflow_call:
workflow_dispatch:
jobs:
SyncLabels:
permissions:
contents: read
issues: write
runs-on: ubuntu-latest
steps:
- uses: ivuorinen/actions/sync-labels@eb085adfe2779a1c52bfe1b2d0945b6c4241f54e # 25.3.19

68
.github/workflows/test-coverage-sarif.yml vendored Normal file
View File

@@ -0,0 +1,68 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Go Tests with Coverage to SARIF
# yamllint disable-line rule:truthy
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions: read-all
jobs:
test:
runs-on: ubuntu-latest
permissions:
contents: write
checks: write
pull-requests: write
security-events: write
statuses: write
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: ivuorinen/gibidify
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Go
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version-file: "./go.mod"
- name: Install dependencies
shell: bash
run: go mod tidy
- name: Run tests
shell: bash
run: go test -v ./...
- name: Generate coverage report
shell: bash
run: go test -coverprofile=coverage.out ./...
- name: Check coverage
id: coverage
shell: bash
run: |
coverage=$(go tool cover -func=coverage.out | grep total | awk '{print substr($3, 1, length($3)-1)}')
echo "total_coverage=$coverage" >> "$GITHUB_OUTPUT"
echo "Coverage: $coverage%"
- name: Cleanup
shell: bash
run: rm coverage.out
- name: Fail if coverage is below threshold
shell: bash
run: |
if (( $(echo "$total_coverage < 50" | bc -l) )); then
echo "Coverage ($total_coverage%) is below the threshold (50%)"
exit 1
fi