First commit #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| env: | |
| GO_VERSION: '1.21' | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Cache Go modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Download dependencies | |
| run: make mod-tidy | |
| - name: Run unit tests | |
| run: make test | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./coverage.out | |
| flags: unittests | |
| name: codecov-umbrella | |
| nftables-tests: | |
| name: NFTables Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install NFTables | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y nftables | |
| sudo modprobe nf_tables | |
| - name: Download dependencies | |
| run: make mod-tidy | |
| - name: Run NFTables unit tests | |
| run: make test-verbose ARGS="./pkg/nftables -short" | |
| - name: Run NFTables integration tests | |
| run: sudo make test-integration | |
| controller-tests: | |
| name: Controller Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Download dependencies | |
| run: make mod-tidy | |
| - name: Run controller tests | |
| run: make test-controller | |
| - name: Run datastore tests | |
| run: make test-verbose ARGS="./pkg/datastore" | |
| - name: Run utils tests | |
| run: make test-verbose ARGS="./pkg/utils" | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install golangci-lint | |
| run: | | |
| curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.55.2 | |
| echo "$(go env GOPATH)/bin" >> $GITHUB_PATH | |
| - name: Run golangci-lint | |
| run: make lint | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install gosec | |
| run: go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest | |
| - name: Run security scan | |
| run: make security-scan | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| needs: [test, nftables-tests, controller-tests, lint, security] | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Build binary | |
| run: make build | |
| - name: Upload binary artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: multi-networkpolicy-nftables-linux-amd64 | |
| path: bin/multi-networkpolicy-nftables | |
| retention-days: 30 |