-
Notifications
You must be signed in to change notification settings - Fork 8
126 lines (119 loc) · 4.75 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: CI
on:
push:
branches: [ master ]
tags-ignore:
- '**'
pull_request:
branches: [ master ]
# Set environment variables available in all jobs and steps
env:
go_version: "1.20"
go_cache_macOS_path: |
~/Library/Caches/go-build
go_cache_windows_path: |
%LocalAppData%\go-build
go_cache_ubuntu_path: |
~/.cache/go-build
jobs:
# Check that a news file has been added to this branch when a PR is created
assert-news:
name: Assert news files (See CONTRIBUTING.md)
runs-on: ubuntu-latest
steps:
# Checkout with full history for to allow compare with base branch
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-python@v5
- uses: FranzDiebold/github-env-vars-action@v2
- name: Install CI/CD tools
run: pip install continuous-delivery-scripts && pip list
- name: Assert news
run: cd-assert-news -b ${CI_ACTION_REF_NAME}
env:
GIT_TOKEN: ${{ secrets.GIT_SECRET }}
- name: Report failure if needed
if: ${{ failure() }}
run: |
echo "::error:: News file missing (See CONTRIBUTING.md guide for details)."
detect-secrets:
name: Check for secrets
runs-on: ubuntu-latest
steps:
- uses: actions/setup-python@v5
- name: Install tools
run: pip install detect-secrets==1.0.3 && pip list
- uses: actions/checkout@v4
with:
fetch-depth: 0
# FIXME; GitLeaks now requires a licence.
#- name: Check for secrets using gitleaks
# uses: zricethezav/gitleaks-action@master
# with:
# config-path: .gitleaks.toml
- name: Check for secrets using detect-secrets
run: git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline --exclude-files '.*go\.sum$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml'
working-directory: .
build-and-test:
strategy:
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
go-module: [utils]
multi-platform:
- ${{ github.ref == 'refs/heads/master' || github.event_name == 'workflow_dispatch' }}
exclude:
- os: macOS-latest
multi-platform: false
- os: windows-latest
multi-platform: false
name: Build and test
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.go_version }}
- if: ${{ startsWith(matrix.os, 'macOS') }}
run: echo "CACHE_PATH=${{ env.go_cache_macOS_path }}" >> $GITHUB_ENV
- if: ${{ startsWith(matrix.os, 'windows') }}
run: echo "CACHE_PATH=${{ env.go_cache_windows_path }}" >> $GITHUB_ENV
- if: ${{ startsWith(matrix.os, 'ubuntu') }}
run: echo "CACHE_PATH=${{ env.go_cache_ubuntu_path }}" >> $GITHUB_ENV
- name: Load Go Dependency Cache
uses: actions/cache@v4
with:
path: |
${{ env.CACHE_PATH }}
~/go/pkg/mod
key: ${{ matrix.os }}-${{ matrix.go-module }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ matrix.os }}-${{ matrix.go-module }}-
- if: ${{ startsWith(matrix.os, 'ubuntu') }}
name: Linting
uses: golangci/golangci-lint-action@v4
with:
# Required: the version of golangci-lint is required and must be specified without patch version.
version: latest
working-directory: ${{ matrix.go-module }}
args: "--verbose --print-issued-lines --print-linter-name --out-${NO_FUTURE}format colored-line-number --timeout 300s --max-issues-per-linter 0 --max-same-issues 0"
- name: Build ${{ matrix.go-module }} on ${{ matrix.os }}
run: go build -v ./...
working-directory: ${{ matrix.go-module }}
- if: ${{ startsWith(matrix.os, 'ubuntu') }}
name: Test [${{ matrix.go-module }} on ${{ matrix.os }}] & Publish Code Coverage
uses: paambaati/[email protected]
env:
CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
with:
debug: true
workingDirectory: ${{ matrix.go-module }}
coverageCommand: go test -race -cover -v -tags integration -timeout 30m -coverprofile ${{ matrix.go-module }}_coverage.out ./...
prefix: github.com/ARM-software/${{ github.event.repository.name }}/${{ matrix.go-module }}
coverageLocations:
"${{github.workspace}}/${{ matrix.go-module }}/${{ matrix.go-module }}_coverage.out:gocov"
# FIXME: Run tests on Mac and Windows
# - if: ${{ startsWith(matrix.os, 'windows') || startsWith(matrix.os, 'macOS') }}
# run: go test -race -cover -v ./...
# working-directory: ${{ matrix.go-module }}