mirror of
https://github.com/wneessen/go-mail.git
synced 2024-11-15 02:12:55 +01:00
Winni Neessen
8bc9b8b7fd
This update ensures that the Dependency Review action has the correct references for base and head in pull request events. It helps in accurately reviewing dependency changes between the branches. Reference: https://github.com/actions/dependency-review-action/issues/456#issuecomment-1537840047
221 lines
No EOL
8.7 KiB
YAML
221 lines
No EOL
8.7 KiB
YAML
# SPDX-FileCopyrightText: 2024 The go-mail Authors
|
|
#
|
|
# SPDX-License-Identifier: MIT
|
|
|
|
name: CI
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref_name }}
|
|
|
|
jobs:
|
|
codecov:
|
|
name: Test with Codecov coverage (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-codecov-${{ matrix.os }}-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest]
|
|
go: ['1.23']
|
|
env:
|
|
PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }}
|
|
PERFORM_UNIX_OPEN_WRITE_TESTS: ${{ vars.PERFORM_UNIX_OPEN_WRITE_TESTS }}
|
|
PERFORM_SENDMAIL_TESTS: ${{ vars.PERFORM_SENDMAIL_TESTS }}
|
|
TEST_HOST: ${{ secrets.TEST_HOST }}
|
|
TEST_USER: ${{ secrets.TEST_USER }}
|
|
TEST_PASS: ${{ secrets.TEST_PASS }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Install sendmail
|
|
run: |
|
|
sudo apt-get -y update >/dev/null && sudo apt-get -y upgrade >/dev/null && sudo DEBIAN_FRONTEND=noninteractive apt-get -y install nullmailer >/dev/null && which sendmail
|
|
- name: Run go test
|
|
if: success()
|
|
run: |
|
|
go test -race -shuffle=on --coverprofile=coverage.coverprofile --covermode=atomic ./...
|
|
- name: Upload coverage to Codecov
|
|
if: success()
|
|
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
|
|
with:
|
|
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
|
|
lint:
|
|
name: golangci-lint (${{ matrix.go }})
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-lint-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
go: ['1.23']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: golangci-lint
|
|
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
|
|
with:
|
|
version: latest
|
|
dependency-review:
|
|
name: Dependency review
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-dependency-review
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: 'Dependency Review'
|
|
uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5
|
|
with:
|
|
base-ref: ${{ github.event.pull_request.base.sha || 'main' }}
|
|
head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
|
|
govulncheck:
|
|
name: Go vulnerabilities check
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-govulncheck
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Run govulncheck
|
|
uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
|
|
test:
|
|
name: Test (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-test-${{ matrix.os }}-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
go: ['1.19', '1.20', '1.21', '1.22', '1.23']
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
- name: Run go test
|
|
run: |
|
|
go test -race -shuffle=on ./...
|
|
test-fbsd:
|
|
name: Test on FreeBSD ${{ matrix.osver }}
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-test-freebsd-${{ matrix.osver }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
osver: ['14.1', '14.0', 13.4']
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Run go test on FreeBSD
|
|
uses: vmactions/freebsd-vm@v1
|
|
with:
|
|
usesh: true
|
|
copyback: false
|
|
prepare: |
|
|
pkg install -y go
|
|
run: |
|
|
cd $GITHUB_WORKSPACE;
|
|
go test -race -shuffle=on ./...
|
|
reuse:
|
|
name: REUSE Compliance Check
|
|
runs-on: ubuntu-latest
|
|
concurrency:
|
|
group: ci-reuse
|
|
cancel-in-progress: true
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: REUSE Compliance Check
|
|
uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0
|
|
sonarqube:
|
|
name: Test with SonarQube review (${{ matrix.os }} / ${{ matrix.go }})
|
|
runs-on: ${{ matrix.os }}
|
|
concurrency:
|
|
group: ci-codecov-${{ matrix.go }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest]
|
|
go: ['1.23']
|
|
env:
|
|
PERFORM_ONLINE_TEST: ${{ vars.PERFORM_ONLINE_TEST }}
|
|
TEST_HOST: ${{ secrets.TEST_HOST }}
|
|
TEST_USER: ${{ secrets.TEST_USER }}
|
|
TEST_PASS: ${{ secrets.TEST_PASS }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
|
|
with:
|
|
egress-policy: audit
|
|
- name: Checkout Code
|
|
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
|
|
- name: Setup go
|
|
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
check-latest: true
|
|
- name: Run go test
|
|
run: |
|
|
go test -shuffle=on -race --coverprofile=./cov.out ./...
|
|
- name: SonarQube scan
|
|
uses: sonarsource/sonarqube-scan-action@884b79409bbd464b2a59edc326a4b77dc56b2195 # master
|
|
if: success()
|
|
env:
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
|
- name: SonarQube quality gate
|
|
uses: sonarsource/sonarqube-quality-gate-action@dc2f7b0dd95544cd550de3028f89193576e958b9 # master
|
|
timeout-minutes: 5
|
|
env:
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} |