build(deps): bump tj-actions/verify-changed-files from bbd436f8e34e14fee2a0f7bc5b14bcc6b40927cf to a8b2060139e12bd3f8b056005ea793d3a9d575f9 #5043
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Code Health | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| jobs: | |
| golangci: | |
| name: lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: false # see https://github.com/golangci/golangci-lint-action/issues/807 | |
| - name: golangci-lint | |
| uses: golangci/[email protected] | |
| with: | |
| version: v1.61.0 | |
| unit-tests: | |
| env: | |
| COVERAGE: coverage.out | |
| TEST_CMD: gotestsum --junitfile unit-tests.xml --format standard-verbose -- | |
| UNIT_TAGS: unit | |
| INTEGRATION_TAGS: integration | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| if: ${{ matrix.os=='ubuntu-latest' }} | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go install gotest.tools/gotestsum@latest | |
| - run: make unit-test | |
| - name: Test Summary | |
| id: test_summary | |
| uses: test-summary/[email protected] | |
| with: | |
| paths: unit-tests.xml | |
| if: always() && matrix.os == 'ubuntu-latest' | |
| fuzz-tests: | |
| env: | |
| COVERAGE: coverage.out | |
| TEST_CMD: gotestsum --format standard-verbose -- | |
| UNIT_TAGS: unit | |
| INTEGRATION_TAGS: integration | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go install gotest.tools/gotestsum@latest | |
| - run: make fuzz-normalizer-test | |
| libraryOwners: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Run check-library-owners | |
| run: make check-library-owners | |
| docs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Generate docs | |
| run: make gen-docs > /dev/null | |
| - name: Check for uncommitted files | |
| run: | | |
| export FILES= | |
| FILES=$(git ls-files -o -m --directory --exclude-standard --no-empty-directory) | |
| export LINES= | |
| LINES=$(echo "$FILES" | awk 'NF' | wc -l) | |
| if [ "$LINES" -ne 0 ]; then | |
| echo "Detected files that need to be committed:" | |
| echo "${FILES//^/ }" | |
| echo "" | |
| echo "Try running: make gen-docs" | |
| exit 1 | |
| fi | |
| actionlint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - uses: actions/checkout@v4 | |
| - name: Download actionlint | |
| id: get_actionlint | |
| run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) | |
| shell: bash | |
| - name: Check workflow files | |
| run: | | |
| echo "::add-matcher::.github/actionlint-matcher.json" | |
| ${{ steps.get_actionlint.outputs.executable }} -color | |
| shell: bash | |
| mocks: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Install go-mock | |
| run: go install github.com/golang/mock/mockgen@latest | |
| - name: Generate mocks | |
| run: make gen-mocks | |
| - name: Check for uncommitted files | |
| run: | | |
| export FILES= | |
| FILES=$(git ls-files -o -m --directory --exclude-standard --no-empty-directory) | |
| export LINES= | |
| LINES=$(echo "$FILES" | awk 'NF' | wc -l) | |
| if [ "$LINES" -ne 0 ]; then | |
| echo "Detected files that need to be committed:" | |
| echo "${FILES//^/ }" | |
| echo "" | |
| echo "Try running: make gen-mocks" | |
| exit 1 | |
| fi | |
| shellcheck: | |
| name: shellcheck | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - uses: actions/checkout@v4 | |
| - name: Run ShellCheck | |
| uses: bewuethr/shellcheck-action@v2 | |
| tidy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Run 'go mod tidy' | |
| run: go mod tidy | |
| - name: Check for uncommitted files | |
| run: | | |
| export FILES= | |
| FILES=$(git ls-files -o -m --directory --exclude-standard --no-empty-directory) | |
| export LINES= | |
| LINES=$(echo "$FILES" | awk 'NF' | wc -l) | |
| if [ "$LINES" -ne 0 ]; then | |
| echo "Detected files that need to be committed:" | |
| echo "${FILES//^/ }" | |
| echo "" | |
| echo "Try running: go mod tidy" | |
| exit 1 | |
| fi | |
| licensecheck: | |
| name: licensecheck | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: make devtools | |
| - run: ./build/ci/check-licenses.sh | |
| checktemplates: | |
| name: checktemplates | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: make check-templates | |
| verify_image: | |
| name: Build docker image | |
| runs-on: ubuntu-latest | |
| env: | |
| DOCKER_CLI_EXPERIMENTAL: enabled | |
| steps: | |
| - uses: GitHubSecurityLab/actions-permissions/monitor@v1 | |
| with: | |
| config: ${{ vars.PERMISSIONS_CONFIG }} | |
| - name: Check out the repo | |
| uses: actions/checkout@v4 | |
| - name: Linting | |
| uses: hadolint/[email protected] | |
| with: | |
| dockerfile: Dockerfile | |
| - name: Enable containerd image store | |
| uses: crazy-max/[email protected] | |
| with: | |
| version: v24.0.6 | |
| daemon-config: | | |
| { | |
| "features": { | |
| "containerd-snapshotter": true | |
| } | |
| } | |
| - name: Set up Docker Buildx | |
| uses: docker/[email protected] | |
| - name: Build image to dockerhub staging registry | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| tags: mongodb/atlas:test | |
| file: Dockerfile |