mirror of
https://github.com/Dvorinka/Devour.git
synced 2026-06-03 20:13:03 +00:00
update
This commit is contained in:
Tomas Dvorak
@@ -0,0 +1,111 @@
|
||||
# GitHub Actions Workflows
|
||||
|
||||
This directory contains the CI/CD workflows for the Devour project.
|
||||
|
||||
## Workflows
|
||||
|
||||
### 1. CI/CD Pipeline (`ci.yml`)
|
||||
|
||||
**Triggers:**
|
||||
- Push to `main` or `develop` branches
|
||||
- Pull requests to `main` or `develop` branches
|
||||
- Release publications
|
||||
|
||||
**Jobs:**
|
||||
- **Test**: Runs unit tests with race detection and uploads coverage to Codecov
|
||||
- **Lint**: Runs golangci-lint for code quality checks
|
||||
- **Security**: Scans for security vulnerabilities using Gosec
|
||||
- **Build**: Builds cross-platform binaries (Linux, Windows, macOS) for amd64/arm64
|
||||
- **Docker**: Builds and pushes Docker images to Docker Hub
|
||||
- **Release**: Creates GitHub releases with compiled binaries
|
||||
|
||||
### 2. Code Quality (`quality.yml`)
|
||||
|
||||
**Triggers:**
|
||||
- Push to `main` or `develop` branches
|
||||
- Pull requests to `main` or `develop` branches
|
||||
|
||||
**Checks:**
|
||||
- `go vet` for potential issues
|
||||
- Code formatting with `gofmt`
|
||||
- Inefficient assignments with `ineffassign`
|
||||
- Spelling errors with `misspell`
|
||||
- Static analysis with `staticcheck`
|
||||
- TODO/FIXME comment detection
|
||||
- `go mod tidy` validation
|
||||
- Code coverage threshold (minimum 80%)
|
||||
- SonarCloud analysis (optional)
|
||||
|
||||
### 3. Dependabot (`dependabot.yml`)
|
||||
|
||||
**Features:**
|
||||
- Weekly dependency updates for Go modules
|
||||
- Weekly GitHub Actions updates
|
||||
- Automatic pull requests with dependency updates
|
||||
|
||||
## Required Secrets
|
||||
|
||||
To enable all features, add these secrets to your GitHub repository:
|
||||
|
||||
### Docker Hub Integration
|
||||
- `DOCKER_USERNAME`: Your Docker Hub username
|
||||
- `DOCKER_PASSWORD`: Your Docker Hub password or access token
|
||||
|
||||
### SonarCloud Integration (Optional)
|
||||
- `SONAR_TOKEN`: Your SonarCloud project token
|
||||
|
||||
## Environment Variables
|
||||
|
||||
- `GO_VERSION`: Set to '1.24' (can be updated in workflows)
|
||||
|
||||
## Build Artifacts
|
||||
|
||||
### Binaries
|
||||
The CI pipeline builds binaries for:
|
||||
- Linux (amd64, arm64)
|
||||
- Windows (amd64)
|
||||
- macOS (amd64, arm64)
|
||||
|
||||
### Docker Images
|
||||
- Multi-platform images (linux/amd64, linux/arm64)
|
||||
- Tags: branch name, PR number, semantic version tags
|
||||
|
||||
## Coverage Reports
|
||||
|
||||
- Test coverage is uploaded to Codecov
|
||||
- Minimum coverage threshold: 80%
|
||||
- Coverage reports are generated for each test run
|
||||
|
||||
## Security Scanning
|
||||
|
||||
- Gosec security scanner runs on every push/PR
|
||||
- SARIF results are uploaded to GitHub Security tab
|
||||
- Dependencies are automatically updated by Dependabot
|
||||
|
||||
## Local Development
|
||||
|
||||
To run the same checks locally:
|
||||
|
||||
```bash
|
||||
# Run tests with coverage
|
||||
make test-coverage
|
||||
|
||||
# Run linting
|
||||
make lint
|
||||
|
||||
# Format code
|
||||
make fmt
|
||||
|
||||
# Build for production
|
||||
make build-prod
|
||||
|
||||
# Build Docker image
|
||||
make docker
|
||||
```
|
||||
|
||||
## Release Process
|
||||
|
||||
1. Create a new tag: `git tag v1.0.0`
|
||||
2. Push the tag: `git push origin v1.0.0`
|
||||
3. Create a GitHub release (or let the workflow create it automatically)
|
||||
4. Binaries and Docker images will be built and published automatically
|
||||
Reference in New Issue
Block a user