Skip to content

Fix SensitiveKeys - broke when custom spec types were introduced (#714) #2095

Fix SensitiveKeys - broke when custom spec types were introduced (#714)

Fix SensitiveKeys - broke when custom spec types were introduced (#714) #2095

Workflow file for this run

name: ci
on:
push:
branches:
- main
paths-ignore:
- "**.md"
pull_request:
paths-ignore:
- "**.md"
jobs:
lint:
runs-on: ubuntu-latest
strategy:
matrix:
go: ["1.23"]
name: Lint with Go ${{ matrix.go }}
steps:
- uses: actions/checkout@v4
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go }}
- name: Install dependencies
run: make install/dev
# It duplicates running linter from pre-commit
# but as revive is set up differently, we want
# to make sure that `make lint` also works.
- name: Run lint from Makefile
run: make lint
- uses: actions/setup-python@v3
- uses: pre-commit/action@v3.0.1
build-and-test:
# Don't use make here as this job needs to be cross-platform.
runs-on: ${{ matrix.os }}
strategy:
matrix:
go: ["1.23"]
os: [ubuntu-latest, windows-latest]
name: Build and test with Go ${{ matrix.go }} on ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Setup deno
uses: denoland/setup-deno@v1
with:
deno-version: v1.x
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go }}
- name: Setup Node version
uses: actions/setup-node@v4
with:
node-version: 20
- name: Build
run: |
go build -o runme main.go
./runme --version
- name: Test with coverage
uses: stateful/runme-action@v2
with:
workflows: ci-coverage
env:
NO_COLOR: true
FROM_CI: true
if: ${{ matrix.os == 'ubuntu-latest' }}
- name: Test without coverage (txtar)
uses: stateful/runme-action@v2
with:
workflows: ci-txtar
env:
NO_COLOR: true
FROM_CI: true
if: ${{ matrix.os == 'ubuntu-latest' }}
- name: Test
run: |
Set-Timezone -Id "UTC" -PassThru
make test
if: ${{ matrix.os == 'windows-latest' }}
- name: Upload coverage
uses: actions/upload-artifact@v4
if: ${{github.actor != 'dependabot[bot]' && matrix.os == 'ubuntu-latest'}}
with:
name: coverage
path: cover.out
if-no-files-found: error
- name: Debug Build
uses: stateful/vscode-server-action@v1
if: failure()
test-in-docker:
name: Test in Docker
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Test
uses: stateful/runme-action@v2
with:
workflows: test-docker
build-and-parser-test:
name: Test parser against vast amount of Markdowns
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: ">=1.23"
- name: Setup & build
uses: stateful/runme-action@v2
with:
workflows: |
setup
build
- name: Test parser
uses: stateful/runme-action@v2
with:
workflows: |
ci-test-parser
timeout-minutes: 5
- name: Debug Build
uses: stateful/vscode-server-action@v1.1.0
if: failure()
sonarcloud:
if: ${{github.actor != 'dependabot[bot]'}}
name: SonarCloud Analysis
runs-on: ubuntu-latest
needs: build-and-test
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Retrieve saved coverage
uses: actions/download-artifact@v4
with:
name: coverage
path: .
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@v2.1.1
# Skip this test if the PR is created from a fork.
# If its created from a fork the PR won't be able to fetch the secrets so
# the step will fail.
if: github.event.pull_request.head.repo.full_name == github.repository
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}