Fixing GitHub Actions workflows #262
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI Tests | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| permissions: | |
| contents: read | |
| checks: write # For test reporting | |
| pull-requests: write # For PR comments | |
| env: | |
| CGO_ENABLED: 1 # Required for race detection in tests | |
| jobs: | |
| # Matrix strategy for testing multiple Go versions efficiently | |
| test: | |
| name: Test Go ${{ matrix.go-version }} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| go-version: ['1.23', '1.24'] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go ${{ matrix.go-version }} | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: ${{ matrix.go-version }} | |
| check-latest: true | |
| cache: true # Enable caching for better performance | |
| cache-dependency-path: | | |
| go.sum | |
| go.mod | |
| - name: Download dependencies | |
| run: go mod download | |
| - name: Verify dependencies | |
| run: go mod verify | |
| - name: Build | |
| run: go build -v ./... | |
| - name: Run tests | |
| env: | |
| CGO_ENABLED: 1 | |
| run: | | |
| go test -v -race -coverprofile=coverage-${{ matrix.go-version }}.out -covermode=atomic ./... | |
| - name: Upload coverage to Codecov | |
| if: matrix.go-version == '1.23' # Only upload once | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| file: ./coverage-${{ matrix.go-version }}.out | |
| fail_ci_if_error: false | |
| # Integration tests (if you have any) | |
| integration: | |
| name: Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.event_name == 'pull_request' || github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run integration tests | |
| run: | | |
| # Add integration test commands here when available | |
| echo "Integration tests would run here" | |
| # Security scanning | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run Gosec Security Scanner | |
| run: | | |
| go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest | |
| gosec -no-fail -fmt sarif -out results.sarif ./... | |
| continue-on-error: true # Don't fail the job on security issues, just report them | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: results.sarif |