mirror of
https://github.com/wneessen/go-mail.git
synced 2024-11-24 14:40:49 +01:00
93fc646338
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.1 to 2.10.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](91182cccc0...0080882f6c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
231 lines
No EOL
9.1 KiB
YAML
231 lines
No EOL
9.1 KiB
YAML
# SPDX-FileCopyrightText: 2024 The go-mail Authors
|
|
#
|
|
# SPDX-License-Identifier: MIT
|
|
|
|
name: CI
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref_name }}
|
|
|
|
jobs:
|
|
codecov:
|
|
name: Test with Codecov coverage (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-codecov-${{ matrix.os }}-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest]
|
|
go: ['1.23']
|
|
env:
|
|
PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }}
|
|
PERFORM_UNIX_OPEN_WRITE_TESTS: ${{ vars.PERFORM_UNIX_OPEN_WRITE_TESTS }}
|
|
PERFORM_SENDMAIL_TESTS: ${{ vars.PERFORM_SENDMAIL_TESTS }}
|
|
TEST_BASEPORT: ${{ vars.TEST_BASEPORT }}
|
|
TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }}
|
|
TEST_HOST: ${{ secrets.TEST_HOST }}
|
|
TEST_USER: ${{ secrets.TEST_USER }}
|
|
TEST_PASS: ${{ secrets.TEST_PASS }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Install sendmail
|
|
run: |
|
|
sudo apt-get -y update && sudo DEBIAN_FRONTEND=noninteractive apt-get -y install nullmailer && which sendmail
|
|
- name: Run go test
|
|
if: success()
|
|
run: |
|
|
go test -race -shuffle=on --coverprofile=coverage.coverprofile --covermode=atomic ./...
|
|
- name: Upload coverage to Codecov
|
|
if: success()
|
|
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
|
|
with:
|
|
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
|
|
lint:
|
|
name: golangci-lint (${{ matrix.go }})
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-lint-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
go: ['1.23']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: golangci-lint
|
|
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
|
|
with:
|
|
version: latest
|
|
dependency-review:
|
|
name: Dependency review
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-dependency-review
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: 'Dependency Review'
|
|
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
|
|
with:
|
|
base-ref: ${{ github.event.pull_request.base.sha || 'main' }}
|
|
head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
|
|
govulncheck:
|
|
name: Go vulnerabilities check
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-govulncheck
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Run govulncheck
|
|
uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
|
|
test:
|
|
name: Test (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-test-${{ matrix.os }}-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
go: ['1.19', '1.20', '1.21', '1.22', '1.23']
|
|
env:
|
|
TEST_BASEPORT: ${{ vars.TEST_BASEPORT }}
|
|
TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
- name: Run go test
|
|
run: |
|
|
go test -race -shuffle=on ./...
|
|
test-fbsd:
|
|
name: Test on FreeBSD ${{ matrix.osver }}
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-test-freebsd-${{ matrix.osver }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
osver: ['14.1', '14.0', 13.4']
|
|
env:
|
|
TEST_BASEPORT: ${{ vars.TEST_BASEPORT }}
|
|
TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }}
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Run go test on FreeBSD
|
|
uses: vmactions/freebsd-vm@v1
|
|
with:
|
|
usesh: true
|
|
copyback: false
|
|
prepare: |
|
|
pkg install -y go
|
|
run: |
|
|
cd $GITHUB_WORKSPACE;
|
|
go test -race -shuffle=on ./...
|
|
reuse:
|
|
name: REUSE Compliance Check
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-reuse
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: REUSE Compliance Check
|
|
uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
|
|
sonarqube:
|
|
name: Test with SonarQube review (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-codecov-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest]
|
|
go: ['1.23']
|
|
env:
|
|
PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }}
|
|
TEST_BASEPORT: ${{ vars.TEST_BASEPORT }}
|
|
TEST_BASEPORT_SMTP: ${{ vars.TEST_BASEPORT_SMTP }}
|
|
TEST_HOST: ${{ secrets.TEST_HOST }}
|
|
TEST_USER: ${{ secrets.TEST_USER }}
|
|
TEST_PASS: ${{ secrets.TEST_PASS }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Run go test
|
|
run: |
|
|
go test -shuffle=on -race --coverprofile=./cov.out ./...
|
|
- name: SonarQube scan
|
|
uses: sonarsource/sonarqube-scan-action@94d4f8ac4aaefccd7fb84bff00b0aeb2d65fcd49 # master
|
|
if: success()
|
|
env:
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
|
- name: SonarQube quality gate
|
|
uses: sonarsource/sonarqube-quality-gate-action@8406f4f1edaffef38e9fb9c53eb292fc1d7684fa # master
|
|
timeout-minutes: 5
|
|
env:
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} |