Skip to content

Commit

Permalink
ci: refactor building and linting
Browse files Browse the repository at this point in the history 
Signed-off-by: Jorge <jorge@garnet.ai>
  • Loading branch information
@jorge-garnet
jorge-garnet committed Jan 30, 2025
1 parent 15f4a34 commit c1a0d8d
Show file tree
Hide file tree
Showing 11 changed files with 296 additions and 175 deletions.
17 changes: 17 additions & 0 deletions .github/actionlint-matcher.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"problemMatcher": [
{
"owner": "actionlint",
"pattern": [
{
"regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$",
"file": 1,
"line": 2,
"column": 3,
"message": 4,
"code": 5
}
]
}
]
}
2 changes: 2 additions & 0 deletions .github/actionlint.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
self-hosted-runner:
labels:
21 changes: 21 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "gomod" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
# Maintain dependencies for GitHub Actions
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "weekly"
119 changes: 102 additions & 17 deletions .github/workflows/build.yml → .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,16 @@
name: cross-building

name: Build and test components
on:
push:
branches: ["main"]
workflow_dispatch:
pull_request:
branches: ["main"]
push:
branches:
- main
tags:
- v*
# Cancel any running jobs for PRs on a new commit
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}

jobs:
build:
Expand All @@ -17,10 +23,8 @@ jobs:
- windows
runs-on: ubuntu-latest
continue-on-error: true

permissions:
contents: write

steps:
- uses: actions/checkout@v4
with:
Expand All @@ -38,7 +42,7 @@ jobs:
- name: Set up Go ${{ matrix.go }}

Check failure on line 42 in .github/workflows/ci.yaml

View workflow job for this annotation

GitHub Actions / PR - Actionlint 

property "go" is not defined in object type {goos: string}
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
go-version-file: "go.mod"

- name: Print environment
id: vars
Expand Down Expand Up @@ -84,15 +88,9 @@ jobs:
uses: actions/upload-artifact@v4
with:
name: artifact-${{ matrix.goos }}
path: ./lstn
retention-days: 1

- name: Archive the artifact(s) for windows
if: ${{ matrix.goos == 'windows' }}
uses: actions/upload-artifact@v4
with:
name: artifact-${{ matrix.goos }}
path: ./lstn.exe
path: |
./lstn
./lstn.exe
retention-days: 1

version-darwin:
Expand Down Expand Up @@ -168,3 +166,90 @@ jobs:
run: |
file lstn.exe
.\lstn.exe version
test:
name: Run Go tests
permissions:
contents: read
strategy:
fail-fast: true
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Check out the source code
uses: actions/checkout@v4

- name: Set up Go
uses: actions/setup-go@v5

- name: Download Go modules
run: go mod download

- name: Run tests
run: go test -race ./...

release:
name: Create official release
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
permissions:
id-token: write
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Avoid running against a shallow clone

- name: Force fetch upstream tags
run: git fetch --force --tags

- name: Set up Go
uses: actions/setup-go@v5

- name: Install cosign
uses: sigstore/cosign-installer@v3.4.0
with:
cosign-release: "v2.2.3"

- name: Install syft
uses: anchore/sbom-action/download-syft@v0.13.3

- name: Release
uses: goreleaser/goreleaser-action@v4

Check failure on line 220 in .github/workflows/ci.yaml

View workflow job for this annotation

GitHub Actions / PR - Actionlint 

the runner of "goreleaser/goreleaser-action@v4" action is too old to run on GitHub Actions. update the action's version to fix this issue
with:
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COSIGN_EXPERIMENTAL: 1

- name: Create release for tag
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/v')
id: release
with:
generate_release_notes: true
make_latest: true

# this job provides the single required status for PRs to be merged into main.
# instead of updating the protected branch status in github, developers can update the needs section below
# to require additional status checks to protect main.
# the job uses the alls-green action to get around the github issue that treats a "skipped" required status check
# as passed. github will skip a job if an upstream needed job fails, which would defeat the purpose of this required
# status check.
test-required-checks-complete:
# note: this step always has to run in order to check if the dependent jobs passed. by default github skips running a job
# if the needed jobs upstream failed.
if: always()
needs:
- build
name: Build checks complete
runs-on: ubuntu-latest
permissions: {}
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}
146 changes: 146 additions & 0 deletions .github/workflows/lint.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
name: Lint PRs
on:
pull_request:
types:
- opened
- edited
- synchronize
- reopened
- labeled
workflow_dispatch:

jobs:
hadolint-pr:
runs-on: ubuntu-latest
name: PR - Hadolint
steps:
- uses: actions/checkout@v4
- uses: reviewdog/action-hadolint@v1

shellcheck-pr:
runs-on: ubuntu-latest
name: PR - Shellcheck
steps:
- uses: actions/checkout@v4
- uses: ludeeus/action-shellcheck@master

- name: Run shellcheck
uses: reviewdog/action-shellcheck@v1.27.0
env:
reporter: github-pr-review
pattern: |
*.sh
*.bash
fail_on_error: true

actionlint-pr:
runs-on: ubuntu-latest
name: PR - Actionlint
steps:
- uses: actions/checkout@v4
- run: |
echo "::add-matcher::.github/actionlint-matcher.json"
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
./actionlint -color -shellcheck=
shell: bash
docslint-pr:
runs-on: ubuntu-latest
name: PR - Markdownlint
steps:
- uses: actions/checkout@v4
- name: Run markdownlint
uses: actionshub/markdownlint@v3.1.4

golangci:
name: PR - Go lint
runs-on: ubuntu-latest
permissions:
# Required: allow read access to the content for analysis.
contents: read
# Optional: allow read access to pull request. Use with `only-new-issues` option.
pull-requests: read
# Optional: allow write access to checks to allow the action to annotate code in the PR.
checks: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "^1.23"

- name: Lint reviewdog
if: github.event_name == 'pull_request'
uses: reviewdog/action-golangci-lint@v2
with:
golangci_lint_version: v1.62.0
golangci_lint_flags: --timeout=10m0s

- name: Lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.62.0
args: --timeout=10m0s

prchecker-lint:
runs-on: ubuntu-latest
# Can only be invoked on PRs
if: github.event_name == 'pull_request'
name: PR - Check title format
steps:
- uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
# Configure which types are allowed (newline-delimited).
# Default: https://github.com/commitizen/conventional-commit-types
types: |
chore
fix
feat
build
ci
docs
perf
refactor
test
# Configure that a scope does not have to be provided.
requireScope: false
# If the PR contains one of these newline-delimited labels, the
# validation is skipped. If you want to rerun the validation when
# labels change, you might want to use the `labeled` and `unlabeled`
# event triggers in your workflow.
ignoreLabels: |
ci
automerge
dependencies
# this job provides the single required status for PRs to be merged into main.
# instead of updating the protected branch status in github, developers can update the needs section below
# to require additional status checks to protect main.
# the job uses the alls-green action to get around the github issue that treats a "skipped" required status check
# as passed. github will skip a job if an upstream needed job fails, which would defeat the purpose of this required
# status check.
test-required-checks-complete:
# note: this step always has to run in order to check if the dependent jobs passed. by default github skips running a job
# if the needed jobs upstream failed.
if: always()
needs:
- hadolint-pr
- shellcheck-pr
- actionlint-pr
- docslint-pr
- golangci
- prchecker-lint
name: Linting checks complete
runs-on: ubuntu-latest
permissions: {}
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
allowed-skips: prchecker-lint
jobs: ${{ toJSON(needs) }}
43 changes: 0 additions & 43 deletions .github/workflows/lint.yml
View file

This file was deleted.

Loading

0 comments on commit c1a0d8d

Please # to comment.