Update module golang.org/x/net to v0.33.0 [SECURITY] #1356
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Workflow to run tests, publish coverage to codecov and run SonarCloud scan | |
name: Test | |
# Run for events in main repository (for forked repository look in test-for-fork.yml) | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
test: | |
# don't run for forks | |
if: github.event_name == 'push' || | |
(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || | |
github.event_name == 'workflow_dispatch' | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macOS-latest] | |
steps: | |
- name: Set up Go 1.20+ | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "^1.20" | |
check-latest: true | |
- run: go version | |
# Checks-out repository under $GITHUB_WORKSPACE with tags and history (needed by "SonarCloud Scan" step) | |
- name: Full checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Full clone for SonarCloud | |
# Build everything | |
- name: Run a build | |
run: go build ./... | |
shell: bash | |
# Runs a single command using the runners shell, -p1 for `race: limit on 8128 simultaneously alive goroutines is exceeded, dying` at macos | |
- name: Run a test | |
run: go test -v -race ./... -coverpkg=./... -covermode=atomic -coverprofile=./coverage.txt -json > ./report.json | |
shell: bash | |
- name: Dump test report | |
if: always() | |
run: cat ./report.json | |
shell: bash | |
- name: Prepare upload files | |
run: | | |
mkdir -p ./outputs | |
cp ./coverage.txt ./outputs/${{ matrix.os }}.coverage.txt | |
cp ./report.json ./outputs/${{ matrix.os }}.report.json | |
shell: bash | |
- name: Upload coverage and report files | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ hashFiles('./outputs') || 'none' }} | |
path: ./outputs | |
retention-days: 1 | |
if-no-files-found: warn | |
coverage-sonar-cloud-scan: | |
needs: test | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: ./outputs | |
- name: Prepare coverage and report files | |
run: | | |
mkdir -p .tmp/coverage | |
mkdir -p .tmp/report | |
find ./outputs -name "*.coverage.txt" -exec sh -c 'cp $1 .tmp/coverage/$(echo $1 | sed "s/[\/.]/-/g" ).coverage.txt' _ {} \; | |
find ./outputs -name "*.report.json" -exec sh -c 'cp $1 .tmp/report/$(echo $1 | sed "s/[\/.]/-/g" ).report.json' _ {} \; | |
- name: Code coverage | |
uses: codecov/codecov-action@v4.0.0-beta.3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
directory: .tmp/ | |
- name: SonarCloud Scan | |
uses: SonarSource/sonarcloud-github-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
# test on oldest supported major Go version | |
test1_20: | |
# don't run for forks | |
if: github.event_name == 'push' || | |
(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || | |
github.event_name == 'workflow_dispatch' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Go 1.20 | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "~1.20" | |
- run: go version | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run a build | |
run: go build ./... | |
- name: Run a test | |
run: go test -v -race ./... -coverpkg=./... -covermode=atomic -coverprofile=./coverage.txt |