Skip to content
Go Build and Tests

Merge pull request #544 from gofogo/issue-543-i #45

Sign in to view logs

Merge pull request #544 from gofogo/issue-543-i

Merge pull request #544 from gofogo/issue-543-i #45

Workflow file for this run

.github/workflows/go.yml at ecc4989
name: 'Go Build and Tests'
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
REGISTRY_IMAGE: helmunittest/helm-unittest
GO_VERSION: 1.23.x
permissions:
contents: read
jobs:
full-test:
name: Full SDK and Tools Test
permissions:
# Needed to upload the results to github dashboard.
checks: write
issues: write
pull-requests: write
runs-on: ${{ matrix.os }}
strategy:
matrix:
# tests for target OS
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- name: Checkout
# https://github.com/actions/checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
# https://github.com/actions/setup-go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version: ${{ env.GO_VERSION }}
# Make results directory
- name: Install JUnit plugin for uploading testresults
run: |
mkdir -p test-results
# Install using go install
- name: Install JUnit plugin for uploading testresults
run: |
go install github.com/jstemmer/go-junit-report/v2@14d61e6e75e3f3c74551d757ad936e8e88014464 # v2.1.0
# Run tests with nice formatting. Save the coverage and junit test results in test-results
- name: Run tests with junit report
if: github.ref_name == github.event.repository.default_branch
run: |
go test ./... -coverprofile=test-results/coverage -v -covermode=atomic 2>&1 | go-junit-report -set-exit-code > test-results/go-test-report.xml
- name: Run tests on pull request
if: github.ref_name != github.event.repository.default_branch
run: |
go test ./... -coverprofile=test-results/coverage -v -covermode=atomic
- name: SonarCloud Scan
# https://github.com/sonarsource/sonarcloud-github-action
uses: sonarsource/sonarcloud-github-action@02ef91109b2d589e757aefcfb2854c2783fd7b19 # v4.0.0
if: matrix.os == 'ubuntu-latest' && env.SONAR_TOKEN != ''
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# Upload the original go test log as an artifact for later review.
- name: Upload Testlog
# https://github.com/EnricoMi/publish-unit-test-result-action
uses: EnricoMi/publish-unit-test-result-action@170bf24d20d201b842d7a52403b73ed297e6645b # v2.18.0
if: always() && matrix.os == 'ubuntu-latest'
with:
files: |
test-results/go-test-report.xml
validate_docker:
name: Build and Test Docker
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to ensure the job is executed.
statuses: write
runs-on: ubuntu-latest
needs:
- full-test
steps:
- name: Checkout
# https://github.com/actions/checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 1
- name: Setup go
# https://github.com/actions/setup-go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version: ${{ env.GO_VERSION }}
# Run docker-tests
- name: Build docker-test
run: |
make test-docker
- name: Retrieve versions
run: |
helmPluginVersion=$(sed -n -e 's/version:[ "]*\([^"]*\).*/\1/p' plugin.yaml)
echo "HELM_PLUGIN_VERSION=${helmPluginVersion}" >> $GITHUB_ENV
# Run trivy security
- name: Run Trivy vulnerability scanner
# https://github.com/aquasecurity/trivy-action
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
with:
image-ref: ${{ env.REGISTRY_IMAGE }}:${{ env.HELM_PLUGIN_VERSION }}
format: sarif
output: trivy-results.sarif
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
if: always()
with:
sarif_file: trivy-results.sarif