repo: Some fixes reported by CodeQL #1348
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CIRCL | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
amd64_job: | |
name: Go-${{matrix.GOVER}}/amd64 | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
GOVER: ['1.23', '1.22'] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go-${{ matrix.GOVER }} | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.GOVER }} | |
- name: Linting | |
uses: golangci/golangci-lint-action@v4 | |
with: | |
version: v1.56.2 | |
args: --config=./.etc/golangci.yml ./... | |
- name: Check shadowing | |
run: | | |
go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@latest | |
go vet -vettool=$(which shadow) ./... 2>&1 | awk -f .etc/action.awk | |
shell: bash | |
- name: Verifying Code | |
run: | | |
go generate -v ./... | |
test -z "$(git status --porcelain)" | |
go vet ./... | |
shell: bash | |
- name: Building | |
run: go build -v ./... | |
- name: Testing | |
run: go test -v -count=1 ./... | |
exotic_job: | |
name: Go-${{matrix.CFG[2]}}/${{matrix.CFG[0]}} | |
needs: [amd64_job] | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
CFG: [[arm64, arm64v8, '1.23']] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Enabling Docker Experimental | |
run: | | |
echo $'{\n "experimental": true\n}' | sudo tee /etc/docker/daemon.json | |
sudo service docker restart | |
- name: Pulling Images | |
run: | | |
docker pull -q multiarch/qemu-user-static | |
docker pull -q --platform linux/${{matrix.CFG[0]}} ${{matrix.CFG[1]}}/golang:${{matrix.CFG[2]}} | |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | |
- name: Testing | |
run: | | |
docker run --rm -v `pwd`:`pwd` -w `pwd` ${{matrix.CFG[1]}}/golang:${{matrix.CFG[2]}} go test -v ./... | |
build_modes: | |
needs: [amd64_job] | |
runs-on: ubuntu-22.04 | |
name: Testing Build Modes | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Build as Static | |
run: make circl_static | |
- name: Build as Plugin | |
run: make circl_plugin | |
coverage_amd64_job: | |
needs: [amd64_job] | |
if: github.event_name == 'push' | |
runs-on: ubuntu-22.04 | |
name: amd64/coverage | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Produce Coverage | |
run: go test -coverprofile=./coverage.txt ./... | |
- name: Upload Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
file: ./coverage.txt | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
osCompat: | |
runs-on: ${{ matrix.os }} | |
needs: [amd64_job] | |
name: Running on ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [macos-latest, windows-latest] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Building | |
run: go build -v ./... | |
- name: Testing | |
run: go test -v -count=1 ./... | |
analyze: | |
name: Analyze with CodeQL | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: go | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
with: | |
category: "/language:go" |