repo: build, test, release and analyse actions

siemens · Jun 21, 2023 · e2c5372 · e2c5372
1 parent 627c9ca
commit e2c5372
Show file tree

Hide file tree

Showing 3 changed files with 100 additions and 0 deletions.
diff --git a/.github/workflows/buildandrelease.yaml b/.github/workflows/buildandrelease.yaml
@@ -0,0 +1,29 @@
+name: buildandrelease
+
+on:
+ push:
+ tags:
+ - 'v[0-9]+.[0-9]+.[0-9]+'
+ - 'v[0-9]+.[0-9]+.[0-9]+-*'
+
+permissions:
+ contents: write
+
+jobs:
+ goreleaser:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # pin@v3
+ with:
+ fetch-depth: 0
+ - name: Set up Go
+ uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # pin@v4
+ - name: Run GoReleaser
+ uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # pin@v4
+ with:
+ distribution: goreleaser
+ version: latest
+ args: release --clean
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/buildandtest.yaml b/.github/workflows/buildandtest.yaml
@@ -0,0 +1,32 @@
+name: 'build and test'
+
+on:
+ push:
+ branches:
+ - main
+ pull_request:
+ branches:
+ - main
+ - develop
+
+jobs:
+
+ buildandtest:
+ name: Build and Test on Go ${{matrix.go}}
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ go: [ '1.20', '1.19' ]
+
+ steps:
+ - name: Set up Go ${{matrix.go}}
+ uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # pin@v4
+ with:
+ go-version: ${{matrix.go}}
+ id: go
+
+ - name: Check out code into the Go module directory
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # pin@v3
+
+ - name: Test Go packages
+ run: go test -v -p 1 ./...
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
@@ -0,0 +1,39 @@
+name: 'CodeQL'
+
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+ schedule:
+ - cron: '05 21 * * 1'
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+
+ permissions:
+ actions: read # for github/codeql-action/init to get workflow details
+ contents: read # for actions/checkout to fetch code
+ security-events: write # for github/codeql-action/analyze to upload SARIF results
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'go' ]
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # pin@v3
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@83f0fe6c4988d98a455712a27f0255212bba9bd4 # pin@v2
+ with:
+ languages: ${{ matrix.language }}
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@83f0fe6c4988d98a455712a27f0255212bba9bd4 # pin@v2
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@83f0fe6c4988d98a455712a27f0255212bba9bd4 # pin@v2