-
Notifications
You must be signed in to change notification settings - Fork 3
153 lines (144 loc) · 4.1 KB
/
ci.yml
File metadata and controls
153 lines (144 loc) · 4.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_call:
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: true
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v9
with:
version: v2.12.1
test:
name: Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: true
- name: Run tests with race detector and coverage
run: |
go test -race \
-coverpkg=./... \
-coverprofile=coverage.out \
-timeout 5m \
./...
- name: Upload coverage artifact
uses: actions/upload-artifact@v4
with:
name: coverage
path: coverage.out
retention-days: 7
coverage-badge:
name: Coverage badge
needs: test
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: true
- name: Download coverage
uses: actions/download-artifact@v4
with:
name: coverage
- name: Extract coverage percentage
id: coverage
run: |
PCT=$(go tool cover -func=coverage.out | grep total | awk '{print $3}' | tr -d '%')
echo "percentage=${PCT}" >> "$GITHUB_OUTPUT"
- name: Update coverage badge gist
uses: schneegans/dynamic-badges-action@v1.8.0
with:
auth: ${{ secrets.GIST_TOKEN }}
gistID: ${{ vars.COVERAGE_GIST_ID }}
filename: vault-db-injector-coverage.json
label: coverage
message: ${{ steps.coverage.outputs.percentage }}%
valColorRange: ${{ steps.coverage.outputs.percentage }}
minColorRange: 40
maxColorRange: 80
govulncheck:
name: govulncheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-file: go.mod
cache: true
helm-lint:
name: Helm lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: azure/setup-helm@v4
with:
version: v3.16.4
- name: Set up chart-testing
uses: helm/chart-testing-action@v2.8.0
- name: Run chart-testing lint
run: ct lint --charts helm --validate-maintainers=false
- name: Render templates with default values
run: helm template test-render helm/ > /dev/null
helm-docs-check:
name: helm-docs sync
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install helm-docs
run: |
HELM_DOCS_VERSION=1.14.2
curl -fsSL "https://github.com/norwoodj/helm-docs/releases/download/v${HELM_DOCS_VERSION}/helm-docs_${HELM_DOCS_VERSION}_Linux_x86_64.deb" -o /tmp/helm-docs.deb
sudo dpkg -i /tmp/helm-docs.deb
- name: Verify helm/README.md is in sync
run: make helm-docs-check
docs-build-strict:
name: mkdocs strict build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Install hatch
run: pip install --upgrade hatch
- name: Build docs (strict mode)
run: hatch -e docs run mkdocs build --strict
pr-title:
name: Conventional PR title
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
types: |
feat
fix
chore
docs
perf
refactor
test
build
ci
style