chore(deps): bump golang.org/x/net from 0.48.0 to 0.49.0 #39
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| security-events: write | |
| env: | |
| GO_VERSION: '1.25.5' | |
| # Cancel in-progress runs for the same branch | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Run go fmt check | |
| run: | | |
| if [ -n "$(gofmt -l .)" ]; then | |
| echo "Code is not formatted. Run 'go fmt ./...' to fix." | |
| gofmt -d . | |
| exit 1 | |
| fi | |
| - name: Run go vet | |
| run: go vet ./... | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@v7 | |
| with: | |
| version: v2.7.2 | |
| args: --timeout=5m | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| - name: Download dependencies | |
| run: go mod download | |
| - name: Run tests | |
| run: go test -v -race -coverprofile=coverage.out ./... | |
| - name: Upload coverage | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage | |
| path: coverage.out | |
| retention-days: 7 | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| - name: Run govulncheck | |
| run: | | |
| go install golang.org/x/vuln/cmd/govulncheck@latest | |
| govulncheck ./... | |
| - name: Run gosec | |
| uses: securego/gosec@master | |
| with: | |
| args: '-no-fail -fmt sarif -out gosec-results.sarif ./...' | |
| - name: Upload gosec results | |
| uses: github/codeql-action/upload-sarif@v4 | |
| if: always() | |
| with: | |
| sarif_file: gosec-results.sarif | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: [test, security] | |
| strategy: | |
| matrix: | |
| goos: [linux, darwin, windows] | |
| goarch: [amd64, arm64] | |
| exclude: | |
| - goos: windows | |
| goarch: arm64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| - name: Build | |
| env: | |
| GOOS: ${{ matrix.goos }} | |
| GOARCH: ${{ matrix.goarch }} | |
| CGO_ENABLED: 0 | |
| run: | | |
| BINARY_NAME="slicli" | |
| if [ "$GOOS" = "windows" ]; then | |
| BINARY_NAME="slicli.exe" | |
| fi | |
| echo "Building for $GOOS/$GOARCH..." | |
| go build -ldflags="-s -w" -o "$BINARY_NAME" ./cmd/slicli | |
| - name: Verify binary (Linux only) | |
| if: matrix.goos == 'linux' && matrix.goarch == 'amd64' | |
| run: | | |
| ./slicli --version | |
| file slicli | |
| build-plugins: | |
| name: Build Plugins | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| - name: Build main binary | |
| run: make build | |
| - name: Build plugins | |
| run: make build-plugins | |
| - name: Test plugins | |
| run: make test-plugins | |
| integration: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: [build, build-plugins] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| - name: Build everything | |
| run: | | |
| make build | |
| make build-plugins | |
| - name: Run integration tests | |
| run: | | |
| # Verify binary works | |
| ./bin/slicli --version | |
| # Test with example presentation (if serve command exists) | |
| if ./bin/slicli serve --help 2>/dev/null; then | |
| echo "Serve command available" | |
| fi | |
| status: | |
| name: CI Status | |
| runs-on: ubuntu-latest | |
| needs: [lint, test, security, build, build-plugins, integration] | |
| if: always() | |
| steps: | |
| - name: Check all jobs | |
| run: | | |
| if [ "${{ needs.lint.result }}" != "success" ]; then | |
| echo "Lint failed" | |
| exit 1 | |
| fi | |
| if [ "${{ needs.test.result }}" != "success" ]; then | |
| echo "Test failed" | |
| exit 1 | |
| fi | |
| if [ "${{ needs.security.result }}" != "success" ]; then | |
| echo "Security scan failed" | |
| exit 1 | |
| fi | |
| if [ "${{ needs.build.result }}" != "success" ]; then | |
| echo "Build failed" | |
| exit 1 | |
| fi | |
| if [ "${{ needs.build-plugins.result }}" != "success" ]; then | |
| echo "Build plugins failed" | |
| exit 1 | |
| fi | |
| if [ "${{ needs.integration.result }}" != "success" ]; then | |
| echo "Integration tests failed" | |
| exit 1 | |
| fi | |
| echo "All checks passed!" |