mirror of
https://github.com/Dvorinka/Devour.git
synced 2026-06-03 20:13:03 +00:00
dependabot[bot]
940cb61f98
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6 to 9. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v6...v9) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
221 lines
5.4 KiB
YAML
221 lines
5.4 KiB
YAML
name: CI/CD Pipeline
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
release:
|
|
types: [ published ]
|
|
|
|
env:
|
|
GO_VERSION: '1.24'
|
|
|
|
jobs:
|
|
test:
|
|
name: Test
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
~/.cache/go-build
|
|
~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Download dependencies
|
|
run: go mod download
|
|
|
|
- name: Run tests
|
|
run: go test -v -race -coverprofile=coverage.out ./...
|
|
|
|
- name: Upload coverage to Codecov
|
|
uses: codecov/codecov-action@v4
|
|
with:
|
|
file: ./coverage.out
|
|
flags: unittests
|
|
name: codecov-umbrella
|
|
|
|
lint:
|
|
name: Lint
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Run golangci-lint
|
|
uses: golangci/golangci-lint-action@v9
|
|
with:
|
|
version: latest
|
|
args: --timeout=5m
|
|
|
|
security:
|
|
name: Security Scan
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Run Gosec Security Scanner
|
|
uses: securecodewarrior/github-action-gosec@master
|
|
with:
|
|
args: '-no-fail -fmt sarif -out results.sarif ./...'
|
|
|
|
- name: Upload SARIF file
|
|
uses: github/codeql-action/upload-sarif@v3
|
|
with:
|
|
sarif_file: results.sarif
|
|
|
|
build:
|
|
name: Build
|
|
runs-on: ubuntu-latest
|
|
needs: [test, lint]
|
|
strategy:
|
|
matrix:
|
|
goos: [linux, windows, darwin]
|
|
goarch: [amd64, arm64]
|
|
exclude:
|
|
- goos: windows
|
|
goarch: arm64
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Cache Go modules
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
~/.cache/go-build
|
|
~/go/pkg/mod
|
|
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-go-
|
|
|
|
- name: Download dependencies
|
|
run: go mod download
|
|
|
|
- name: Build binary
|
|
env:
|
|
GOOS: ${{ matrix.goos }}
|
|
GOARCH: ${{ matrix.goarch }}
|
|
run: |
|
|
VERSION=${GITHUB_REF#refs/tags/}
|
|
if [[ $VERSION == refs/heads/* ]]; then
|
|
VERSION=${GITHUB_SHA::7}
|
|
fi
|
|
BINARY_NAME=devour-${{ matrix.goos }}-${{ matrix.goarch }}
|
|
if [ "${{ matrix.goos }}" = "windows" ]; then
|
|
BINARY_NAME+=.exe
|
|
fi
|
|
mkdir -p dist
|
|
CGO_ENABLED=0 go build -ldflags "-s -w -X main.Version=$VERSION -X main.BuildTime=$(date -u '+%Y-%m-%d_%H:%M:%S')" -o dist/$BINARY_NAME ./cmd/devour
|
|
|
|
- name: Upload build artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: devour-${{ matrix.goos }}-${{ matrix.goarch }}
|
|
path: dist/
|
|
|
|
docker:
|
|
name: Docker Build
|
|
runs-on: ubuntu-latest
|
|
needs: [test, lint]
|
|
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.event_name == 'release')
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Login to Docker Hub
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
|
|
- name: Extract metadata
|
|
id: meta
|
|
uses: docker/metadata-action@v5
|
|
with:
|
|
images: yourorg/devour
|
|
tags: |
|
|
type=ref,event=branch
|
|
type=ref,event=pr
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
type=semver,pattern={{major}}
|
|
|
|
- name: Build and push Docker image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64,linux/arm64
|
|
push: ${{ github.event_name != 'pull_request' }}
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|
|
|
|
release:
|
|
name: Release
|
|
runs-on: ubuntu-latest
|
|
needs: [build]
|
|
if: github.event_name == 'release'
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Download all artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
path: artifacts/
|
|
|
|
- name: Create release assets
|
|
run: |
|
|
mkdir -p release-assets
|
|
cd artifacts
|
|
for dir in */; do
|
|
cd "$dir"
|
|
if [[ $dir == *windows* ]]; then
|
|
zip -r "../../release-assets/${dir%/}.zip" *
|
|
else
|
|
tar -czf "../../release-assets/${dir%/}.tar.gz" *
|
|
fi
|
|
cd ..
|
|
done
|
|
|
|
- name: Upload release assets
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
files: release-assets/*
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|