chore: update pull request permissions in build workflow #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration | |
| env: | |
| GO_VERSION: "1.23" | |
| GO_LINT_VERSION: "v1.60.3" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| checks: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{env.GO_VERSION}} | |
| - name: Build | |
| run: make build | |
| lint: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{env.GO_VERSION}} | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: ${{env.GO_LINT_VERSION}} | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{env.GO_VERSION}} | |
| - name: Test | |
| run: make test | |
| - name: Set up tools | |
| run: | | |
| go install github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt@latest | |
| go get github.com/boumenot/gocover-cobertura && go install github.com/boumenot/gocover-cobertura | |
| - name: Tests | |
| run: | | |
| set -euo pipefail | |
| go test -json -v ./... 2>&1 | tee /tmp/gotest.log | gotestfmt | |
| # - name: Archive code coverage results | |
| # uses: actions/upload-artifact@v4 | |
| # with: | |
| # name: code-coverage | |
| # path: coverage.txt | |
| - name: Show coverage details | |
| id: coverage-details | |
| run: | | |
| go tool cover -func=coverage.txt | |
| - name: Convert go coverage to corbetura format | |
| run: gocover-cobertura < coverage.txt > coverage.xml | |
| - name: Generate code coverage report | |
| uses: irongut/CodeCoverageSummary@v1.3.0 | |
| with: | |
| filename: coverage.xml | |
| badge: false | |
| fail_below_min: false | |
| format: markdown | |
| hide_branch_rate: false | |
| hide_complexity: true | |
| indicators: true | |
| output: both | |
| thresholds: '60 80' | |
| - name: Add Coverage PR Comment | |
| if: github.event_name == 'pull_request' | |
| uses: marocchino/sticky-pull-request-comment@v2 | |
| with: | |
| recreate: true | |
| path: code-coverage-results.md | |
| # coverage: | |
| # name: "Code coverage report" | |
| # if: github.event_name == 'pull_request' | |
| # runs-on: ubuntu-latest | |
| # needs: test | |
| # permissions: | |
| # contents: read | |
| # actions: read # to download code coverage results from "test" job | |
| # pull-requests: write # write permission needed to comment on PR | |
| # steps: | |
| # - uses: fgrosse/go-coverage-report@v1.0.2 | |