RELEASE: post-tag bump version to v0.5.8-dev #57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Actions CI | |
| # This `name:` is used in the badge.svg rendering in the README.md. | |
| permissions: {} | |
| # Control the GITHUB_TOKEN permissions. | |
| # By having this block, all permissions not listed here are set to none. | |
| # Available permissions listed at: | |
| # <https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token> | |
| # Which API calls need which permissions at what level, listed at: | |
| # <https://docs.github.com/en/rest/reference/permissions-required-for-github-apps> | |
| # | |
| on: | |
| push: | |
| branches-ignore: | |
| - 'exp' | |
| - 'exp/*' | |
| - 'exp-*' | |
| - 'exp_*' | |
| - 'wip' | |
| - 'wip/*' | |
| - 'wip-*' | |
| - 'wip_*' | |
| pull_request: | |
| # We don't want to cancel for a push, but do if superseded by a PR update | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request_number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| test: | |
| name: Build & Test | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| # checks: write # uncomment if re-enable the reviewdog/action-staticcheck step | |
| # statuses: write # unsure, I think this was probably a mistake, I don't see anything here using the status API | |
| strategy: | |
| matrix: | |
| include: | |
| - go: 'stable' | |
| canonical: true | |
| # hunspell requires at least Go 1.17 | |
| # but we only really need to bother once, so do it on the stable run only | |
| spellcheck: true | |
| - go: 'oldstable' | |
| canonical: false | |
| spellcheck: false | |
| steps: | |
| - name: Install OS packages | |
| run: | | |
| sudo apt-get -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confnew" install -y libhunspell-dev hunspell-en-us | |
| if: matrix.spellcheck | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| # We're not using release process or version stamping which needs Git History in this workflow. | |
| # Thus we do not need to set with.fetch-depth to 0. We can live with a shallow clone. | |
| with: | |
| # security posture improvement: | |
| persist-credentials: false | |
| - name: Set up Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 | |
| with: | |
| go-version: ${{ matrix.go }} | |
| check-latest: true | |
| - id: go-settings | |
| name: Export Go environment to Actions outputs | |
| run: | | |
| echo >> "$GITHUB_OUTPUT" "arch=$(go env GOARCH)" | |
| echo >> "$GITHUB_OUTPUT" "hostarch=$(go env GOHOSTARCH)" | |
| echo >> "$GITHUB_OUTPUT" "os=$(go env GOOS)" | |
| echo >> "$GITHUB_OUTPUT" "hostos=$(go env GOHOSTOS)" | |
| echo >> "$GITHUB_OUTPUT" "go-version=$(go env GOVERSION)" | |
| # Use with: | |
| # ${{ steps.go-settings.outputs.go-version }} | |
| # which will look like `go1.17.1` if matrix `1.17.x` matches `1.17.1`. | |
| # These are independent of how the matrix is setup, or if a matrix is even used. | |
| # As of actions/setup-go@v4, go modules and build outputs are cached by default. | |
| # The go module cache has much read-only content and using our own cache | |
| # to restore those areas results in a lot of write errors. | |
| # So we no longer use a manual invocation of actions/cache. | |
| - name: Download all Go dependencies | |
| # nb: `go mod download` is heavyweight and extends beyond the actual dependencies | |
| run: | | |
| go list all | |
| - name: Install additional check/lint tools | |
| run: | | |
| go install github.com/kortschak/gospel@latest | |
| if: matrix.spellcheck | |
| - name: Version / Environment Reporting | |
| run: | | |
| ./build/show.versions | |
| - name: Basic Go integrity checks | |
| run: | | |
| t="$(gofmt -s -l .)" | |
| if [ ".$t" != "." ]; then printf 'gofmt would modify files:\n%s\n' "$t"; exit 1; fi | |
| go vet ./... | |
| t="$(go list -m -retracted -f '{{if .Retracted}}::error file=go.mod::{{.Path}} is retracted{{end}}' all)" | |
| if [ ".$t" != "." ]; then printf '%s\n' "$t"; exit 1; fi | |
| - name: Spelling checks | |
| run: | | |
| t="$(gospel .)" | |
| if [ ".$t" != "." ]; then printf 'gospel found spelling issues:\n%s\n' "$t"; exit 1; fi | |
| if: matrix.spellcheck | |
| # This doesn't actually invoke static checks unless in a pull-request | |
| # Leaving present-but-commented-out as an easy reference. | |
| # Revisit the permissions: block if re-enabling this. | |
| # - name: Go static checks | |
| # uses: reviewdog/action-staticcheck@v1 | |
| # with: | |
| # filter_mode: nofilter | |
| # fail_on_error: true | |
| # if: matrix.canonical | |
| - name: Go build & test | |
| run: | | |
| go build ./... | |
| go test -v -coverprofile="${RUNNER_TEMP}/profile.cov" -coverpkg ./... ./... | |
| - name: Send coverage | |
| uses: shogo82148/actions-goveralls@25f5320d970fb565100cf1993ada29be1bb196a1 # v1.10.0 | |
| with: | |
| path-to-profile: ${{ runner.temp }}/profile.cov | |
| flag-name: ${{ steps.go-settings.outputs.go-version }} | |
| parallel: true | |
| report: | |
| name: Report Results | |
| needs: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: coveralls.io completion notification | |
| uses: shogo82148/actions-goveralls@25f5320d970fb565100cf1993ada29be1bb196a1 # v1.10.0 | |
| with: | |
| parallel-finished: true | |
| - name: Notify PT Slack | |
| uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_PT_AUTOBUILDS }} | |