Skip to content

EPSS enricher

EPSS enricher #5456

Workflow file for this run

---
name: CI
on:
push:
branches:
- main
pull_request:
branches:
- "**"
jobs:
gating-lints:
name: Gating Lints
runs-on: ubuntu-latest
steps:
- name: Commit Check
uses: gsactions/commit-message-checker@v2
with:
pattern: |
^[^:!]+: .+\n\n.*$
error: 'Commit must begin with <scope>: <subject>'
flags: 'gm'
excludeTitle: true
excludeDescription: true
checkAllCommitMessages: true
accessToken: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout
id: checkout
if: ${{ !cancelled() }}
uses: actions/checkout@v4
- name: Check Filenames
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
run: | # Check for all the characters Windows hates.
git ls-files -- ':/:*[<>:"|?*]*' | while read -r file; do
printf '::error file=%s,title=Bad Filename::Disallowed character in file name\n' "$file"
done
exit $(git ls-files -- ':/:*[<>:"|?*]*' | wc -l)
- name: Setup Go
id: 'setupgo'
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' }}
uses: actions/setup-go@v5
with:
go-version-file: ./go.mod
- name: Go Tidy
if: ${{ !cancelled() && steps.checkout.conclusion == 'success' && steps.setupgo.conclusion == 'success' }}
run: |
trap 'echo "::error file=go.mod,title=Tidy Check::Commit would leave go.mod untidy"' ERR
go mod tidy
git diff --exit-code
build-documentation:
name: Build Docs
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup mdBook
uses: peaceiris/actions-mdbook@v2
with:
mdbook-version: 'latest'
- name: mdBook Build
run: mdbook build
tests:
name: Tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
go:
- 'stable'
- 'oldstable'
steps:
- name: Check for Previous Run
id: previous
uses: actions/cache@v4
with:
path: ~/ok-by-run
key: commit-ok-${{ matrix.go }}-${{ github.sha }}
- name: Checkout
if: steps.previous.outputs.cache-hit != 'true'
uses: actions/checkout@v4
- uses: actions/setup-go@v5
if: steps.previous.outputs.cache-hit != 'true'
with:
go-version: ${{ matrix.go }}
- name: Cache Integration Assets
if: steps.previous.outputs.cache-hit != 'true'
uses: actions/cache@v4
with:
key: integration-assets-${{ hashFiles('**/*_test.go') }}
restore-keys: |
integration-assets-
path: |
~/.cache/clair-testing
- name: Tests
run: |
if test -f ~/ok-by-run; then
echo "::notice title=Commit Previously Passed::See $(cat ~/ok-by-run) (cache key 'commit-ok-${{ matrix.go }}-${{ github.sha }}')"
exit 0
fi
printf '%s/%s/actions/runs/%s/attempts/%s\n'\
"${GITHUB_SERVER_URL}" "${GITHUB_REPOSITORY}" "${GITHUB_RUN_ID}" "${GITHUB_RUN_ATTEMPT}"\
> ~/ok-by-run
find . -name .git -prune -o -name testdata -prune -o -name go.mod -printf '%h\n' |
while read -r dir; do (
cd "$dir"
go list -m
go mod download
go test -race ${RUNNER_DEBUG:+-v} "-coverprofile=${{ runner.temp }}/$(go list -m | tr / _).codecov.out" -covermode=atomic ./...
); done
- name: Codecov
if: >-
steps.previous.outputs.cache-hit != 'true' &&
success() &&
strategy.job-index == 0
uses: codecov/codecov-action@v5
with:
directory: ${{ runner.temp }}
override_branch: ${{ github.ref_name }}
- name: Database Logs
if: failure() || env.RUNNER_DEBUG == 1
run: |
sudo -u postgres psql -c 'SELECT version();'
sudo journalctl --unit postgresql.service --boot -0
ls /var/log/postgresql/postgresql-*.log
sudo cat /var/log/postgresql/postgresql-*.log