Add link to security policy #331
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Setup Go environment | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version-file: 'go.mod' | |
- name: Check go mod status | |
run: | | |
make gomod_tidy | |
STATUS=$(git status --porcelain go.mod go.sum) | |
if [ ! -z "$STATUS" ]; then | |
echo "Running go mod tidy modified go.mod and/or go.sum" | |
exit 1 | |
fi | |
- name: Build binary | |
run: make build | |
- name: Run Go tests | |
run: make test | |
- name: Lint | |
run: | | |
make lint_install | |
make lint | |
- name: Run Gosec Security Scanner | |
run: | | |
make gosec_install | |
PATH=$PATH:$(go env GOPATH)/bin make gosec | |
if [[ $? != 0 ]] | |
then | |
echo "gosec scanner failed to run " | |
exit 1 | |
fi | |
- name: Upload SARIF file | |
uses: github/codeql-action/upload-sarif@v2 | |
with: | |
# Path to SARIF file relative to the root of the repository | |
sarif_file: gosec.sarif | |
code-coverage-report: | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
with: | |
persist-credentials: false | |
- name: Set up Go 1.x | |
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
with: | |
go-version-file: 'go.mod' | |
- name: Run tests | |
run: make test | |
- name: Codecov | |
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 |