-
-
Notifications
You must be signed in to change notification settings - Fork 6
150 lines (127 loc) · 3.79 KB
/
go-combined-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: "Go Combined Analysis"
on:
pull_request:
branches:
- develop
- main
types:
- opened
- edited
- synchronize
- reopened
permissions:
id-token: write
contents: read
pull-requests: read
actions: read
security-events: write
jobs:
CodeQL:
name: Run CodeQL to Midaz
runs-on: ubuntu-22.04
timeout-minutes: 360
strategy:
fail-fast: false
matrix:
include:
- language: go
build-mode: autobuild
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.23'
cache: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
GoLangCI-Lint:
name: Run GoLangCI-Lint to Midaz
runs-on: ubuntu-22.04
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ secrets.LERIAN_STUDIO_MIDAZ_PUSH_BOT_APP_ID }}
private-key: ${{ secrets.LERIAN_STUDIO_MIDAZ_PUSH_BOT_PRIVATE_KEY }}
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
id: import_gpg
with:
gpg_private_key: ${{ secrets.LERIAN_CI_CD_USER_GPG_KEY }}
passphrase: ${{ secrets.LERIAN_CI_CD_USER_GPG_KEY_PASSWORD }}
git_committer_name: ${{ secrets.LERIAN_CI_CD_USER_NAME }}
git_committer_email: ${{ secrets.LERIAN_CI_CD_USER_EMAIL }}
git_config_global: true
git_user_signingkey: true
git_commit_gpgsign: true
- uses: actions/checkout@v4
- name: GoLangCI-Lint
uses: reviewdog/action-golangci-lint@v2
with:
github_token: ${{ steps.app-token.outputs.token }}
go_version: '1.23'
tool_name: golint
level: error
fail_level: any
reporter: github-pr-review
filter_mode: diff_context
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GIT_AUTHOR_NAME: ${{ secrets.LERIAN_CI_CD_USER_NAME }}
GIT_AUTHOR_EMAIL: ${{ secrets.LERIAN_CI_CD_USER_EMAIL }}
GIT_COMMITTER_NAME: ${{ secrets.LERIAN_CI_CD_USER_NAME }}
GIT_COMMITTER_EMAIL: ${{ secrets.LERIAN_CI_CD_USER_EMAIL }}
GoSec:
name: Run GoSec to Midaz
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.23'
cache: false
- name: Gosec Scanner
uses: securego/gosec@master
with:
args: ./...
unit-tests:
name: Run Unit Tests to Midaz
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.23'
cache: false
- name: Unit Tests
shell: bash
run: make test
integration-tests:
name: Run Integrations Tests to MDZ
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install Docker Compose
run: |
sudo apt-get update
sudo apt-get install -y docker-compose
- name: Setup .env files
run: make set-env
- name: Start Docker Compose Services
run: make up
- name: Install CLI
run: cd components/mdz && make install-local && cd -
- name: Wait for services to be ready
run: sleep 10
timeout-minutes: 2
- name: Run Integration Tests
run: make test_integration_cli