Merge pull request #90 from buildpulse/fixcov #582
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
push: | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.19" | |
check-latest: true | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v2 | |
- name: Get dependencies | |
run: go get -v -t -d ./... | |
- name: Fetch build tools | |
run: | | |
go install golang.org/x/lint/golint@latest | |
go install gotest.tools/gotestsum@latest | |
- name: Build | |
run: go build -v ./... | |
- name: Lint | |
run: golint -set_exit_status ./... | |
- name: Test | |
run: | | |
mkdir -p tmp/test-results | |
gotestsum --junitfile tmp/test-results/gotestsum-report.xml ./... | |
- name: Upload test results to BuildPulse for flaky test detection -- Inception! 🤯 | |
if: "!cancelled()" # Run this step even when the tests fail. Skip if the workflow is cancelled. | |
env: | |
BUILDPULSE_ACCESS_KEY_ID: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID }} | |
BUILDPULSE_SECRET_ACCESS_KEY: ${{ secrets.BUILDPULSE_SECRET_ACCESS_KEY }} | |
run: | | |
curl -fsSL https://github.com/buildpulse/test-reporter/releases/latest/download/test-reporter-linux-amd64 > ./buildpulse-test-reporter | |
chmod +x ./buildpulse-test-reporter | |
./buildpulse-test-reporter submit tmp/test-results --account-id 68192324 --repository-id 280914963 | |
govulncheck: | |
name: Vulnerability check | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.19" | |
check-latest: true | |
- name: Install govulncheck | |
run: go install golang.org/x/vuln/cmd/govulncheck@latest | |
- name: Run govulncheck | |
run: govulncheck ./... | |
smoke-test: | |
name: Smoke test | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.get_version.outputs.version }} | |
steps: | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.19" | |
check-latest: true | |
id: go | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v2 | |
- name: Build executable binaries | |
run: ./script/build-snapshot --single-target | |
- name: Output version from binary | |
run: ./dist/linux_linux_amd64/test-reporter --version | |
- name: Verify binary can successfully package up test results and upload them to BuildPulse | |
env: | |
BUILDPULSE_ACCESS_KEY_ID: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID }} | |
BUILDPULSE_SECRET_ACCESS_KEY: ${{ secrets.BUILDPULSE_SECRET_ACCESS_KEY }} | |
run: | | |
mkdir -p fake-test-results-dir | |
touch fake-test-results-dir/report.xml | |
./dist/linux_linux_amd64/test-reporter submit fake-test-results-dir --account-id 68192324 --repository-id 280914963 | |
create-release: | |
name: Create draft release | |
# If the push that triggered this is a tag that starts with "v" (e.g., v1.0.0) | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
needs: [build, smoke-test] | |
runs-on: macos-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
uses: actions/setup-go@v2 | |
with: | |
go-version: 1.19 | |
check-latest: true | |
- name: Install upx | |
run: brew install upx | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v2 | |
with: | |
version: latest | |
args: release --rm-dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload binaries as build artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: dist | |
path: dist/ | |
retention-days: 90 | |
- name: Set tag name for downstream jobs | |
id: tag | |
run: echo "::set-output name=tag::${GITHUB_REF#refs/*/}" | |
outputs: | |
tag: ${{ steps.tag.outputs.tag }} | |
verify-alpine: | |
name: Verify binary (Alpine) | |
needs: create-release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download binary from release | |
run: gh release download ${{ needs.create-release.outputs.tag }} --repo ${{ github.repository }} --pattern 'test-reporter-linux-amd64' --dir dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: 'Verify basic "runnability"' | |
run: docker run --volume $(pwd):/tmp --workdir /tmp alpine:3.12 sh -c "chmod +x dist/test-reporter-linux-amd64 && dist/test-reporter-linux-amd64 --version" | |
verify-macos: | |
name: Verify binary (macOS) | |
needs: create-release | |
runs-on: macos-latest | |
steps: | |
- name: Download binary from release | |
run: gh release download ${{ needs.create-release.outputs.tag }} --repo ${{ github.repository }} --pattern 'test-reporter-darwin-amd64' --dir dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: 'Verify basic "runnability"' | |
run: | | |
chmod +x dist/test-reporter-darwin-amd64 | |
dist/test-reporter-darwin-amd64 --version | |
verify-ubuntu: | |
name: Verify binary (Ubuntu) | |
needs: create-release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download binary from release | |
run: gh release download ${{ needs.create-release.outputs.tag }} --repo ${{ github.repository }} --pattern 'test-reporter-linux-amd64' --dir dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: 'Verify basic "runnability"' | |
run: | | |
chmod +x dist/test-reporter-linux-amd64 | |
dist/test-reporter-linux-amd64 --version | |
verify-windows: | |
name: Verify binary (Windows) | |
needs: create-release | |
runs-on: windows-latest | |
steps: | |
- name: Download binary from release | |
run: gh release download ${{ needs.create-release.outputs.tag }} --repo ${{ github.repository }} --pattern 'test-reporter-windows-amd64.exe' --dir dist | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: 'Verify basic "runnability"' | |
run: dist/test-reporter-windows-amd64.exe --version |