Lint (Go and Rust) #70446
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint (Go) | |
run-name: Lint (Go and Rust) | |
on: | |
pull_request: | |
merge_group: | |
jobs: | |
changes: | |
name: Check for relevant changes | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: read | |
outputs: | |
has_go: ${{ steps.changes.outputs.has_go }} | |
has_rust: ${{ steps.changes.outputs.has_rust }} | |
steps: | |
- name: Checkout | |
if: ${{ github.event_name == 'merge_group' }} | |
uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: changes | |
with: | |
base: ${{ github.event.pull_request.base.ref || github.event.merge_group.base_ref }} | |
ref: ${{ github.event.pull_request.head.ref || github.event.merge_group.head_ref }} | |
filters: | | |
has_go: | |
- '.github/workflows/lint.yaml' | |
- '**.go' | |
- 'go.mod' | |
- 'go.sum' | |
- 'build.assets/Makefile' | |
- 'build.assets/Dockerfile*' | |
- 'Makefile' | |
- '.golangci.yml' | |
has_rust: | |
- '.github/workflows/lint.yaml' | |
- '**.rs' | |
- 'Cargo.toml' | |
- 'Cargo.lock' | |
- 'build.assets/versions.mk' | |
- 'Makefile' | |
lint-go: | |
name: Lint (Go) | |
needs: changes | |
if: ${{ !startsWith(github.head_ref, 'dependabot/') && needs.changes.outputs.has_go == 'true' }} | |
runs-on: ubuntu-22.04-16core | |
permissions: | |
contents: read | |
container: | |
image: ghcr.io/gravitational/teleport-buildbox:teleport16 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run `go mod tidy` | |
run: rm go.sum api/go.sum && go mod tidy && (cd api && go mod tidy) | |
- name: Check for no changes after `go mod tidy` | |
# We have to add the current directory as a safe directory or else git commands will not work as expected. | |
run: git config --global --add safe.directory $( realpath . ) && git diff --exit-code -- go.mod go.sum api/go.mod api/go.sum | |
- name: Set linter versions | |
run: | | |
echo BUF_VERSION=$(cd build.assets; make print-buf-version) >> $GITHUB_ENV | |
echo GOLANGCI_LINT_VERSION=$(cd build.assets; make print-golangci-lint-version) >> $GITHUB_ENV | |
- name: Print linter versions | |
run: | | |
echo "BUF_VERSION=$BUF_VERSION" | |
echo "GOLANGCI_LINT_VERSION=$GOLANGCI_LINT_VERSION" | |
# Run various golangci-lint checks. | |
# TODO(codingllama): Using go.work could save a bunch of repetition here. | |
- name: golangci-lint (api) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
working-directory: api | |
args: --out-format=colored-line-number | |
skip-cache: true | |
- name: golangci-lint (teleport) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
args: --out-format=colored-line-number --build-tags libfido2,piv | |
skip-cache: true | |
- name: golangci-lint (assets/backport) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
working-directory: assets/backport | |
args: --out-format=colored-line-number | |
skip-cache: true | |
- name: golangci-lint (build.assets/tooling) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
working-directory: build.assets/tooling | |
args: --out-format=colored-line-number | |
skip-cache: true | |
- name: golangci-lint (integrations/terraform) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
working-directory: integrations/terraform | |
args: --out-format=colored-line-number | |
skip-cache: true | |
- name: golangci-lint (integrations/event-handler) | |
uses: golangci/golangci-lint-action@23faadfdeb23a6f9e511beaba149bb123b5b145a # v6.0.0 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
working-directory: integrations/event-handler | |
args: --out-format=colored-line-number | |
skip-cache: true | |
- uses: bufbuild/buf-setup-action@480a0ee8a588045b52a847b48138c6f377a89519 # v1.31.0 | |
with: | |
github_token: ${{ github.token }} | |
version: ${{ env.BUF_VERSION }} | |
- uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # v1.1.1 | |
- name: buf breaking from parent to self | |
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # v1.1.4 | |
with: | |
against: 'https://github.com/${GITHUB_REPOSITORY}.git#branch=${{ github.event.pull_request.base.sha || github.event.merge_group.base_sha }}' | |
- name: buf breaking from self to master | |
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # v1.1.4 | |
if: ${{ github.base_ref != 'master' && github.event.merge_group.base_ref != 'refs/heads/master' }} | |
with: | |
input: 'https://github.com/${GITHUB_REPOSITORY}.git#branch=master' | |
against: '.' | |
- name: Run (non-action) linters | |
run: make lint-no-actions | |
- name: Check if protos are up to date | |
# We have to add the current directory as a safe directory or else git commands will not work as expected. | |
run: git config --global --add safe.directory $(realpath .) && make protos-up-to-date/host | |
- name: Check if Operator CRDs are up to date | |
# We have to add the current directory as a safe directory or else git commands will not work as expected. | |
run: git config --global --add safe.directory $(realpath .) && make crds-up-to-date | |
- name: Check if derived functions are up to date | |
# We have to add the current directory as a safe directory or else git commands will not work as expected. | |
run: git config --global --add safe.directory $(realpath .) && make derive-up-to-date | |
lint-rust: | |
name: Lint (Rust) | |
runs-on: ubuntu-22.04 | |
needs: changes | |
if: ${{ !startsWith(github.head_ref, 'dependabot/') && needs.changes.outputs.has_rust == 'true' }} | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set Rust version | |
run: echo "RUST_VERSION=$(make -s -C build.assets print-rust-version)" >> $GITHUB_ENV | |
- name: Set up Rust | |
run: | | |
echo "Setting up Rust version ${RUST_VERSION}" | |
rustup toolchain install ${RUST_VERSION} --component rustfmt,clippy | |
rustup override set ${RUST_VERSION} | |
rustc --version | |
cargo --version | |
rustfmt --version | |
cargo clippy --version | |
- name: Run Rust linters | |
run: make lint-rust |