name: Test PR on: pull_request_target: workflow_dispatch: jobs: lint: name: Lint runs-on: ubuntu-latest steps: - name: Set up Go uses: actions/setup-go@v4.1.0 with: go-version: 1.17 id: go - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: golangci-lint uses: golangci/golangci-lint-action@v6.1.1 with: version: v1.44 test: name: Test runs-on: ubuntu-latest steps: - name: Setup Go uses: actions/setup-go@v4.1.0 with: go-version: 1.17 id: go - name: Checkout uses: actions/checkout@v3 with: ref: "refs/pull/${{ github.event.number }}/merge" - name: Test run: go test -coverprofile cover.out ./... - name: SonarCloud Scan uses: sonarsource/sonarcloud-github-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} image-scan: name: Image Scan runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 ref: "refs/pull/${{ github.event.number }}/merge" - name: Setup Go uses: actions/setup-go@v4.1.0 with: go-version: 1.17 id: go - name: Run GoReleaser uses: goreleaser/goreleaser-action@v4.3.0 with: version: latest args: release --rm-dist --snapshot env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Scan image uses: anchore/scan-action@v4.1.2 id: scan with: image: "hipages/php-fpm_exporter:latest" acs-report-enable: true fail-build: false - name: Upload Anchore scan SARIF report uses: github/codeql-action/upload-sarif@v2 with: sarif_file: ${{ steps.scan.outputs.sarif }}