From 02b3ca3432ded5ecc34ba10c90017113835a1ec0 Mon Sep 17 00:00:00 2001 From: Corey Daley Date: Wed, 18 Oct 2023 07:25:31 -0400 Subject: [PATCH] update GitHub workflows (#251) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## What type of PR is this? (check all applicable) - [x] Refactor - [ ] Feature - [ ] Bug Fix - [ ] Optimization - [ ] Documentation Update - [ ] Go Version Update - [ ] Dependency Update ## Description ## Related Tickets & Documents - Related Issue # - Closes # ## Added/updated tests? - [ ] Yes - [ ] No, and this is why: _please replace this line with details on why tests have not been included_ - [ ] I need help with writing tests ## Run verifications and test - [x] `make verify` is passing - [x] `make test` is passing --- .github/workflows/issues.yml | 2 +- .github/workflows/security.yml | 37 ++++++++++++++++++++++++++++++++++ .github/workflows/test.yml | 30 +++++---------------------- .github/workflows/verify.yml | 32 +++++++++++++++++++++++++++++ go.mod | 2 +- 5 files changed, 76 insertions(+), 27 deletions(-) create mode 100644 .github/workflows/security.yml create mode 100644 .github/workflows/verify.yml diff --git a/.github/workflows/issues.yml b/.github/workflows/issues.yml index 8be6ced..768b05b 100644 --- a/.github/workflows/issues.yml +++ b/.github/workflows/issues.yml @@ -1,4 +1,4 @@ -# Add issues or pull-requests created to the project. +# Add all the issues created to the project. name: Add issue or pull request to Project on: diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..ff4a613 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,37 @@ +name: Security +on: + push: + branches: + - main + pull_request: + branches: + - main +permissions: + contents: read +jobs: + scan: + strategy: + matrix: + go: ['1.20','1.21'] + fail-fast: true + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v3 + + - name: Setup Go ${{ matrix.go }} + uses: actions/setup-go@v4 + with: + go-version: ${{ matrix.go }} + cache: false + + - name: Run GoSec + uses: securego/gosec@master + with: + args: -exclude-dir examples ./... + + - name: Run GoVulnCheck + uses: golang/govulncheck-action@v1 + with: + go-version-input: ${{ matrix.go }} + go-package: ./... diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a93d214..50a3946 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,4 +1,4 @@ -name: CI +name: Test on: push: branches: @@ -6,15 +6,13 @@ on: pull_request: branches: - main - permissions: contents: read - jobs: - verify-and-test: + unit: strategy: matrix: - go: ['1.19','1.20'] + go: ['1.20','1.21'] os: [ubuntu-latest, macos-latest, windows-latest] fail-fast: true runs-on: ${{ matrix.os }} @@ -28,28 +26,10 @@ jobs: go-version: ${{ matrix.go }} cache: false - - name: Run golangci-lint - uses: golangci/golangci-lint-action@v3 - with: - version: v1.53 - args: --timeout=5m - - - name: Run gosec - if: matrix.os == 'ubuntu-latest' - uses: securego/gosec@master - with: - args: ./... - - - name: Run govulncheck - uses: golang/govulncheck-action@v1 - with: - go-version-input: ${{ matrix.go }} - go-package: ./... - - - name: Run tests + - name: Run Tests run: go test -race -cover -coverprofile=coverage -covermode=atomic -v ./... - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: - files: ./coverage \ No newline at end of file + files: ./coverage diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml new file mode 100644 index 0000000..a3eb74b --- /dev/null +++ b/.github/workflows/verify.yml @@ -0,0 +1,32 @@ +name: Verify +on: + push: + branches: + - main + pull_request: + branches: + - main +permissions: + contents: read +jobs: + lint: + strategy: + matrix: + go: ['1.20','1.21'] + fail-fast: true + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v3 + + - name: Setup Go ${{ matrix.go }} + uses: actions/setup-go@v4 + with: + go-version: ${{ matrix.go }} + cache: false + + - name: Run GolangCI-Lint + uses: golangci/golangci-lint-action@v3 + with: + version: v1.53 + args: --timeout=5m diff --git a/go.mod b/go.mod index 79424f0..c9558d5 100644 --- a/go.mod +++ b/go.mod @@ -1,5 +1,5 @@ module github.com/gorilla/handlers -go 1.19 +go 1.20 require github.com/felixge/httpsnoop v1.0.3