fix gosec install path #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ main, master ] | |
| pull_request: | |
| branches: [ main, master ] | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| env: | |
| GO_VERSION: '1.24.4' | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@v8.0.0 | |
| with: | |
| version: v2.1.6 | |
| args: --timeout=5m | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Cache Go modules | |
| uses: actions/cache@v4.2.3 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Download dependencies | |
| run: go mod download | |
| - name: Run tests | |
| run: | | |
| go test -v -race -coverprofile=coverage.out ./... | |
| go tool cover -func=coverage.out | |
| - name: Generate test coverage | |
| run: go tool cover -html=coverage.out -o coverage.html | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| file: ./coverage.out | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: [lint, test] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Cache Go modules | |
| uses: actions/cache@v4.2.3 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Build | |
| run: go build -v ./... | |
| - name: Check for formatting issues | |
| run: | | |
| if [ -n "$(gofmt -l .)" ]; then | |
| echo "The following files are not formatted:" | |
| gofmt -l . | |
| echo "Please run 'gofmt -w .' to fix them." | |
| exit 1 | |
| fi | |
| security: | |
| name: Security | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install and run Gosec | |
| run: | | |
| export PATH=$PATH:$(go env GOPATH)/bin | |
| go install github.com/securego/gosec/v2/cmd/gosec@latest | |
| gosec ./... | |
| matrix-test: | |
| name: Matrix Test | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 15 | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| go-version: ['1.23.6', '1.24.4'] | |
| fail-fast: false | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ matrix.go-version }} | |
| - name: Run tests | |
| run: go test -v ./... | |
| dependency-review: | |
| name: Dependency Review | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Dependency Review | |
| uses: actions/dependency-review-action@v4 | |
| with: | |
| fail-on-severity: moderate | |
| mod-tidy-check: | |
| name: Go Mod Tidy Check | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4.2.2 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5.5.0 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Check go mod tidy | |
| run: | | |
| go mod tidy | |
| if [ -n "$(git status --porcelain)" ]; then | |
| echo "go mod tidy changed files:" | |
| git diff | |
| echo "Please run 'go mod tidy' and commit the changes." | |
| exit 1 | |
| fi |