Initial PR-validation github action

rewantsoni · Jun 2, 2021 · 33b4e4b · 33b4e4b
1 parent 87b78f1
commit 33b4e4b
Show file tree

Hide file tree

Showing 3 changed files with 243 additions and 0 deletions.
diff --git a/.github/workflows/pr-validation.yaml b/.github/workflows/pr-validation.yaml
@@ -0,0 +1,96 @@
+name: PR Validation
+
+on: pull_request
+
+env:
+  NAME: "grafana-operator"
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v2.3.4
+      - name: Setup go
+        uses: actions/setup-go@v2
+        with:
+          go-version: "1.16"
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2.5.2
+        with:
+          version: "v1.40.1"
+
+  fmt:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v2.3.4
+      - name: Setup go
+        uses: actions/setup-go@v2
+        with:
+          go-version: "1.16"
+      - name: Run fmt
+        run: |
+          make fmt
+      - name: Check if working tree is dirty
+        run: |
+          if [[ $(git status --porcelain) ]]; then
+            git diff
+            echo 'run make fmt and commit changes'
+            exit 1
+          fi
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v2.3.4
+      - name: Setup go
+        uses: actions/setup-go@v2
+        with:
+          go-version: "1.16"
+      - name: Run test
+        run: |
+          make test
+
+  build-container:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v2.3.4
+      - name: Prepare
+        id: prep
+        run: |
+          VERSION=sha-${GITHUB_SHA::8}
+          if [[ $GITHUB_REF == refs/tags/* ]]; then
+            VERSION=${GITHUB_REF/refs\/tags\//}
+          fi
+          echo ::set-output name=BUILD_DATE::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+          echo ::set-output name=VERSION::${VERSION}
+      - uses: brpaz/hadolint-action@v1.5.0
+        with:
+          dockerfile: Dockerfile
+      - name: Cache container layers
+        uses: actions/cache@v2.1.6
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1.3.0
+      - name: Build and load (current arch)
+        run: |
+          docker buildx build --load -t ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }} .
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ${{ env.NAME }}:${{ steps.prep.outputs.VERSION }}
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -0,0 +1,144 @@
+run:
+  timeout: 4m
+
+linters:
+  disable-all: false
+  enable:
+    - gocyclo
+    - misspell
+    - nilerr
+    - unparam
+    - gosec
+    - unused
+    - govet
+    - gosimple
+    - errorlint
+    - errcheck
+    - dogsled
+    - cyclop
+    - exhaustive
+    - funlen
+    - nestif
+    - goconst
+    - gofmt
+    - revive
+    - lll
+    - makezero
+    - nakedret
+    - prealloc
+    - nolintlint
+    - staticcheck
+    - thelper
+    - whitespace
+
+linters-settings:
+  gocyclo:
+    min-complexity: 20
+
+  misspell:
+    locale: US
+
+  unused:
+    go: "1.16"
+
+  unparam:
+    check-exported: true
+
+  govet:
+    check-shadowing: false
+
+  gosimple:
+    go: "1.16"
+    checks: [ "all" ]
+
+  errorlint:
+    errorf: true
+    asserts: true
+    comparison: true
+
+  errcheck:
+    check-type-assertions: true
+    check-blank: true
+
+  dogsled:
+    max-blank-identifiers: 2
+
+  cyclop:
+    max-complexity: 15
+    package-average: 0.0
+    skip-tests: true
+
+  exhaustive:
+    check-generated: false
+    default-signifies-exhaustive: false
+
+  funlen:
+    lines: 80
+    statements: 50
+
+  nestif:
+    min-complexity: 5
+
+  goconst:
+    min-len: 3
+    min-occurrences: 3
+
+  gofmt:
+    simplify: true
+
+  revive:
+    ignore-generated-header: true
+    severity: warning
+
+  lll:
+    line-length: 140
+    tab-width: 1
+
+  makezero:
+    always: false
+
+  nakedret:
+    max-func-lines: 30
+
+  prealloc:
+    simple: true
+    range-loops: true
+    for-loops: false
+
+  nolintlint:
+    allow-unused: false
+    allow-leading-space: true
+    allow-no-explanation: []
+    require-explanation: true
+    require-specific: true
+
+  staticcheck:
+    go: "1.16"
+    checks: [ "all" ]
+
+  thelper:
+    test:
+      first: true
+      name: true
+      begin: true
+    benchmark:
+      first: true
+      name: true
+      begin: true
+    tb:
+      first: true
+      name: true
+      begin: true
+
+  whitespace:
+    multi-if: false
+    multi-func: false
+
+issues:
+  exclude-rules:
+    - path: _test\.go
+      linters:
+        - gocyclo
+        - funlen
+        - gocognit
+        - unparam
diff --git a/Makefile b/Makefile
@@ -123,6 +123,9 @@ bundle-build:
 code/check: fmt vet
 	golint ./...
 
+.PHONY: code/golangci-lint
+code/golangci-lint:
+	golangci-lint run ./...
 
 .PHONY: cluster/prepare/local/file
 cluster/prepare/local/file: