Skip to content
This repository has been archived by the owner on Oct 3, 2024. It is now read-only.

Update github-actions #271

Update github-actions

Update github-actions #271

Workflow file for this run

name: Crypto
on:
pull_request:
branches:
- main
permissions:
contents: read
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@6d3c2fe731c8f225990c8018cb71c337c0d9dfcd
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
raw.githubusercontent.com:443
- name: Checkout repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@4ab57d7ea2fd0c9948210b2e0784e280674e7144
with:
go-version-file: ./go.mod
# Linting
- name: Linting
uses: golangci/golangci-lint-action@031a2fcd4afedd71ec636137da88172250868de4
with:
version: latest
args: --config=./.github/.golangci.yml ./...
only-new-issues: true
test:
name: Test
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
go: [ '1.22', '1.21' ]
steps:
- uses: step-security/harden-runner@6d3c2fe731c8f225990c8018cb71c337c0d9dfcd
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
proxy.golang.org:443
storage.googleapis.com:443
sum.golang.org:443
- name: Checkout repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@4ab57d7ea2fd0c9948210b2e0784e280674e7144
with:
go-version: ${{ matrix.go }}
# Test
- name: Run Tests
run: cd .github && make test
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@6d3c2fe731c8f225990c8018cb71c337c0d9dfcd
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.codecov.io:443
api.github.com:443
cli.codecov.io:443
ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com:443
github.com:443
objects.githubusercontent.com:443
proxy.golang.org:443
scanner.sonarcloud.io:443
sonarcloud.io:443
storage.googleapis.com:443
- name: Checkout repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@4ab57d7ea2fd0c9948210b2e0784e280674e7144
with:
go-version-file: ./go.mod
# Coverage
- name: Run coverage
run: cd .github && make cover
# Codecov
- name: Codecov
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
file: .github/coverage.out
# Sonar
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@e44258b109568baa0df60ed515909fc6c72cba92
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.projectKey=crypto
-Dsonar.organization=bytemare
-Dsonar.go.coverage.reportPaths=.github/coverage.out
-Dsonar.sources=.
-Dsonar.test.exclusions=tests/**
-Dsonar.coverage.exclusions=tests/**
-Dsonar.tests=tests/
-Dsonar.verbose=true