-
Notifications
You must be signed in to change notification settings - Fork 0
94 lines (87 loc) · 2.8 KB
/
push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# GitHub recommends pinning actions to a commit SHA.
# To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning.
name: Push CI Pipeline
on:
push:
branches: ["develop", "main", "release/*"]
jobs:
changed-services:
runs-on: ubuntu-latest
outputs:
services: ${{ steps.changed-services.outputs.services }}
services_count: ${{ steps.changed-services.outputs.services_count }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2
- uses: actions/setup-go@v5
with:
go-version: 1.22
- run: go mod tidy
- uses: actions/setup-node@v4.1.0
with:
node-version: 20
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
with:
json: true
escape_json: false
- name: Get changed services that should rebuild
id: changed-services
uses: ./.github/actions/changed-services
with:
changed-files: ${{ steps.changed-files.outputs.all_changed_files }}
base-repository: ventive/go-mono-template
lint:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "1.21"
cache: true
- name: golangci-lint
uses: golangci/golangci-lint-action@ec5d18412c0aeab7936cb16880d708ba2a64e1ae
with:
# Require: The version of golangci-lint to use.
# When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
# When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
version: v1.55.2
args: --timeout=30m
skip-cache: true
test:
needs: [lint]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "1.22"
cache: true
- name: Test
uses: robherley/go-test-action@v0.6.0
vulncheck:
needs: [test, changed-services]
if: needs.changed-services.outputs.services_count != 0
strategy:
fail-fast: false
matrix:
service: ${{ fromJSON(needs.changed-services.outputs.services) }}
uses: ./.github/workflows/govulncheck.yml
with:
workspace: ${{ matrix.service }}
secrets: inherit
build_and_publish_images:
needs: [vulncheck, changed-services]
if: needs.changed-services.outputs.services_count != 0
strategy:
fail-fast: false
matrix:
service: ${{ fromJSON(needs.changed-services.outputs.services) }}
uses: ./.github/workflows/ghcr.yml
with:
workspace: ${{ matrix.service }}
secrets: inherit