Merge pull request #390 from wneessen/dependabot/github_actions/step-… #100

Workflow file for this run

	# SPDX-FileCopyrightText: Winni Neessen <wn@neessen.dev>
	#
	# SPDX-License-Identifier: MIT

	name: CI

	permissions:
	contents: read

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref_name }}

	jobs:
	lint:
	name: golangci-lint (${{ matrix.go }})
	runs-on: ubuntu-latest
	concurrency:
	group: ci-lint-${{ matrix.go }}
	cancel-in-progress: true
	strategy:
	matrix:
	go: ['1.25']
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Setup go
	uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5.6.0
	with:
	go-version: ${{ matrix.go }}
	check-latest: true
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # master
	- name: golangci-lint
	uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
	with:
	version: latest
	dependency-review:
	name: Dependency review
	runs-on: ubuntu-latest
	concurrency:
	group: ci-dependency-review
	cancel-in-progress: true
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # master
	- name: 'Dependency Review'
	uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
	with:
	base-ref: ${{ github.event.pull_request.base.sha \|\| 'main' }}
	head-ref: ${{ github.event.pull_request.head.sha \|\| github.ref }}
	govulncheck:
	name: Go vulnerabilities check
	runs-on: ubuntu-latest
	concurrency:
	group: ci-govulncheck
	cancel-in-progress: true
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Run govulncheck
	uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
	test:
	name: Test (${{ matrix.os }} / ${{ matrix.go }})
	runs-on: ${{ matrix.os }}
	env:
	JSMAILER_FORMS_PATH: ${{ vars.JSMAILER_FORMS_PATH }}
	strategy:
	fail-fast: false
	matrix:
	os: ['ubuntu-latest']
	go: ['1.25']
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # master
	- name: Setup go
	uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5.6.0
	with:
	go-version: ${{ matrix.go }}
	- name: Run go test
	run: \|
	go test -race -shuffle=on ./...
	reuse:
	name: REUSE Compliance Check
	runs-on: ubuntu-latest
	concurrency:
	group: ci-reuse
	cancel-in-progress: true
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # master
	- name: REUSE Compliance Check
	uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0
	codecov:
	name: Test with Codecov coverage (${{ matrix.os }} / ${{ matrix.go }})
	runs-on: ${{ matrix.os }}
	env:
	PERFORM_INTEGRATION_TEST: ${{ vars.PERFORM_INTEGRATION_TEST }}
	JSMAILER_FORMS_PATH: ${{ vars.JSMAILER_FORMS_PATH }}
	concurrency:
	group: ci-codecov-${{ matrix.os }}-${{ matrix.go }}
	cancel-in-progress: true
	strategy:
	matrix:
	os: [ ubuntu-latest ]
	go: [ '1.25' ]
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
	with:
	egress-policy: audit
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # master
	- name: Setup go
	uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5.6.0
	with:
	go-version: ${{ matrix.go }}
	check-latest: true
	- name: Run go test
	if: success()
	run: \|
	go test -race -shuffle=on --coverprofile=coverage.coverprofile --covermode=atomic ./...
	- name: Upload coverage to Codecov
	if: success()
	uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
	with:
	token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Merge pull request #390 from wneessen/dependabot/github_actions/step-… #100

Workflow file

Merge pull request #390 from wneessen/dependabot/github_actions/step-… #100

Uh oh!

Workflow file for this run