Skip to content
CI - Go

fix: Enable docker.io and ghcr.io mirrors by default, cache registry volumes in CI #60

Sign in to view logs

fix: Enable docker.io and ghcr.io mirrors by default, cache registry volumes in CI

fix: Enable docker.io and ghcr.io mirrors by default, cache registry volumes in CI #60

Workflow file for this run

devantler-tech/reusable-workflows/.github/workflows/ci-go.yaml at 9349dbc8c59f25133b39531793046a732ffec3f9
name: CI - Go
on:
workflow_call:
inputs:
pr_owner:
required: false
type: string
description: "Pull request author login (used to disable auto-commit for bot PRs)"
secrets:
CODECOV_TOKEN:
required: false
description: "Codecov token for uploading coverage reports"
APP_PRIVATE_KEY:
description: "GitHub App Private Key"
required: true
### Required Workflow Triggers ###
pull_request:
merge_group:
##################################
concurrency:
group: "ci-go-${{ github.repository }}-${{ github.ref }}"
cancel-in-progress: true
permissions:
contents: read
packages: read
jobs:
# Detect if Go files changed to conditionally skip jobs for non-Go changes
changes:
name: 🔍 Detect Changes
runs-on: ubuntu-latest
# Ignore Required Workflow runs on the reusable-workflows repo itself
if: github.repository != 'devantler-tech/reusable-workflows'
permissions:
contents: read
pull-requests: read
outputs:
go: ${{ steps.filter.outputs.go }}
lintable: ${{ steps.filter.outputs.lintable }}
steps:
- name: 📄 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: 🔍 Filter paths
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: filter
with:
filters: |
go:
- '**/*.go'
- 'go.mod'
- 'go.sum'
- '.golangci.yml'
- '.golangci.yaml'
# Files lintable by MegaLinter Go flavor (excluding Go files which are covered above)
lintable:
# Languages
- '**/*.sh'
- '**/*.bash'
- '**/*.groovy'
- '**/*.gradle'
- '**/*.kt'
- '**/*.kts'
- '**/*.sql'
# Formats
- '**/*.css'
- '**/*.scss'
- '**/*.env'
- '.env*'
- '**/*.graphql'
- '**/*.gql'
- '**/*.html'
- '**/*.htm'
- '**/*.json'
- '**/*.md'
- '**/*.markdown'
- '**/*.proto'
- '**/*.xml'
- '**/*.yaml'
- '**/*.yml'
# Tooling formats
- '.github/workflows/**'
- '**/Dockerfile*'
- '**/*.dockerfile'
- '.editorconfig'
- '**/Chart.yaml'
- '**/values.yaml'
- '**/templates/**/*.yaml'
- '**/templates/**/*.yml'
# Linter config files (changes to these should trigger linting)
- '.mega-linter.yml'
- '.mega-linter.yaml'
- '.markdownlint.json'
- '.markdownlint.yaml'
- '.markdownlint.yml'
- '.yamllint.yml'
- '.yamllint.yaml'
- '.hadolint.yaml'
- '.hadolint.yml'
- '.cspell.json'
- 'cspell.json'
- '.vale.ini'
- '.prettierrc'
- '.prettierrc.*'
- 'lychee.toml'
- '.ls-lint.yml'
- '.secretlintrc.*'
- '.gitleaksignore'
tidy:
name: 📦 Tidy
runs-on: ubuntu-latest
needs: [changes]
# Skip if no Go files changed or on main/master branches or on reusable-workflows repo or in merge queue
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& needs.changes.outputs.go == 'true'
&& github.ref != 'refs/heads/main'
&& github.ref != 'refs/heads/master'
&& github.event_name != 'merge_group'
permissions:
contents: write
pull-requests: write
steps:
- name: 🔑 Generate GitHub App Token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token
with:
app_id: ${{ vars.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: 📄 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: true
token: ${{ steps.generate-token.outputs.token }}
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 🧹 go mod tidy
run: go mod tidy
- name: 💾 Commit and push applied linter fixes
if: |
!contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), github.event.pull_request.user.login)
&& !contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), inputs.pr_owner)
uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
with:
commit_message: "chore: tidy go modules"
commit_user_name: tidy-bot
commit_user_email: [email protected]
golangci-lint:
name: 🧹 Lint - golangci-lint
runs-on: ubuntu-latest
needs: [changes]
# Skip if no Go files changed or on reusable-workflows repo
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& needs.changes.outputs.go == 'true'
permissions:
contents: write
pull-requests: write
steps:
- name: 🔑 Generate GitHub App Token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token
with:
app_id: ${{ vars.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: 📄 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: true
token: ${{ steps.generate-token.outputs.token }}
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 🧹 Run golangci-lint
id: golangci-lint
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
with:
version: v2.6.2
args: --fix
- name: 💾 Commit and push applied linter fixes
if: |
github.event_name != 'merge_group'
&& !contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), github.event.pull_request.user.login)
&& !contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), inputs.pr_owner)
uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
with:
commit_message: "chore: apply golangci-lint fixes"
commit_user_name: golangci-lint-bot
commit_user_email: [email protected]
lint:
name: 🧹 Lint - mega-linter
runs-on: ubuntu-latest
needs: [changes]
# Run if Go files OR other lintable files changed (markdown, yaml, json, etc.)
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& (needs.changes.outputs.go == 'true' || needs.changes.outputs.lintable == 'true')
permissions:
contents: write
issues: write
pull-requests: write
steps:
- name: 🔑 Generate GitHub App Token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token
with:
app_id: ${{ vars.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- name: 📄 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: true
token: ${{ steps.generate-token.outputs.token }}
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 🧹 Lint
id: ml
uses: oxsecurity/megalinter/flavors/go@42bb470545e359597e7f12156947c436e4e3fb9a # v9.3.0
env:
VALIDATE_ALL_CODEBASE: true
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLY_FIXES: all
APPLY_FIXES_EVENT: all
APPLY_FIXES_MODE: commit
- name: Commit and push applied linter fixes
if: |
github.event_name != 'merge_group'
&& !contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), github.event.pull_request.user.login)
&& !contains(fromJSON('["dependabot[bot]","dependabot","renovate[bot]","renovatebot","renovate"]'), inputs.pr_owner)
uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7.1.0
with:
commit_message: "chore: Apply megalinter fixes"
commit_user_name: megalinter-bot
commit_user_email: [email protected]
build:
name: 🏗️ Build
runs-on: ubuntu-latest
needs: [changes]
# Skip if no Go files changed or on reusable-workflows repo
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& needs.changes.outputs.go == 'true'
permissions:
contents: write
steps:
- name: 📑 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 🛠️ Build
run: go build -v ./...
test:
name: 🧪 Test
runs-on: ubuntu-latest
needs: [changes]
# Skip if no Go files changed or on reusable-workflows repo
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& needs.changes.outputs.go == 'true'
permissions:
contents: write
steps:
- name: 📑 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 🧪 Test
run: |
go test ./...
coverage:
name: 📊 Code Coverage
runs-on: ubuntu-latest
needs: [changes]
# Skip if no Go files changed or on reusable-workflows repo
if: |
github.repository != 'devantler-tech/reusable-workflows'
&& needs.changes.outputs.go == 'true'
permissions:
contents: write
steps:
- name: 📑 Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: ⚙️ Setup Go
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
with:
go-version: 1.25.6
- name: 👨🏻‍🔧 Enable covdata (temp) see https://github.com/golang/go/issues/75031
run: go env -w GOTOOLCHAIN=go1.25.0+auto
- name: 📄 Generate coverage
run: |
go test -race -coverprofile=coverage.txt -covermode=atomic ./...
- name: 📄 Upload coverage to Codecov
uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
with:
token: ${{ secrets.CODECOV_TOKEN }}