Skip to content
CI

bump version #248

Sign in to view logs

bump version

bump version #248

Workflow file for this run

.github/workflows/ci.yml at c99ac3b
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
go-tests:
runs-on: ubuntu-latest
env:
DATABASE_URL: postgres://postgres:postgres@localhost:55432/gateway_test?sslmode=disable
TEST_DATABASE_URL: postgres://postgres:postgres@localhost:55432/gateway_test?sslmode=disable
GOLANGCI_LINT_VERSION: v2.5.0
steps:
- uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: "1.25.x"
- name: Install libfido2 dependencies
run: |
sudo apt-get update
sudo apt-get install -y libfido2-dev libudev-dev pkg-config
- name: Install Task
run: |
curl -sL https://taskfile.dev/install.sh | sh -s -- -b /usr/local/bin
task --version
- name: Go deps
run: task go:deps
- name: Install Convox CLI
run: |
set -euo pipefail
ARCH=$(uname -m)
URL="https://github.com/convox/convox/releases/latest/download/convox-linux"
if [ "$ARCH" = "aarch64" ] || [ "$ARCH" = "arm64" ]; then
URL="https://github.com/convox/convox/releases/latest/download/convox-linux-arm64"
fi
curl -fsSL "$URL" -o /tmp/convox
sudo mv /tmp/convox /usr/local/bin/convox
sudo chmod 755 /usr/local/bin/convox
convox version || true
- name: Install Go tools
run: task go:tools
- name: Go tests
run: task go:test
lint:
runs-on: ubuntu-latest
env:
GOLANGCI_LINT_VERSION: v2.5.0
steps:
- uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: "1.25.x"
- name: Cache golangci-lint cache
uses: actions/cache@v4
with:
path: |
~/.cache/golangci-lint
key: golangci-${{ runner.os }}-${{ hashFiles('**/go.sum') }}
- name: Install libfido2 dependencies
run: |
sudo apt-get update
sudo apt-get install -y libfido2-dev libudev-dev pkg-config
- name: Install Task
run: |
curl -sL https://taskfile.dev/install.sh | sh -s -- -b /usr/local/bin
task --version
- name: Install golangci-lint
run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh \
| sudo sh -s -- -b /usr/local/bin "${GOLANGCI_LINT_VERSION}"
golangci-lint version
- name: Go deps (lint warmup)
run: task go:deps
- name: Verify golangci-lint config
run: task go:lint:config
- name: golangci-lint
uses: golangci/golangci-lint-action@v8
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
env:
CGO_ENABLED: 1
- name: Install jscpd for duplication checking
run: npm install -g jscpd
- name: Check code duplication
run: task duplication
- name: Check file length limits
run: task file-length
- name: Install shellcheck
run: sudo apt-get install -y shellcheck
- name: Shellcheck
run: task shellcheck
- name: Install govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest
- name: Check for vulnerabilities
run: task go:sec:vuln
- name: Install TruffleHog
run: |
curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin
- name: Scan for secrets
run: task go:sec:secrets
web-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: "1.3.1"
- name: Install NPM packages
working-directory: web
run: |
bun install --frozen-lockfile
- name: Install Task
run: |
curl -sL https://taskfile.dev/install.sh | sh -s -- -b /usr/local/bin
task --version
- name: Web lint (Typecheck, Biome, and knip)
run: task web:lint
- name: Check for biome-ignore comments (zero tolerance)
run: task web:check-ignores
- name: Web tests
run: task web:test
mock-oauth-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Bun
uses: oven-sh/setup-bun@v2
with:
bun-version: "1.3.1"
- name: Install Task
run: |
curl -sL https://taskfile.dev/install.sh | sh -s -- -b /usr/local/bin
task --version
- name: Mock OAuth lint (Typecheck and Biome)
run: task mock-oauth:lint
- name: Mock OAuth tests
run: task mock-oauth:test