Skip to content

Terraform-dev-CI

Terraform-dev-CI #990

Workflow file for this run

# This is a workflow with the following actions
#1. Check Go formatting, linting, vetting
#2. Check for forbidden words
#3. Build
#4. Go security
#5. Generate
#6. Malware Scanner
name: Terraform-dev-CI
# Controls when the workflow will run
on:
# Triggers the workflow on pull request events
pull_request:
# Runs CI on every day (at 06:00 UTC)
schedule:
- cron: '0 6 * * *'
push:
branches: [ "dev" ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Testing only needs permissions to read the repository contents.
permissions:
contents: read
env:
# Go language version to use for building. This value should also be updated
# in the testing workflow if changed.
GO_VERSION: '1.22'
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
code-check:
name: Check Go formatting, linting, vetting
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout@v3
- name: Run the formatter, linter, and vetter
uses: dell/common-github-actions/go-code-formatter-linter-vetter@main
with:
directories: ./...
sanitize:
name: Check for forbidden words
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout@v3
- name: Run the forbidden words scan
uses: dell/common-github-actions/code-sanitizer@main
with:
args: /github/workspace
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- run: go mod download
- run: go build -v .
go_security_scan:
name: Go security
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout@v3
- name: Run Go Security
uses: securego/gosec@master
generate:
runs-on: ubuntu-latest
name: Generate
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- run: go generate
- name: git diff
run: |
git diff --compact-summary --exit-code || \
(echo; echo "Unexpected difference in directories after code generation. Run 'go generate ./...' command and commit."; exit 1)
malware_security_scan:
name: Malware Scanner
runs-on: ubuntu-latest
steps:
- name: Checkout the code
uses: actions/checkout@v3
- name: Malware Scanner
uses: dell/common-github-actions/malware-scanner@main
with:
directories: .
options: -ri