dedis · jbsv · Nov 28, 2022 · Nov 25, 2022 · Nov 28, 2022
diff --git a/.github/workflows/go_tests.yml b/.github/workflows/go_tests.yml
diff --git a/.github/workflows/test_on_pr.yml b/.github/workflows/test_on_pr.yml
@@ -0,0 +1,78 @@
+name: Test on PR
+
+on:
+  pull_request_target:
+    types: [opened, synchronize, reopened, labeled]
+
+jobs:
+  permission:
+    strategy:
+      matrix:
+        platform: [macos-latest, windows-latest, ubuntu-latest]
+    runs-on: ${{matrix.platform}}
+    steps:
+    - name: Add comment if PR permission failed
+      if: ${{ !contains(github.event.pull_request.labels.*.name, 'safe PR') }}
+      uses: actions/github-script@v3
+      with:
+        github-token: ${{secrets.GITHUB_TOKEN}}
+        script: |
+          github.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: '🔒 Could not start CI tests due to missing *safe PR* label. Please contact a DEDIS maintainer.'
+          })
+    - name: Check permission
+      if: ${{ !contains(github.event.pull_request.labels.*.name, 'safe PR') }}
+      run: |
+        echo "::error:: Could not start CI tests due to missing *safe PR* label."
+        exit 1
+
+  test:
+    needs: permission
+    strategy:
+      matrix:
+        platform: [macos-latest, windows-latest, ubuntu-latest]
+    runs-on: ${{matrix.platform}}
+    env:
+      DBGSYNCLOG: trace
+      DBGSYNCON: true
+    steps:
+    - name: Set up Go ^1.13
+      uses: actions/setup-go@v3
+      with:
+        go-version: ^1.13
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v3
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+        fetch-depth: 0
+
+    - name: Test without coverage
+      if: matrix.platform == 'macos-latest' || matrix.platform == 'windows-latest'
+      run: make test
+
+    - name: Test with coverage
+      if: matrix.platform == 'ubuntu-latest'
+      run: make coverage
+
+    - name: SonarCloud scan
+      if: matrix.platform == 'ubuntu-latest'
+      uses: sonarsource/sonarcloud-github-action@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      with:
+        args: >
+          -Dsonar.organization=dedis
+          -Dsonar.projectKey=dedis_kyber
+          -Dsonar.go.tests.reportPaths=report.json
+          -Dsonar.go.coverage.reportPaths=profile.cov
+          -Dsonar.pullrequest.key=${{ github.event.number }}
+          -Dsonar.pullrequest.branch=${{ github.head_ref }}
+          -Dsonar.pullrequest.base=${{ github.event.pull_request.base }}
+          -Dsonar.c.file.suffixes=-
+          -Dsonar.cpp.file.suffixes=-
+          -Dsonar.objc.file.suffixes=-
diff --git a/.github/workflows/test_on_push.yml b/.github/workflows/test_on_push.yml
@@ -0,0 +1,59 @@
+name: Test on push
+
+on:
+  push:
+    branches: [ master ]
+
+jobs:
+  test_and_coverage:
+    strategy:
+      matrix:
+        platform: [macos-latest, windows-latest, ubuntu-latest]
+    runs-on: ${{matrix.platform}}
+    env:
+      DBGSYNCLOG: trace
+      DBGSYNCON: true
+    steps:
+    - name: Set up Go ^1.13
+      uses: actions/setup-go@v3
+      with:
+        go-version: ^1.13
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v3
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+        fetch-depth: 0
+
+    - name: Test without coverage
+      if: matrix.platform == 'macos-latest' || matrix.platform == 'windows-latest'
+      run: make test
+
+    - name: Test with coverage
+      if: matrix.platform == 'ubuntu-latest'
+      run: make coverage
+
+    - name: SonarCloud scan
+      if: matrix.platform == 'ubuntu-latest'
+      uses: sonarsource/sonarcloud-github-action@master
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      with:
+        args: >
+          -Dsonar.organization=dedis
+          -Dsonar.projectKey=dedis_kyber
+          -Dsonar.go.tests.reportPaths=report.json
+          -Dsonar.go.coverage.reportPaths=profile.cov
+          -Dsonar.pullrequest.key=${{ github.event.number }}
+          -Dsonar.pullrequest.branch=${{ github.head_ref }}
+          -Dsonar.pullrequest.base=${{ github.event.pull_request.base }}
+          -Dsonar.c.file.suffixes=-
+          -Dsonar.cpp.file.suffixes=-
+          -Dsonar.objc.file.suffixes=-
+
+    - name: Send coverage
+      if: matrix.platform == 'ubuntu-latest'
+      uses: shogo82148/actions-goveralls@v1
+      with:
+        path-to-profile: profile.cov