Fix SensitiveKeys - broke when custom spec types were introduced (#714) #2095
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- "**.md" | |
pull_request: | |
paths-ignore: | |
- "**.md" | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
go: ["1.23"] | |
name: Lint with Go ${{ matrix.go }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go }} | |
- name: Install dependencies | |
run: make install/dev | |
# It duplicates running linter from pre-commit | |
# but as revive is set up differently, we want | |
# to make sure that `make lint` also works. | |
- name: Run lint from Makefile | |
run: make lint | |
- uses: actions/setup-python@v3 | |
- uses: pre-commit/action@v3.0.1 | |
build-and-test: | |
# Don't use make here as this job needs to be cross-platform. | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
go: ["1.23"] | |
os: [ubuntu-latest, windows-latest] | |
name: Build and test with Go ${{ matrix.go }} on ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
fetch-tags: true | |
- name: Setup deno | |
uses: denoland/setup-deno@v1 | |
with: | |
deno-version: v1.x | |
- name: Setup go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go }} | |
- name: Setup Node version | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Build | |
run: | | |
go build -o runme main.go | |
./runme --version | |
- name: Test with coverage | |
uses: stateful/runme-action@v2 | |
with: | |
workflows: ci-coverage | |
env: | |
NO_COLOR: true | |
FROM_CI: true | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
- name: Test without coverage (txtar) | |
uses: stateful/runme-action@v2 | |
with: | |
workflows: ci-txtar | |
env: | |
NO_COLOR: true | |
FROM_CI: true | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
- name: Test | |
run: | | |
Set-Timezone -Id "UTC" -PassThru | |
make test | |
if: ${{ matrix.os == 'windows-latest' }} | |
- name: Upload coverage | |
uses: actions/upload-artifact@v4 | |
if: ${{github.actor != 'dependabot[bot]' && matrix.os == 'ubuntu-latest'}} | |
with: | |
name: coverage | |
path: cover.out | |
if-no-files-found: error | |
- name: Debug Build | |
uses: stateful/vscode-server-action@v1 | |
if: failure() | |
test-in-docker: | |
name: Test in Docker | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Test | |
uses: stateful/runme-action@v2 | |
with: | |
workflows: test-docker | |
build-and-parser-test: | |
name: Test parser against vast amount of Markdowns | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ">=1.23" | |
- name: Setup & build | |
uses: stateful/runme-action@v2 | |
with: | |
workflows: | | |
setup | |
build | |
- name: Test parser | |
uses: stateful/runme-action@v2 | |
with: | |
workflows: | | |
ci-test-parser | |
timeout-minutes: 5 | |
- name: Debug Build | |
uses: stateful/vscode-server-action@v1.1.0 | |
if: failure() | |
sonarcloud: | |
if: ${{github.actor != 'dependabot[bot]'}} | |
name: SonarCloud Analysis | |
runs-on: ubuntu-latest | |
needs: build-and-test | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Retrieve saved coverage | |
uses: actions/download-artifact@v4 | |
with: | |
name: coverage | |
path: . | |
- name: SonarCloud Scan | |
uses: SonarSource/sonarcloud-github-action@v2.1.1 | |
# Skip this test if the PR is created from a fork. | |
# If its created from a fork the PR won't be able to fetch the secrets so | |
# the step will fail. | |
if: github.event.pull_request.head.repo.full_name == github.repository | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |