Skip to content

ci: create codeql.yml #1022

ci: create codeql.yml

ci: create codeql.yml #1022

Workflow file for this run

---
name: tests
defaults:
run:
shell: bash
# yamllint disable-line rule:truthy
on:
pull_request:
push:
branches:
- main
tags:
- v*
jobs:
build-bins:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- run: make build
- run: make provider-services
- run: make docker-image
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- run: make test-full
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- name: Run linter
run: make lint
release-dry-run:
runs-on: core-e2e
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- name: Cleanup build folder
run: |
sudo rm -rf ./* || true
sudo rm -rf ./.??* || true
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- uses: fregante/setup-git-user@v2
- name: configure git tag
run: echo "RELEASE_TAG=v$(./script/semver.sh bump patch $(git describe --tags --abbrev=0))" >> $GITHUB_ENV
- name: git tag
run: git tag -a ${{ env.RELEASE_TAG }} -m ${{ env.RELEASE_TAG }}
- name: release dry-run
run: make release
coverage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: .cache/tests/coverage.txt
codegen:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- name: Run codegen
run: make codegen
- name: Ensure no files changed/added/removed
run: |
if [[ -z "$(git status --short)" ]]; then
git status
exit 1
fi
yamlcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: check-yml-count
run: |
if [[ $(git ls-files '*.yml' ':!:.codecov.yml' | wc -l) -ne 0 ]]; then git ls-files '*.yml' ':!:.codecov.yml' && exit 1;fi
shellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Detect required Go version
run: |
toolchain=$(./script/tools.sh gotoolchain | sed 's/go*//')
echo "GOVERSION=${toolchain}" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GOVERSION }}"
- name: Setup direnv
uses: HatsuneMiku3939/direnv-action@v1
with:
masks: ''
- run: make shellcheck
integration-tests:
uses: ./.github/workflows/integration-tests.yaml
dispatch-release:
runs-on: ubuntu-latest
if: startsWith(github.event.ref, 'refs/tags/v')
needs:
- build-bins
- tests
- lint
- release-dry-run
- coverage
- codegen
- yamlcheck
- shellcheck
- integration-tests
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: trigger release process
uses: benc-uk/workflow-dispatch@v1
with:
workflow: release.yaml