Andy Cobaugh
4 years ago
2 changed files with 126 additions and 0 deletions
@ -0,0 +1,98 @@ |
|||
name: Go |
|||
|
|||
on: |
|||
push: |
|||
branches: [ master ] |
|||
pull_request: |
|||
branches: [ master ] |
|||
|
|||
jobs: |
|||
|
|||
build: |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
|
|||
- name: Set up Go |
|||
uses: actions/setup-go@v2 |
|||
with: |
|||
go-version: 1.16.x |
|||
|
|||
- name: Build |
|||
run: go build -v ./... |
|||
|
|||
- name: Test |
|||
run: go test -v ./... |
|||
|
|||
golangci-lint: |
|||
name: lint |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- uses: actions/checkout@v2 |
|||
- name: golangci-lint |
|||
uses: golangci/golangci-lint-action@v2 |
|||
with: |
|||
# Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version |
|||
version: latest |
|||
|
|||
trivy: |
|||
name: Trivy |
|||
runs-on: ubuntu-18.04 |
|||
steps: |
|||
- name: Checkout code |
|||
uses: actions/checkout@v2 |
|||
|
|||
- name: Run Trivy vulnerability scanner in repo mode |
|||
uses: aquasecurity/trivy-action@master |
|||
with: |
|||
scan-type: 'fs' |
|||
ignore-unfixed: true |
|||
format: 'template' |
|||
template: '@/contrib/sarif.tpl' |
|||
output: 'trivy-results.sarif' |
|||
severity: 'HIGH,CRITICAL' |
|||
exit-code: 0 |
|||
|
|||
- name: Upload Trivy scan results to GitHub Security tab |
|||
uses: github/codeql-action/upload-sarif@v1 |
|||
with: |
|||
sarif_file: 'trivy-results.sarif' |
|||
|
|||
- name: Run Trivy with human-readable output |
|||
uses: aquasecurity/trivy-action@master |
|||
with: |
|||
scan-type: 'fs' |
|||
ignore-unfixed: true |
|||
format: 'table' |
|||
severity: 'HIGH,CRITICAL' |
|||
exit-code: 1 |
|||
|
|||
goreleaser: |
|||
needs: |
|||
- build |
|||
- golangci-lint |
|||
- trivy |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
- |
|||
name: Checkout |
|||
uses: actions/checkout@v2 |
|||
with: |
|||
fetch-depth: 0 |
|||
- |
|||
name: Set up Go |
|||
uses: actions/setup-go@v2 |
|||
with: |
|||
go-version: 1.16.x |
|||
- |
|||
name: Run GoReleaser |
|||
uses: goreleaser/goreleaser-action@v2 |
|||
with: |
|||
# either 'goreleaser' (default) or 'goreleaser-pro' |
|||
distribution: goreleaser |
|||
version: latest |
|||
args: build --snapshot --rm-dist |
|||
env: |
|||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
|||
# Your GoReleaser Pro key, if you are using the 'goreleaser-pro' distribution |
|||
# GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} |
|||
@ -0,0 +1,28 @@ |
|||
name: release |
|||
|
|||
on: |
|||
push: |
|||
tags: |
|||
- '*' |
|||
|
|||
jobs: |
|||
release: |
|||
name: release |
|||
runs-on: ubuntu-latest |
|||
steps: |
|||
|
|||
- name: Set up Go 1.x |
|||
uses: actions/setup-go@v2 |
|||
with: |
|||
go-version: 1.16.x |
|||
|
|||
- name: Check out code into the Go module directory |
|||
uses: actions/checkout@v2 |
|||
|
|||
- name: GoReleaser |
|||
uses: goreleaser/goreleaser-action@v2 |
|||
with: |
|||
version: latest |
|||
args: release --rm-dist |
|||
env: |
|||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
|||
Loading…
Reference in new issue