CVE fixed and upgrade to latest #989

Workflow file for this run

	name: CI

	on:
	push:
	branches: [ '**' ]
	paths-ignore:
	- '**.md'
	- 'docs/**'
	- '.github/dependabot.yml'
	pull_request:
	paths-ignore:
	- '**.md'
	branches: [ main ]
	env:
	BINARY: 'server'
	GO_VERSION: '1.21'

	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:


	jobs:
	# Lint check, using https://github.com/mgechev/revive
	lint:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3
	with:
	submodules: true

	- name: Run Revive Action
	uses: docker://morphy/revive-action:v2
	with:
	config: ./revive.toml
	name: "Linter"
	pre_flight:
	runs-on: ubuntu-latest

	outputs:
	new_tag: ${{ steps.tag_version.outputs.new_tag }}
	changelog : ${{ steps.tag_version.outputs.changelog }}
	steps:
	- name: Establish tags and versions
	id: tag_version
	uses: mathieudutour/github-tag-action@v6.1
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}

	framework:
	runs-on: ubuntu-latest
	needs: [pre_flight]
	steps:
	- uses: actions/checkout@v3

	- name: Set up Go
	uses: actions/setup-go@v4
	with:
	go-version: "^${{ env.GO_VERSION }}"

	- name: Setting Up protoc
	uses: arduino/setup-protoc@v2

	- name: Install protoc Plugins
	run: \|
	go install google.golang.org/protobuf/cmd/protoc-gen-go@latest
	go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest
	go install github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-grpc-gateway@latest
	go install github.com/fluffy-bunny/grpcdotnetgo/protoc-gen-go-di/cmd/protoc-gen-go-di

	# - name: go mod vendor
	# run: \|
	# go mod tidy -compat="${{ env.GO_VERSION }}"
	# go mod download
	# go mod vendor

	- name: make proto go
	run: \|
	protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative --grpc-gateway_out . --grpc-gateway_opt paths=source_relative --go-di_out=. --go-di_opt=paths=source_relative,grpc_gateway=true protoc-gen-go-di/helloworld/helloworld.proto
	protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative --grpc-gateway_out . --grpc-gateway_opt paths=source_relative --go-di_out=. --go-di_opt=paths=source_relative,grpc_gateway=true example/internal/grpcContracts/helloworld/helloworld.proto

	# - name: move vendor sub folders
	# run: \|
	# mv ./vendor/github.com/fluffy-bunny/sarulabsdi/genny/ ./genny/sarulabsdi/
	# rm -rf ./vendor/
	#
	# - name: Install Mockgen
	# run: \|
	# go install github.com/golang/mock/mockgen@latest
	#
	#
	# - name: Install genny
	# run: \|
	# go version
	# go install github.com/cheekybits/genny@latest
	#
	# - name: GO GENERATE
	# run: \|
	# go generate -x ./...
	# rm -rf ./genny/sarulabsdi/
	# go mod tidy -compat="${{ env.GO_VERSION }}"
	#
	# # NOTE: This will NOT trigger another run of CI.yml
	# - name: AutoCommit
	# uses: stefanzweifel/git-auto-commit-action@v4.16.0
	# with:
	# commit_message: Apply genny and mockgen changes
	###########################################################################
	# Test pkg for -race
	- name: Test
	run: \|
	go test -v ./... -race


	- name: Build
	run: \|
	go build -mod=mod -v -a -tags netgo -ldflags "-X 'main.version=${{ steps.tag_version.outputs.new_tag }}' -extldflags '-static'" ./example/cmd/server

	# https://github.com/actions/runner/issues/1353
	# -coverpkg not working in this project, but it does work elsewhere
	# go test -v ./... -cover -short -coverpkg=./... -coverprofile=coverage/cov.out -json > coverage/report.json
	- name: Generate coverage report and lint
	run: \|
	mkdir -p coverage
	go test -v ./... -cover -short -coverprofile=coverage/cov.out -json > coverage/report.json
	go tool cover -html=coverage/cov.out -o coverage/cov.html
	go tool cover -func=coverage/cov.out > coverage/byfunc.txt
	go install github.com/mgechev/revive@latest
	revive -config ./revive.toml -formatter default ./... > coverage/golint.txt


	- name: Upload coverage report
	uses: actions/upload-artifact@v3
	with:
	name: coverage-report
	path: coverage


	# Copied from https://github.com/remast/service_sonar/tree/feature/go-build
	# and https://dev.to/remast/go-for-sonarcloud-with-github-actions-3pmn
	sonar:
	name: SonarCloud Analysis
	runs-on: ubuntu-latest
	needs: [pre_flight,framework]

	steps:
	- uses: actions/checkout@v3
	- name: Download code coverage results
	uses: actions/download-artifact@v3
	with:
	name: coverage-report
	path: coverage
	- name: Update version in SonarCloud config
	run: \|
	echo "" >> sonar-project.properties
	echo "sonar.projectVersion=${{needs.pre_flight.outputs.new_tag}}" >> sonar-project.properties
	- name: Fix GoLint paths
	run: sed -i 's~${{ github.workspace }}~/github/workspace~g' coverage/golint.txt

	- name: Analyze with SonarCloud
	uses: sonarsource/sonarcloud-github-action@master
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}



	release:
	needs: [pre_flight,framework]
	runs-on: ubuntu-latest

	steps:
	- run: \|
	echo new_tag: ${{needs.pre_flight.outputs.new_tag}}
	echo changelog: ${{needs.pre_flight.outputs.changelog}}

	- name: Create a GitHub release
	uses: actions/create-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{needs.pre_flight.outputs.new_tag}}
	release_name: Release ${{needs.pre_flight.outputs.new_tag}}
	body: ${{needs.pre_flight.outputs.changelog}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE fixed and upgrade to latest #989

Workflow file

CVE fixed and upgrade to latest #989

Jobs

Run details

Workflow file for this run