🔄 synced file(s) with PaddleHQ/go-library-template #85
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # DO NOT EDIT: This file should only be modified in the `go-library-template` repo. | |
| name: Ensure code passes linting rules | |
| on: | |
| pull_request: | |
| env: | |
| # Required to enable support for synctest.Run | |
| # This will be removed once we update to go 1.25 | |
| GOEXPERIMENT: synctest | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read # Required to check out the code | |
| pull-requests: write # Required to post a comment on the PR | |
| checks: write # Required to post a comment on the PR | |
| actions: write # required for `workflow-dispatch` to trigger the automerge workflow | |
| jobs: | |
| lint: | |
| name: Ensure code passes linting rules | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 | |
| with: | |
| egress-policy: audit | |
| - name: Check out code | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Set up Go | |
| uses: ./.github/actions/setup-go | |
| with: | |
| owner: ${{ github.repository_owner }} | |
| private: ${{ github.event.repository.private }} | |
| private-key: ${{ secrets.PRIVATE_GO_CI_PRIVATE_KEY }} | |
| - name: Read build config | |
| id: build_config | |
| uses: pietrobolcato/action-read-yaml@9f13718d61111b69f30ab4ac683e67a56d254e1d # 1.1.0 | |
| with: | |
| config: ${{ github.workspace }}/build-config.yaml | |
| - name: Read lint config | |
| id: lint-config | |
| uses: pietrobolcato/action-read-yaml@9f13718d61111b69f30ab4ac683e67a56d254e1d # 1.1.0 | |
| with: | |
| config: ${{ github.workspace }}/.golangci.yml | |
| - name: golangci-lint-v1 | |
| if: steps.lint-config.outputs['version'] != '2' | |
| uses: golangci/golangci-lint-action@2226d7cb06a077cd73e56eedd38eecad18e5d837 # [6.5.0] - DO NOT UPGRADE!!! | |
| with: | |
| version: v1.64.6 | |
| args: --timeout=${{ steps.build_config.outputs['lintTimeout'] || '5m' }} --out-format github-actions | |
| - name: golangci-lint-v2 | |
| if: steps.lint-config.outputs['version'] == '2' | |
| uses: golangci/golangci-lint-action@0a35821d5c230e903fcfe077583637dea1b27b47 # v9.0.0 | |
| with: | |
| version: v2.5.0 | |
| args: --timeout=${{ steps.build_config.outputs['lintTimeout'] || '5m' }} | |
| - name: Install editorconfig-checker | |
| uses: editorconfig-checker/action-editorconfig-checker@d2ed4fd072ae6f887e9407c909af0f585d2ad9f4 # v2 | |
| - name: Validate editorconfig | |
| run: editorconfig-checker | |
| - name: Automerge | |
| uses: ./.github/actions/trigger-automerge | |
| with: | |
| event: ${{ toJSON(github.event) }} | |
| hasAutoApproverPrivateKey: ${{ secrets.AUTO_APPROVER_PRIVATE_KEY != '' }} |