From 26267b26811c71cbe9258494b0a3b73179b70ee2 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:05:44 +0800 Subject: [PATCH 1/4] run golangci-lint and govulncheck in CI workflow --- .github/workflows/test-deploy-publish.yml | 20 ++++++++++++++++++++ .golangci.yaml | 19 +++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 .golangci.yaml diff --git a/.github/workflows/test-deploy-publish.yml b/.github/workflows/test-deploy-publish.yml index 5b16de8..40a2747 100644 --- a/.github/workflows/test-deploy-publish.yml +++ b/.github/workflows/test-deploy-publish.yml @@ -23,6 +23,26 @@ jobs: - name: Test run: docker compose -f actions-services.yml run --rm test ./scripts/test.sh + lint: + name: Lint and Vulnerability Scan + runs-on: ubuntu-latest + timeout-minutes: ${{ fromJSON(vars.DEFAULT_JOB_TIMEOUT_MINUTES) }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + check-latest: true + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: latest + working-directory: application + - name: govulncheck + run: | + go install golang.org/x/vuln/cmd/govulncheck@latest + govulncheck -C application ./... + deploy: name: Deploy to AWS Lambda needs: tests diff --git a/.golangci.yaml b/.golangci.yaml new file mode 100644 index 0000000..7cff435 --- /dev/null +++ b/.golangci.yaml @@ -0,0 +1,19 @@ +run: + timeout: 2m +linters: + disable-all: true + enable: +# - errcheck +# - gosimple +# - govet +# - ineffassign +# - staticcheck +# - unused + - bodyclose + - gocheckcompilerdirectives + - godox +# - gofmt +# - goimports +# - gosec +# - whitespace +# - usestdlibvars From db1d6ba1125ba57f9592b781afce345de5c45eab Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:08:26 +0800 Subject: [PATCH 2/4] remove working-directory from golangci-lint config --- .github/workflows/test-deploy-publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test-deploy-publish.yml b/.github/workflows/test-deploy-publish.yml index 40a2747..11eb198 100644 --- a/.github/workflows/test-deploy-publish.yml +++ b/.github/workflows/test-deploy-publish.yml @@ -37,7 +37,6 @@ jobs: uses: golangci/golangci-lint-action@v6 with: version: latest - working-directory: application - name: govulncheck run: | go install golang.org/x/vuln/cmd/govulncheck@latest From 1cf1411eb3fa092c52b04659161ad48400a0db60 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:08:37 +0800 Subject: [PATCH 3/4] require lint check --- .github/workflows/test-deploy-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-deploy-publish.yml b/.github/workflows/test-deploy-publish.yml index 11eb198..6ee1251 100644 --- a/.github/workflows/test-deploy-publish.yml +++ b/.github/workflows/test-deploy-publish.yml @@ -44,7 +44,7 @@ jobs: deploy: name: Deploy to AWS Lambda - needs: tests + needs: [ 'tests', 'lint' ] if: github.ref_name == 'main' || github.ref_name == 'develop' runs-on: ubuntu-latest strategy: @@ -71,7 +71,7 @@ jobs: build-and-publish: name: Build and Publish - needs: tests + needs: [ 'tests', 'lint' ] runs-on: ubuntu-latest steps: - name: Checkout code From 7f9a1c398b376045e22b6c21064b2a18f62e58ce Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:10:11 +0800 Subject: [PATCH 4/4] remove directory from govulncheck command --- .github/workflows/test-deploy-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-deploy-publish.yml b/.github/workflows/test-deploy-publish.yml index 6ee1251..cc342cc 100644 --- a/.github/workflows/test-deploy-publish.yml +++ b/.github/workflows/test-deploy-publish.yml @@ -40,7 +40,7 @@ jobs: - name: govulncheck run: | go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck -C application ./... + govulncheck ./... deploy: name: Deploy to AWS Lambda