-
Notifications
You must be signed in to change notification settings - Fork 72
150 lines (125 loc) · 4.67 KB
/
go.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
name: Go Pipeline
# Enable this workflow to run for pull requests and
# pushes to the main branch
on:
push:
branches:
- main
pull_request:
permissions:
contents: read
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.22'
- name: Download dependencies
run: go mod download
lint:
needs: download
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.22'
- name: Static Analysis
run: go vet ./...
- name: Check Formatting
run: test -z "$(gofmt -s -l -e .)"
build:
needs: download
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.22'
- name: Build
run: |
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
go build -ldflags='-w -s -extldflags "-static"' -tags netgo -o validator cmd/validator/validator.go
test:
needs: download
runs-on: ubuntu-latest
name: Update coverage badge
permissions:
contents: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository.
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.22'
- name: Unit test
run: go test -v -cover -coverprofile coverage.out ./...
- name: Check coverage
id: check-coverage
env:
COVERAGE_THRESHOLD: 94
run: |
# Validate that the coverage is above or at the required threshold
echo "Checking if test coverage is above threshold ..."
echo "Coverage threshold: ${COVERAGE_THRESHOLD} %"
totalCoverage=$(go tool cover -func coverage.out | grep 'total' | grep -Eo '[0-9]+\.[0-9]+')
echo "Current test coverage : ${totalCoverage} %"
if (( $(echo "${COVERAGE_THRESHOLD} <= ${totalCoverage}" | bc -l) )); then
echo "Coverage OK"
else
echo "Current test coverage is below threshold"
exit 1
fi
echo "total_coverage=${totalCoverage}" >> "${GITHUB_OUTPUT}"
- name: Create badge img tag and apply to README files
id: generate-badge
run: |
# Create Badge URL
# Badge will always be green because of coverage threshold check
# so we just have to populate the total coverage
totalCoverage=${{ steps.check-coverage.outputs.total_coverage }}
BADGE_URL="https://img.shields.io/badge/Coverage-${totalCoverage}%25-brightgreen"
BADGE_IMG_TAG="<img id=\"cov\" src=\"${BADGE_URL}\" alt=\"Code Coverage\">"
# Update README.md and index.md
for markdown_file in README.md index.md; do
sed -i "/id=\"cov\"/c\\${BADGE_IMG_TAG}" "${markdown_file}"
done
# Check to see if files were updated
if git diff --quiet; then
echo "badge_updates=false" >> "${GITHUB_OUTPUT}"
else
echo "badge_updates=true" >> "${GITHUB_OUTPUT}"
fi
- name: Commit changes
if: steps.generate-badge.outputs.badge_updates == 'true' && github.event_name == 'push'
run: |
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
git add -- README.md index.md
git commit -m "chore: Updated coverage badge."
git push