# SPDX-FileCopyrightText: 2024 The go-mail Authors # # SPDX-License-Identifier: MIT name: CI permissions: contents: read on: push: branches: - main pull_request: branches: - main concurrency: group: ${{ github.workflow }}-${{ github.ref_name }} jobs: codecov: name: Test with Codecov coverage (${{ matrix.os }} / ${{ matrix.go }}) runs-on: ${{ matrix.os }} concurrency: group: ci-codecov-${{ matrix.os }}-${{ matrix.go }} cancel-in-progress: true strategy: matrix: os: [ubuntu-latest] go: ['1.23'] env: PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }} PERFORM_UNIX_OPEN_WRITE_TESTS: ${{ vars.PERFORM_UNIX_OPEN_WRITE_TESTS }} PERFORM_SENDMAIL_TESTS: ${{ vars.PERFORM_SENDMAIL_TESTS }} TEST_BASEPORT: ${{ vars.TEST_BASEPORT }} TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }} TEST_HOST: ${{ secrets.TEST_HOST }} TEST_USER: ${{ secrets.TEST_USER }} TEST_PASS: ${{ secrets.TEST_PASS }} steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Setup go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} check-latest: true - name: Install sendmail run: | sudo apt-get -y update && sudo DEBIAN_FRONTEND=noninteractive apt-get -y install nullmailer && which sendmail - name: Run go test if: success() run: | go test -race -shuffle=on --coverprofile=coverage.coverprofile --covermode=atomic ./... - name: Upload coverage to Codecov if: success() uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 with: token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos lint: name: golangci-lint (${{ matrix.go }}) runs-on: ubuntu-latest concurrency: group: ci-lint-${{ matrix.go }} cancel-in-progress: true strategy: matrix: go: ['1.23'] steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Setup go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} check-latest: true - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: golangci-lint uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 with: version: latest dependency-review: name: Dependency review runs-on: ubuntu-latest concurrency: group: ci-dependency-review cancel-in-progress: true steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: 'Dependency Review' uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 with: base-ref: ${{ github.event.pull_request.base.sha || 'main' }} head-ref: ${{ github.event.pull_request.head.sha || github.ref }} govulncheck: name: Go vulnerabilities check runs-on: ubuntu-latest concurrency: group: ci-govulncheck cancel-in-progress: true steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Run govulncheck uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4 test: name: Test (${{ matrix.os }} / ${{ matrix.go }}) runs-on: ${{ matrix.os }} concurrency: group: ci-test-${{ matrix.os }}-${{ matrix.go }} cancel-in-progress: true strategy: matrix: os: [ubuntu-latest, macos-latest, windows-latest] go: ['1.19', '1.20', '1.21', '1.22', '1.23'] env: TEST_BASEPORT: ${{ vars.TEST_BASEPORT }} TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }} steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Setup go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} - name: Run go test run: | go test -race -shuffle=on ./... test-fbsd: name: Test on FreeBSD ${{ matrix.osver }} runs-on: ubuntu-latest concurrency: group: ci-test-freebsd-${{ matrix.osver }} cancel-in-progress: true strategy: matrix: osver: ['14.1', '14.0', 13.4'] env: TEST_BASEPORT: ${{ vars.TEST_BASEPORT }} TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }} steps: - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Run go test on FreeBSD uses: vmactions/freebsd-vm@debf37ca7b7fa40e19c542ef7ba30d6054a706a4 # v1.1.5 with: usesh: true copyback: false prepare: | pkg install -y go run: | cd $GITHUB_WORKSPACE; go test -race -shuffle=on ./... reuse: name: REUSE Compliance Check runs-on: ubuntu-latest concurrency: group: ci-reuse cancel-in-progress: true steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: REUSE Compliance Check uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0 sonarqube: name: Test with SonarQube review (${{ matrix.os }} / ${{ matrix.go }}) runs-on: ${{ matrix.os }} concurrency: group: ci-codecov-${{ matrix.go }} cancel-in-progress: true strategy: matrix: os: [ubuntu-latest] go: ['1.23'] env: PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }} TEST_BASEPORT: ${{ vars.TEST_BASEPORT }} TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }} TEST_HOST: ${{ secrets.TEST_HOST }} TEST_USER: ${{ secrets.TEST_USER }} TEST_PASS: ${{ secrets.TEST_PASS }} steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout Code uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master - name: Setup go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ matrix.go }} check-latest: true - name: Run go test run: | go test -shuffle=on -race --coverprofile=./cov.out ./... - name: SonarQube scan uses: sonarsource/sonarqube-scan-action@1b442ee39ac3fa7c2acdd410208dcb2bcfaae6c4 # master if: success() env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - name: SonarQube quality gate uses: sonarsource/sonarqube-quality-gate-action@8406f4f1edaffef38e9fb9c53eb292fc1d7684fa # master timeout-minutes: 5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}