diff --git a/.github/README.md b/.github/README.md index 3af8c3a..8d2d83f 100644 --- a/.github/README.md +++ b/.github/README.md @@ -73,6 +73,7 @@ Clone the repository and build the project: git clone https://github.com/ivuorinen/go-test-sarif-action.git cd go-test-sarif-action go build -o go-test-sarif ./cmd/main.go +go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest ``` Run tests: @@ -81,6 +82,13 @@ Run tests: go test ./... ``` +Run linting: + +```sh +go vet ./... +golangci-lint run +``` + ## 📄 License This project is licensed under the **MIT License**. diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6b71f1c..57ede52 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,3 +1,4 @@ +--- name: Run Go Tests and Generate SARIF on: @@ -23,6 +24,15 @@ jobs: with: go-version-file: "go.mod" + - name: Install golangci-lint + uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0 + with: + version: latest + + - name: Run Linters + run: | + go vet ./... + golangci-lint run - name: Run Go Tests shell: bash run: go test -json ./... > go-test-results.json diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..daa2c7a --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,8 @@ +version: "2" +run: + timeout: 5m +linters: + enable: + - errcheck + - govet + - staticcheck diff --git a/.mega-linter.yml b/.mega-linter.yml index e8e738b..b5baa4e 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -17,4 +17,5 @@ SHOW_SKIPPED_LINTERS: false # Show skipped linters in MegaLinter log DISABLE_LINTERS: - REPOSITORY_DEVSKIM + - GO_GOLANGCI_LINT # old go version, fails always diff --git a/.yamlfmt.yml b/.yamlfmt.yml new file mode 100644 index 0000000..f3151e0 --- /dev/null +++ b/.yamlfmt.yml @@ -0,0 +1,11 @@ +--- +# yamlfmt configuration file +# Schema: https://raw.githubusercontent.com/google/yamlfmt/main/schema.json +formatter: + type: basic + include_document_start: true + gitignore_excludes: true + retain_line_breaks_single: true + eof_newline: true + max_line_length: 120 + indent: 2 diff --git a/.yamlignore b/.yamlignore new file mode 100644 index 0000000..e69de29 diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 0000000..d9790c1 --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,20 @@ +--- +extends: relaxed + +yaml-files: + - '*.yaml' + - '*.yml' + - '.yamllint' + +ignore-from-file: .gitignore + +rules: + empty-lines: + max: 1 + max-start: 0 + max-end: 1 + + line-length: + max: 100 + allow-non-breakable-words: true + allow-non-breakable-inline-mappings: false diff --git a/Justfile b/Justfile index 49aa728..53f0a05 100644 --- a/Justfile +++ b/Justfile @@ -7,10 +7,11 @@ src := "./cmd/main.go" default: just build -# Lint with megalinter +# Lint Go code lint: echo "Linting..." - npx --yes mega-linter-runner + go vet ./... + golangci-lint run # Build the Go binary build: diff --git a/go.mod b/go.mod index 0cf3e51..23d4350 100644 --- a/go.mod +++ b/go.mod @@ -2,12 +2,9 @@ module github.com/ivuorinen/go-test-sarif-action go 1.24.1 -require ( - github.com/owenrumney/go-sarif/v2 v2.3.3 - github.com/owenrumney/go-sarif/v3 v3.2.1 -) +require github.com/owenrumney/go-sarif/v2 v2.3.3 -require gopkg.in/yaml.v3 v3.0.1 // indirect +require github.com/stretchr/testify v1.10.0 // indirect replace golang.org/x/crypto => golang.org/x/crypto v0.40.0 diff --git a/go.sum b/go.sum index 6d44c01..30c2c15 100644 --- a/go.sum +++ b/go.sum @@ -4,6 +4,7 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -11,12 +12,12 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U= github.com/owenrumney/go-sarif/v2 v2.3.3 h1:ubWDJcF5i3L/EIOER+ZyQ03IfplbSU1BLOE26uKQIIU= github.com/owenrumney/go-sarif/v2 v2.3.3/go.mod h1:MSqMMx9WqlBSY7pXoOZWgEsVB4FDNfhcaXDA1j6Sr+w= -github.com/owenrumney/go-sarif/v3 v3.2.1/go.mod h1:S2sdyDnv0sxN5x+M8iFZIzZE2+uTX/1uXlwTRx0efT0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= diff --git a/internal/converter.go b/internal/converter.go index f6731e9..668f136 100644 --- a/internal/converter.go +++ b/internal/converter.go @@ -24,7 +24,11 @@ func ConvertToSARIF(inputFile, outputFile string) error { if err != nil { return fmt.Errorf("failed to read input file: %w", err) } - defer f.Close() + defer func() { + if cerr := f.Close(); cerr != nil { + fmt.Fprintf(os.Stderr, "failed to close input file: %v\n", cerr) + } + }() report, err := sarif.New(sarif.Version210) if err != nil { diff --git a/internal/converter_test.go b/internal/converter_test.go index 9ad62c8..ee01f78 100644 --- a/internal/converter_test.go +++ b/internal/converter_test.go @@ -2,147 +2,83 @@ package internal import ( "os" + "path/filepath" "testing" ) // TestConvertToSARIF_Success tests the successful conversion of a valid Go test JSON output to SARIF format. func TestConvertToSARIF_Success(t *testing.T) { - // Create a temporary JSON input file with valid test data - inputFile, err := os.CreateTemp("", "test_input_*.json") - if err != nil { - t.Fatalf("Failed to create temp input file: %v", err) - } - defer func(name string) { - err := os.Remove(name) - if err != nil { - t.Fatalf("Failed to remove temp input file: %v", err) - } - }(inputFile.Name()) + dir := t.TempDir() + inputPath := filepath.Join(dir, "input.json") inputContent := `{"Action":"fail","Package":"github.com/ivuorinen/go-test-sarif/internal","Test":"TestExample","Output":"Test failed"}` + "\n" - if _, err := inputFile.WriteString(inputContent); err != nil { - t.Fatalf("Failed to write to temp input file: %v", err) + if err := os.WriteFile(inputPath, []byte(inputContent), 0o600); err != nil { + t.Fatalf("Failed to write input file: %v", err) } - // Create a temporary SARIF output file - outputFile, err := os.CreateTemp("", "test_output_*.sarif") - if err != nil { - t.Fatalf("Failed to create temp output file: %v", err) - } - defer func(name string) { - err := os.Remove(name) - if err != nil { - t.Fatalf("Failed to remove temp output file: %v", err) - } - }(outputFile.Name()) + outputPath := filepath.Join(dir, "output.sarif") - // Run the ConvertToSARIF function - err = ConvertToSARIF(inputFile.Name(), outputFile.Name()) - if err != nil { + if err := ConvertToSARIF(inputPath, outputPath); err != nil { t.Errorf("ConvertToSARIF returned an error: %v", err) } - // Read and validate the SARIF output - outputContent, err := os.ReadFile(outputFile.Name()) + outputContent, err := os.ReadFile(outputPath) if err != nil { t.Fatalf("Failed to read SARIF output file: %v", err) } - // Perform basic validation on the SARIF output if len(outputContent) == 0 { t.Errorf("SARIF output is empty") } - - // Additional validations can be added here to verify the correctness of the SARIF content } // TestConvertToSARIF_InvalidInput tests the function's behavior when provided with invalid JSON input. func TestConvertToSARIF_InvalidInput(t *testing.T) { - // Create a temporary JSON input file with invalid test data - inputFile, err := os.CreateTemp("", "test_input_invalid_*.json") - if err != nil { - t.Fatalf("Failed to create temp input file: %v", err) - } - defer func(name string) { - err := os.Remove(name) - if err != nil { - t.Fatalf("Failed to remove temp input file: %v", err) - } - }(inputFile.Name()) + dir := t.TempDir() + inputPath := filepath.Join(dir, "invalid.json") inputContent := `{"Action":"fail","Package":"github.com/ivuorinen/go-test-sarif/internal","Test":"TestExample","Output":` + `Test failed}` + "\n" // Missing quotes around 'Test failed' - if _, err := inputFile.WriteString(inputContent); err != nil { - t.Fatalf("Failed to write to temp input file: %v", err) + if err := os.WriteFile(inputPath, []byte(inputContent), 0o600); err != nil { + t.Fatalf("Failed to write input file: %v", err) } - // Create a temporary SARIF output file - outputFile, err := os.CreateTemp("", "test_output_invalid_*.sarif") - if err != nil { - t.Fatalf("Failed to create temp output file: %v", err) - } - defer func(name string) { - err := os.Remove(name) - if err != nil { - t.Fatalf("Failed to remove temp output file: %v", err) - } - }(outputFile.Name()) + outputPath := filepath.Join(dir, "output.sarif") - // Run the ConvertToSARIF function - err = ConvertToSARIF(inputFile.Name(), outputFile.Name()) - if err == nil { + if err := ConvertToSARIF(inputPath, outputPath); err == nil { t.Errorf("Expected an error for invalid JSON input, but got none") } } // TestConvertToSARIF_FileNotFound tests the function's behavior when the input file does not exist. func TestConvertToSARIF_FileNotFound(t *testing.T) { - // Define a non-existent input file path inputFile := "non_existent_file.json" - // Create a temporary SARIF output file - outputFile, err := os.CreateTemp("", "test_output_notfound_*.sarif") - if err != nil { - t.Fatalf("Failed to create temp output file: %v", err) - } - defer func(name string) { - err := os.Remove(name) - if err != nil { - t.Fatalf("Failed to remove temp output file: %v", err) - } - }(outputFile.Name()) + dir := t.TempDir() + outputPath := filepath.Join(dir, "output.sarif") - // Run the ConvertToSARIF function - err = ConvertToSARIF(inputFile, outputFile.Name()) - if err == nil { + if err := ConvertToSARIF(inputFile, outputPath); err == nil { t.Errorf("Expected an error for non-existent input file, but got none") } } // TestConvertToSARIF_PackageFailure ensures package-level failures are included in the SARIF output. func TestConvertToSARIF_PackageFailure(t *testing.T) { - inputFile, err := os.CreateTemp("", "test_input_pkgfail_*.json") - if err != nil { - t.Fatalf("Failed to create temp input file: %v", err) - } - defer os.Remove(inputFile.Name()) + dir := t.TempDir() + inputPath := filepath.Join(dir, "input.json") inputContent := `{"Action":"fail","Package":"github.com/ivuorinen/go-test-sarif-action","Output":"FAIL"}` + "\n" - if _, err := inputFile.WriteString(inputContent); err != nil { - t.Fatalf("Failed to write to temp input file: %v", err) + if err := os.WriteFile(inputPath, []byte(inputContent), 0o600); err != nil { + t.Fatalf("Failed to write input file: %v", err) } - outputFile, err := os.CreateTemp("", "test_output_pkgfail_*.sarif") - if err != nil { - t.Fatalf("Failed to create temp output file: %v", err) - } - defer os.Remove(outputFile.Name()) + outputPath := filepath.Join(dir, "output.sarif") - if err := ConvertToSARIF(inputFile.Name(), outputFile.Name()); err != nil { + if err := ConvertToSARIF(inputPath, outputPath); err != nil { t.Errorf("ConvertToSARIF returned an error: %v", err) } - data, err := os.ReadFile(outputFile.Name()) + data, err := os.ReadFile(outputPath) if err != nil { t.Fatalf("Failed to read SARIF output file: %v", err) }