Setup scorecard workflow #1645
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: test | |
on: | |
pull_request: {} | |
env: | |
LINUX_ARCHES: "amd64 386 arm arm64 s390x mips64le ppc64le riscv64" | |
jobs: | |
lint: | |
permissions: | |
contents: read # for actions/checkout to fetch code | |
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests | |
name: Lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: setup go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1 | |
with: | |
format: auto | |
- uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 | |
with: | |
version: v1.61.0 | |
args: -v | |
verify-vendor: | |
name: Verify vendor directory | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
- name: Check module vendoring | |
run: | | |
go mod tidy | |
go mod vendor | |
test -z "$(git status --porcelain)" || (echo "please run 'go mod tidy && go mod vendor', and submit your changes"; exit 1) | |
build: | |
name: Build all linux architectures | |
needs: lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: setup go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- name: Build on all supported architectures | |
run: | | |
set -e | |
for arch in ${LINUX_ARCHES}; do | |
echo "Building for arch $arch" | |
GOARCH=$arch ./build_linux.sh | |
rm bin/* | |
done | |
test-linux: | |
name: Run tests on Linux amd64 | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install kernel module | |
run: | | |
sudo apt-get update | |
sudo apt-get install linux-modules-extra-$(uname -r) | |
- name: Install nftables | |
run: sudo apt-get install nftables | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: setup go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- name: Set up Go for root | |
run: | | |
sudo ln -sf `which go` `sudo which go` || true | |
sudo go version | |
- name: Install test binaries | |
run: | | |
go install github.com/containernetworking/cni/cnitool@latest | |
go install github.com/mattn/goveralls@latest | |
go install github.com/modocache/gover@latest | |
- name: test | |
run: PATH=$PATH:$(go env GOPATH)/bin COVERALLS=1 ./test_linux.sh | |
- name: Send coverage to coveralls | |
env: | |
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
PATH=$PATH:$(go env GOPATH)/bin | |
gover | |
goveralls -coverprofile=gover.coverprofile -service=github | |
test-win: | |
name: Build and run tests on Windows | |
needs: build | |
runs-on: windows-latest | |
steps: | |
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: setup go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
go-version-file: go.mod | |
- name: test | |
run: bash ./test_windows.sh |