add linter workflow

odacremolbap · odacremolbap · commit 6af723a695a5 · 2022-10-18T22:37:32.000+02:00
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -0,0 +1,53 @@
+name: CodeQL scanning
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+  - cron: '0 0 * * 0'  # At 00:00 every Sunday
+jobs:
+
+  codeql:
+    runs-on: ubuntu-latest
+    env:
+      # Force CodeQL to run the extraction on the files compiled by our custom
+      # build command, as opposed to letting the autobuilder figure it out.
+      # This approach is more efficient because TriggerMesh is composed of
+      # multiple small programs.
+      CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'on'
+
+    permissions:
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Set up Go
+      uses: actions/setup-go@v3
+      with:
+        go-version: 1.19.x
+
+    - name: Go caches
+      uses: actions/cache@v3
+      with:
+        path: |
+          ~/.cache/go-build
+          ~/go/pkg/mod
+        key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ github.job }}-${{ runner.os }}-go-
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: go
+
+    - name: Build Go code
+      run: go build ./cmd/...
+
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/static.yaml b/.github/workflows/static.yaml
@@ -0,0 +1,39 @@
+name: Static code analysis
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+
+  lint-code:
+    name: Code Linting
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set up Go
+      uses: actions/setup-go@v3
+      with:
+        go-version: 1.19.x
+
+    # This action takes care of caching/restoring modules and build caches.
+    # Therefore, this step should remain the first one that is executed after
+    # the Go setup, in case other steps are added to this job in the future.
+    - name: Lint Go code
+      uses: golangci/golangci-lint-action@v3
+      with:
+        # (hack) By default, errors are reported to the GitHub commit view only
+        # (or the "Files changed" tab on PRs). We also want errors to be logged
+        # with line numbers to the execution logs of the workflow.
+        #
+        # The args below result in the following flags being passed to the
+        # linter command, which works, quite surprisingly:
+        #   --out-format=github-actions --out-format=colored-line-number
+        #
+        # Ref. https://github.com/golangci/golangci-lint-action/issues/119#issuecomment-981090648
+        args: --out-${NO_FUTURE}format=colored-line-number --timeout 15m
+
