feat (detectExecuteScan) include side car conditions and use CPE from build steps to run docker scans #22644

Workflow file for this run

.github/workflows/verify-go.yml at 3e3b7de

	name: Go

	on:
	push:
	branches:
	- master
	pull_request:
	branches:
	- master

	jobs:
	unit:
	runs-on: ubuntu-latest
	steps:
	- uses: styfle/[email protected]
	- uses: actions/setup-go@v5
	with:
	go-version: '1.20.x'
	- name: Cache Golang Packages
	uses: actions/cache@v3
	with:
	path: ~/go/pkg/mod
	key: ${{ runner.os }}-golang-${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-golang-
	- name: checkout
	uses: actions/checkout@v4
	- name: unit-test
	id: unit-test
	run: go test -tags=unit ./... -coverprofile cover.out
	# run code coverage upload to code climate on main branch since PR branch will not have access to secret
	- name: unit-test-code-climate-upload
	if: ${{ (github.event_name != 'pull_request') \|\| (github.event.pull_request.head.repo.full_name == github.repository) }}
	uses: paambaati/codeclimate-action@v5
	env:
	CC_TEST_REPORTER_ID: ${{ secrets.CODE_CLIMATE_REPORTER_ID }}
	with:
	coverageLocations: cover.out:gocov
	# truncate package name from file paths in report
	prefix: github.com/SAP/jenkins-library/
	format:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/setup-go@v5
	with:
	go-version: '1.20.x'
	- name: Cache Golang Packages
	uses: actions/cache@v3
	with:
	path: ~/go/pkg/mod
	key: ${{ runner.os }}-golang-format${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-golang-format
	${{ runner.os }}-golang-
	- name: checkout
	uses: actions/checkout@v4
	- name: format
	run: go fmt ./...
	- name: verify
	run: git diff --exit-code
	lint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/setup-go@v5
	with:
	go-version: '1.20.x'
	# action requires [email protected]
	- name: checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 1
	- name: staticcheck
	uses: dominikh/[email protected]
	with:
	cache-key: ${{ runner.os }}-golang-staticcheck
	install-go: false
	generate:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/setup-go@v5
	with:
	go-version: '1.20.x'
	- name: Cache Golang Packages
	uses: actions/cache@v3
	with:
	path: ~/go/pkg/mod
	key: ${{ runner.os }}-golang-generate${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-golang-generate
	${{ runner.os }}-golang-
	- name: checkout
	uses: actions/checkout@v4
	- name: generate
	run: go run pkg/generator/step-metadata.go
	- name: verify
	run: git diff --exit-code
	dependencies:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/setup-go@v5
	with:
	go-version: '1.20.x'
	- name: Cache Golang Packages
	uses: actions/cache@v3
	with:
	path: ~/go/pkg/mod
	key: ${{ runner.os }}-golang-dependencies${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-golang-dependencies
	${{ runner.os }}-golang-
	- name: checkout
	uses: actions/checkout@v4
	- name: cleanup dependencies
	run: go mod tidy
	- name: verify
	run: git diff --name-only --exit-code

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat (detectExecuteScan) include side car conditions and use CPE from build steps to run docker scans #22644

Workflow file

feat (detectExecuteScan) include side car conditions and use CPE from build steps to run docker scans #22644

Jobs

Run details

Workflow file for this run