Sign upLogin

Open-CMSIS-Pack/generator-bridge

View on GitHub
Star
.github/workflows/test.yml

Summary

Maintainability
Test Coverage
name: Test

on:
  workflow_dispatch:
  push: 
    branches: [main]
  pull_request:
    paths:
      - '.github/workflows/test.yml'
      - '**/*.go'
      - 'makefile'
      - 'go.mod'
      - 'go.sum'

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

env:
  program: "cbridge"

# Declare default permissions as read only.
permissions: read-all

jobs:
  copyright:
    runs-on: ubuntu-20.04
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Check out repository code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Check copyright notice
        run: |
          pip install \
            pre-commit \
            python-magic==0.4.18 \
            comment-parser>=1.2.3
          pre-commit run --all-files

  lint:
    name: Lint
    timeout-minutes: 10
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Check out repository code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Install Go
        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
        with:
          go-version-file: go.mod
          check-latest: true

      - name: Lint with golangci-lint
        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
        with:
          version: latest

  format:
    name: Format
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Check out repository code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Install Go
        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
        with:
          go-version-file: go.mod
          check-latest: true

      - name: Check formatting
        run: make format-check

  vulnerability-check:
    name: "Vulnerability check"
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Scan for Vulnerabilities
        uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
        with:
          go-version-file: go.mod
          check-latest: true
          go-package: ./...

  test:
    strategy:
      matrix:
        platform: [ubuntu-latest, windows-latest, macos-latest]
        arch: [amd64, arm64]
        include:
          - platform: ubuntu-latest
            target: linux
          - platform: windows-latest
            target: windows
          - platform: macos-latest
            target: darwin
    name: 'Test (${{ matrix.target }}, ${{ matrix.arch }})'
    runs-on: ${{ matrix.platform }}
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Set up Go
        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
        with:
          go-version-file: go.mod
          check-latest: true

      - name: Install go-junit-report
        run: go install github.com/jstemmer/go-junit-report/v2@14d61e6e75e3f3c74551d757ad936e8e88014464 # v2.1.0

      - name: Run tests
        run: |
          mkdir -p build
          set GOOS=${{ matrix.target }} && set GOARCH=${{ matrix.arch }} && go test -v ./... > build/${{ env.program }}-${{ matrix.target }}-${{ matrix.arch }}.txt

      - name: Generate HTML report
        if: success() || failure()
        run: |
          go-junit-report -set-exit-code -in build/${{ env.program }}-${{ matrix.target }}-${{ matrix.arch }}.txt -iocopy -out build/${{ env.program }}-testreport-${{ matrix.target }}-${{ matrix.arch }}.xml

      - name: Archive test results
        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
        with:
          name: ${{ env.program }}-test-result-${{ matrix.target }}-${{ matrix.arch }}
          path: ./build/${{ env.program }}-testreport-*.xml
          retention-days: 1
          if-no-files-found: error
  
  publish-test-results:
    if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' && github.event_name != 'release' }}
    name: "Publish Tests Results"
    needs: [ test ]
    runs-on: ubuntu-latest
    permissions:
      checks: write
      pull-requests: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Download Artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        with:
          path: artifacts

      - name: publish test results
        uses: EnricoMi/publish-unit-test-result-action/composite@170bf24d20d201b842d7a52403b73ed297e6645b # v2.18.0
        with:
          commit: ${{ github.event.workflow_run.head_sha }}
          junit_files: "artifacts/**/${{ env.program }}-testreport-*.xml"
          report_individual_runs: true

  coverage:
    if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' && github.event_name != 'release' }}
    needs: [ test ]
    name: 'Coverage check'
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Check out repository code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Install Go
        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
        with:
          go-version-file: go.mod
          check-latest: true

      - name: Coverage check
        run: |
          make coverage-check

      - name: Publish coverage report to Code Climate
        uses: paambaati/codeclimate-action@f429536ee076d758a24705203199548125a28ca7 # v9.0.0
        env:
          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
        with:
          debug: true
          coverageLocations: ./cover.out:gocov
          prefix: github.com/open-cmsis-pack/generator-bridge