TDvorak/Devour
1
0
Fork 0
mirror of https://github.com/Dvorinka/Devour.git synced 2026-06-03 20:13:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0b88627e549d520b98b3683f00707924e4b3d452
Devour/.github/workflows/README.md
T
Tomas Dvorak 0b88627e54 update
2026-02-22 10:46:16 +01:00

2.7 KiB
Raw Blame History

GitHub Actions Workflows

This directory contains the CI/CD workflows for the Devour project.

Workflows

1. CI/CD Pipeline (ci.yml)

Triggers:

  • Push to main or develop branches
  • Pull requests to main or develop branches
  • Release publications

Jobs:

  • Test: Runs unit tests with race detection and uploads coverage to Codecov
  • Lint: Runs golangci-lint for code quality checks
  • Security: Scans for security vulnerabilities using Gosec
  • Build: Builds cross-platform binaries (Linux, Windows, macOS) for amd64/arm64
  • Docker: Builds and pushes Docker images to Docker Hub
  • Release: Creates GitHub releases with compiled binaries

2. Code Quality (quality.yml)

Triggers:

  • Push to main or develop branches
  • Pull requests to main or develop branches

Checks:

  • go vet for potential issues
  • Code formatting with gofmt
  • Inefficient assignments with ineffassign
  • Spelling errors with misspell
  • Static analysis with staticcheck
  • TODO/FIXME comment detection
  • go mod tidy validation
  • Code coverage threshold (minimum 80%)
  • SonarCloud analysis (optional)

3. Dependabot (dependabot.yml)

Features:

  • Weekly dependency updates for Go modules
  • Weekly GitHub Actions updates
  • Automatic pull requests with dependency updates

Required Secrets

To enable all features, add these secrets to your GitHub repository:

Docker Hub Integration

  • DOCKER_USERNAME: Your Docker Hub username
  • DOCKER_PASSWORD: Your Docker Hub password or access token

SonarCloud Integration (Optional)

  • SONAR_TOKEN: Your SonarCloud project token

Environment Variables

  • GO_VERSION: Set to '1.24' (can be updated in workflows)

Build Artifacts

Binaries

The CI pipeline builds binaries for:

  • Linux (amd64, arm64)
  • Windows (amd64)
  • macOS (amd64, arm64)

Docker Images

  • Multi-platform images (linux/amd64, linux/arm64)
  • Tags: branch name, PR number, semantic version tags

Coverage Reports

  • Test coverage is uploaded to Codecov
  • Minimum coverage threshold: 80%
  • Coverage reports are generated for each test run

Security Scanning

  • Gosec security scanner runs on every push/PR
  • SARIF results are uploaded to GitHub Security tab
  • Dependencies are automatically updated by Dependabot

Local Development

To run the same checks locally:

# Run tests with coverage
make test-coverage

# Run linting
make lint

# Format code
make fmt

# Build for production
make build-prod

# Build Docker image
make docker

Release Process

  1. Create a new tag: git tag v1.0.0
  2. Push the tag: git push origin v1.0.0
  3. Create a GitHub release (or let the workflow create it automatically)
  4. Binaries and Docker images will be built and published automatically
Reference in New Issue View Git Blame Copy Permalink