Skip to content

Bump github/codeql-action from 3.26.13 to 3.27.0 #851

Bump github/codeql-action from 3.26.13 to 3.27.0

Bump github/codeql-action from 3.26.13 to 3.27.0 #851

Workflow file for this run

name: Checks
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
jobs:
Checks:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
disable-telemetry: true
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Setup Go environment
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
cache: true
go-version-file: go.mod
cache-dependency-path: '**/go.sum'
- name: Check go versions
uses: enterprise-contract/github-workflows/golang-version-check@main
- name: Test
run: make test
- name: Upload unit test coverage report
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: ./cover.out
flags: controller
- name: Upload api test coverage report
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: ./api_cover.out
flags: api
- name: Upload schema test coverage report
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: ./schema_cover.out
flags: schema
# If enterprisecontractpolicy_types.go is updated without a corresponding change to the crd
# an uncommitted change can show.
- name: Check for uncommitted changes
run: |
if ! git diff --exit-code -s; then
for f in $(git diff --exit-code --name-only); do
echo "::error file=$f,line=1,col=1,endColumn=1::File was modified in build"
done
exit 1
fi