.github/workflows/actions.yaml

name: Workflow
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
jobs:
  code-check:
    name: Check Go formatting, linting, vetting
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Run the formatter, linter, and vetter
        uses: dell/common-github-actions/go-code-formatter-linter-vetter@main
        with:
          directories: ./...
  sanitize:
    name: Check for forbidden words
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Run the forbidden words scan
        uses: dell/common-github-actions/code-sanitizer@main
        with:
          args: /github/workspace
  test:
    name: Run Go unit tests and check package coverage
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Run unit tests and check package coverage
        uses: dell/common-github-actions/go-code-tester@main
        with:
          threshold: 90
  go_security_scan:
    name: Go security
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Run Go Security
        uses: securego/gosec@master
        with:
          args: ./...
  malware_security_scan:
    name: Malware Scanner
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Run malware scan
        uses: dell/common-github-actions/malware-scanner@main
        with:
          directories: .
          options: -ri
  image_security_scan:
    name: Image Scanner
    runs-on: ubuntu-latest
    steps:
      - name: Set up Go latest
        uses: actions/setup-go@v5
        with:
          go-version: stable
        id: go
      - name: Checkout the code
        uses: actions/checkout@v4
      - name: Install Mockgen
        run: go install github.com/golang/mock/mockgen@v1.6.0
      - name: Get dependencies
        run: go mod download
      - name: Build csm-topology Docker Image
        run: |
          chmod +x ./scripts/build_ubi_micro.sh
          make build-base-image
          podman build -t docker.io/csm-topology -f ./Dockerfile --build-arg GOIMAGE=golang:latest --build-arg BASEIMAGE="localhost/topology-ubimicro"
          podman save docker.io/library/csm-topology -o /tmp/csm-topology.tar
          docker load -i /tmp/csm-topology.tar
      - name: Run Trivy action
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: csm-topology