-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #67 from xmidt-org/upgrade-to-github-actions
Upgrade to use Gihub Actions, drop travis-ci, normalize our analysis …
- Loading branch information
Showing
16 changed files
with
326 additions
and
217 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
coverage: | ||
range: 50..80 | ||
round: down | ||
precision: 2 | ||
|
||
ignore: | ||
- "*_test.go" | ||
- "vendor" | ||
|
||
fixes: | ||
- "github.com/xmidt-org/themis/::" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
vendor | ||
themis | ||
conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
name: docker-release | ||
|
||
on: | ||
push: | ||
tags: | ||
# Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta | ||
- 'v[0-9]+.[0-9]+.[0-9]+*' | ||
|
||
jobs: | ||
push_to_registry: | ||
name: Push Docker image to Docker Hub | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
- name: Prepare | ||
id: prep | ||
run: | | ||
DOCKER_IMAGE=xmidt/${PWD##*/} | ||
VERSION=edge | ||
if [[ $GITHUB_REF == refs/tags/* ]]; then | ||
VERSION=${GITHUB_REF#refs/tags/} | ||
elif [[ $GITHUB_REF == refs/heads/* ]]; then | ||
VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g') | ||
elif [[ $GITHUB_REF == refs/pull/* ]]; then | ||
VERSION=pr-${{ github.event.number }} | ||
fi | ||
TAGS="${DOCKER_IMAGE}:${VERSION}" | ||
if [ "${{ github.event_name }}" = "push" ]; then | ||
TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}" | ||
fi | ||
LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1) | ||
if [ "${LATEST_TAG}" == "${VERSION}" ]; then | ||
TAGS="$TAGS,${DOCKER_IMAGE}:latest" | ||
fi | ||
echo ::set-output name=version::${VERSION} | ||
echo ::set-output name=tags::${TAGS} | ||
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
- name: Build and push | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
file: ./Dockerfile | ||
push: true | ||
tags: ${{ steps.prep.outputs.tags }} | ||
labels: | | ||
org.opencontainers.image.source=${{ github.event.repository.html_url }} | ||
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | ||
org.opencontainers.image.revision=${{ github.sha }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
name: CI | ||
|
||
on: | ||
create: | ||
pull_request: | ||
push: | ||
branches: | ||
- main | ||
|
||
jobs: | ||
test: | ||
name: Unit Tests | ||
runs-on: [ ubuntu-latest ] | ||
steps: | ||
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
- uses: actions/checkout@v2 | ||
|
||
# Setup Go | ||
- name: Setup Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: '1.15.x' # The Go version to download (if necessary) and use. | ||
|
||
# Run build of the application | ||
- name: Run build | ||
run: go build ./... | ||
|
||
# Run gofmt on the code | ||
- name: Run gofmt | ||
run: gofmt -d | ||
|
||
# Run testing on the code | ||
- name: Run testing | ||
run: | | ||
go test -v -race -coverprofile=coverage.txt ./... | ||
go test -race -json ./... > report.json | ||
curl -s https://codecov.io/bash | bash | ||
echo "codecov done" | ||
lint: | ||
strategy: | ||
matrix: | ||
go-version: [ 1.15.x ] | ||
os: [ ubuntu-latest ] | ||
name: Lint | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: golangci-lint | ||
uses: golangci/golangci-lint-action@v2 | ||
with: | ||
# Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. | ||
version: v1.33 | ||
# Optional: working directory, useful for monorepos | ||
# working-directory: somedir | ||
|
||
# Optional: golangci-lint command line arguments. | ||
# args: -v | ||
|
||
# Optional: show only new issues if it's a pull request. The default value is `false`. | ||
only-new-issues: true | ||
|
||
goreportcard: | ||
runs-on: ubuntu-latest | ||
if: github.event_name == 'push' | ||
steps: | ||
- name: Go report card | ||
uses: creekorful/goreportcard-action@v1.0 | ||
|
||
sonarcloud: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
with: | ||
# Disabling shallow clone is recommended for improving relevancy of reporting | ||
fetch-depth: 0 | ||
- name: SonarCloud Scan | ||
uses: sonarsource/sonarcloud-github-action@master | ||
with: | ||
args: > | ||
-Dproject.settings=./.sonar-project.properties | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: release | ||
|
||
on: | ||
push: | ||
tags: | ||
# Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta | ||
- 'v[0-9]+.[0-9]+.[0-9]+*' | ||
|
||
jobs: | ||
release: | ||
runs-on: [ ubuntu-latest ] | ||
steps: | ||
- uses: actions/checkout@v2 | ||
with: | ||
fetch-depth: 0 | ||
- name: Prepare Release Body | ||
id: prep | ||
run: | | ||
export VERSION=${GITHUB_REF#refs/tags/} | ||
export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1\n" if /.*## \[${VERSION}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') | ||
export TODAY=`date +'%m/%d/%Y'` | ||
echo ::set-output name=rname::$(echo ${VERSION} ${TODAY}) | ||
echo ::set-output name=body::${NOTES} | ||
- name: create release | ||
id: create_release | ||
uses: actions/create-release@v1 | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | ||
with: | ||
tag_name: ${{ github.ref }} | ||
draft: false | ||
prerelease: false | ||
release_name: ${{ steps.prep.outputs.rname }} | ||
body: ${{ steps.prep.outputs.body }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: tag | ||
|
||
on: | ||
push: | ||
paths: | ||
- "CHANGELOG.md" # only try to tag if the CHANGELOG has been updated. | ||
branches: | ||
- main | ||
|
||
jobs: | ||
build: | ||
runs-on: [ ubuntu-latest ] | ||
steps: | ||
- uses: actions/checkout@v2 | ||
with: | ||
token: '${{ secrets.PERSONAL_ACCESS_TOKEN }}' | ||
fetch-depth: 0 | ||
- name: set up bot | ||
run: | | ||
git config --global user.name "xmidt-bot" | ||
git config --global user.email "$BOT_EMAIL" | ||
- name: export variables and tag commit | ||
run: | | ||
export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1) | ||
export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') | ||
export TODAY=`date +'%m/%d/%Y'` | ||
export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') | ||
if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
linters-settings: | ||
misspell: | ||
locale: US | ||
|
||
linters: | ||
enable: | ||
- bodyclose | ||
- dupl | ||
- errorlint | ||
- funlen | ||
- goconst | ||
- gosec | ||
- misspell | ||
- unconvert | ||
- prealloc | ||
disable: | ||
- errcheck | ||
- ineffassign |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
{ | ||
"scanSettings": { | ||
"baseBranches": [] | ||
}, | ||
"checkRunSettings": { | ||
"vulnerableCheckRunConclusionLevel": "failure", | ||
"displayMode": "diff" | ||
}, | ||
"issueSettings": { | ||
"minSeverityLevel": "LOW" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.