niljson/.github/workflows/codecov.yml
StepSecurity Bot f4d7b6b9df
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-09-13 18:26:26 +00:00

47 lines
1.2 KiB
YAML

# SPDX-FileCopyrightText: 2024 Winni Neessen <wn@neessen.dev>
#
# SPDX-License-Identifier: CC0-1.0
name: Codecov workflow
on:
push:
branches:
- main
paths:
- '**.go'
- 'go.*'
- '.forgejo/**'
- 'codecov.yml'
pull_request:
branches:
- main
paths:
- '**.go'
- 'go.*'
- '.forgejo/**'
- 'codecov.yml'
permissions:
contents: read
jobs:
run:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout Code
uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
- name: Setup go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.23'
- name: Run Tests
run: |
go test -v -shuffle=on -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
- name: Upload coverage to Codecov
uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3.1.6
with:
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos