chore(deps): bump the golang group across 1 directory with 48 updates… #540
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Development Actions | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: ["**"] | |
workflow_call: | |
secrets: | |
GH_DELL_ACCESS: | |
description: 'A token passed from the caller workflow' | |
required: true | |
permissions: | |
contents: read | |
env: | |
GOPRIVATE: github.com/dell/* | |
TOKEN: ${{ secrets.GH_DELL_ACCESS }} | |
jobs: | |
golangci-lint: | |
name: golangci-lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.23" | |
cache: false | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: Vendor packages | |
run: | | |
go mod vendor | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
version: latest | |
skip-cache: true | |
malware-security-scan: | |
name: Malware Scanner | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: Malware Scanner | |
uses: dell/common-github-actions/malware-scanner@main | |
with: | |
directories: . | |
options: '--recursive --infected' | |
code-sanitizer: | |
name: Check for forbidden words | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: Run the forbidden words scan | |
uses: dell/common-github-actions/code-sanitizer@main | |
with: | |
args: /github/workspace/pkg | |
dockerfile-linter: | |
name: Run Hadolint Dockerfile lint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: Run Hadolint | |
uses: hadolint/hadolint-action@v3.1.0 | |
shell-linter: | |
name: Run Shellcheck, Checkmake and Perl Critic | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: Run ShellCheck | |
uses: ludeeus/action-shellcheck@master | |
- name: Perl Critic | |
uses: Difegue/action-perlcritic@master | |
with: | |
args: ./scripts/* | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.23" | |
cache: false | |
- name: Install and run Checkmake | |
run: | | |
go install github.com/mrtazz/checkmake/cmd/checkmake@latest | |
checkmake Makefile | |
tests: | |
name: Run unit tests and check package coverage | |
runs-on: ubuntu-latest | |
steps: | |
- name: Configure git for private modules | |
run: | | |
git config --global url."https://csmbot:$TOKEN@github.com".insteadOf "https://github.com" | |
echo "machine github.com login csmbot password $TOKEN" >> ~/.netrc | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.23" | |
cache: false | |
- name: Vendor packages | |
run: | | |
go mod vendor | |
- name: Run unit tests and check package coverage | |
uses: dell/common-github-actions/go-code-tester@main | |
with: | |
threshold: 90 | |
test-folder: "." | |
skip-list: "github.com/dell/cosi/core,github.com/dell/cosi/tests/integration/main_test" | |
- name: Run fuzzy tests | |
run: | | |
make fuzz | |
build-and-secure: | |
name: Build and Scan Docker image | |
runs-on: ubuntu-latest | |
env: | |
IMAGETAG: "${{ github.sha }}" | |
IMAGENAME: "cosi" | |
steps: | |
- name: Configure git for private modules | |
run: | | |
git config --global url."https://csmbot:$TOKEN@github.com".insteadOf "https://github.com" | |
echo "machine github.com login csmbot password $TOKEN" >> ~/.netrc | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.23" | |
cache: false | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
- name: "Vendor packages" | |
run: | | |
go mod vendor | |
- run: | | |
chmod +x ./scripts/build-ubi-micro.sh | |
make build-base-image | |
podman build -t docker.io/${{ env.IMAGENAME }}:${{ env.IMAGETAG }} -f ./Dockerfile --build-arg GOIMAGE=golang:latest --build-arg BASEIMAGE="localhost/cosi-ubimicro" | |
podman save docker.io/${{ env.IMAGENAME }}:${{ env.IMAGETAG }} -o /tmp/cosi.tar | |
docker load -i /tmp/cosi.tar | |
- name: Run trivy action | |
uses: aquasecurity/trivy-action@master | |
with: | |
image-ref: ${{ env.IMAGENAME }}:${{ env.IMAGETAG }} | |
- name: Run dockle action | |
uses: erzz/dockle-action@v1.4.0 | |
env: | |
DOCKER_CONTENT_TRUST: 1 | |
with: | |
image: ${{ env.IMAGENAME }}:${{ env.IMAGETAG }} |