Skip to content

[Snyk] Security upgrade golang from 1.21.12-alpine3.20 to alpine3.20 … #879

[Snyk] Security upgrade golang from 1.21.12-alpine3.20 to alpine3.20 …

[Snyk] Security upgrade golang from 1.21.12-alpine3.20 to alpine3.20 … #879

Workflow file for this run

name: "SSAS CI Workflow"
on: [push]
jobs:
lint:
name: Modules Lint
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Tidy modules
run: |
go mod tidy -v
CHANGES_FOUND=$(git diff-files --quiet)
if [[ "$(CHANGES_FOUND)" == "1" ]]; then
echo "Changes found. Run go mod tidy to clean up modules."
git diff
exit 1
fi
build:
name: "Build and Test"
runs-on: ubuntu-latest
steps:
- name: "Checkout code"
uses: actions/checkout@v1
- name: "Build the stack"
run: |
make docker-bootstrap
- name: "Run all tests"
run: |
make test
- name: Archive code coverage results
uses: actions/upload-artifact@v3
with:
name: code-coverage-report
path: ./test_results/latest/testcoverage.out
sonar-quality-gate:
name: Sonarqube Quality Gate
needs: build
runs-on: self-hosted
env:
# Workaround until https://jira.cms.gov/browse/PLT-338 is implemented.
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: "true"
steps:
- name: Download code coverage
uses: actions/download-artifact@v3
with:
name: code-coverage-report
- name: Set env vars from AWS params
uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main
env:
AWS_REGION: ${{ vars.AWS_REGION }}
with:
params: |
SONAR_HOST_URL=/sonarqube/url
SONAR_TOKEN=/sonarqube/token
- name: Run quality gate scan
uses: sonarsource/sonarqube-scan-action@master
with:
args: -Dsonar.projectKey=bcda-ssas-api
-Dsonar.sources=. -Dsonar.go.coverage.reportPaths=./test_results/latest/testcoverage.out
-Dsonar.coverage.exclusions=**/*test.go,**/test/**/*,**/testUtils/*,**/scripts/*,**/ops/*,**/mock*.go
-Dsonar.branch.name=${{ github.event.pull_request.head.ref }} -Dsonar.projectVersion=${{ github.event.pull_request.head.sha }}