.github/workflows/test_pr.yml
name: Test PR
on:
pull_request_target:
workflow_dispatch:
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v4.1.0
with:
go-version: 1.17
id: go
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: golangci-lint
uses: golangci/golangci-lint-action@v4.0.0
with:
version: v1.44
test:
name: Test
runs-on: ubuntu-latest
steps:
- name: Setup Go
uses: actions/setup-go@v4.1.0
with:
go-version: 1.17
id: go
- name: Checkout
uses: actions/checkout@v3
with:
ref: "refs/pull/${{ github.event.number }}/merge"
- name: Test
run: go test -coverprofile cover.out ./...
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
image-scan:
name: Image Scan
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: "refs/pull/${{ github.event.number }}/merge"
- name: Setup Go
uses: actions/setup-go@v4.1.0
with:
go-version: 1.17
id: go
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v4.3.0
with:
version: latest
args: release --rm-dist --snapshot
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Scan image
uses: anchore/scan-action@v3.6.4
id: scan
with:
image: "hipages/php-fpm_exporter:latest"
acs-report-enable: true
fail-build: false
- name: Upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.scan.outputs.sarif }}