.github/workflows/ci.yml

name: CI

on:
  workflow_dispatch: {}
  push:
    branches:
      - main
    tags:
      - v[0-9]+.[0-9]+.[0-9]+*
  pull_request:
    branches:
      - main

permissions:
  contents: read

jobs:
  lint:
    name: Lint
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
      - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
        with:
          go-version-file: 'go.mod'

      - name: golangci-lint
        uses: golangci/golangci-lint-action@v3
        with:
          version: v1.54

  test:
    name: Test
    runs-on: ubuntu-latest
    strategy:
      matrix:
        go:
          - "1.19"
          - "1.20"
          - "1.21"
    steps:
      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
      - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
        with:
          go-version: ${{ matrix.go }}
      - name: Test
        run: make test

  vulncheck:
    name: Vulnerabilities check
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    steps:
      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
      - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
        with:
          go-version: ${{ matrix.go }}
      - name: Scan for Vulnerabilities in Code
        uses: Templum/govulncheck-action@6bb063b41d78c53c2fc7f5589828e30ad7c697ee

  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    steps:
      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
      - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
        with:
          go-version: ${{ matrix.go }}
      - name: Initialize CodeQL
        uses: github/codeql-action/init@1245696032ecf7d39f87d54daa406e22ddf769a8
        with:
          languages: go
          queries: +security-extended,security-and-quality
          ram: 4096
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@1245696032ecf7d39f87d54daa406e22ddf769a8
        with:
          category: '/language:go'
        