d2b49fcf59
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 3.6.4 to 4.1.0. - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/anchore/scan-action/compare/v3.6.4...v4.1.0) --- updated-dependencies: - dependency-name: anchore/scan-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
89 lines
1.9 KiB
YAML
89 lines
1.9 KiB
YAML
name: Test PR
|
|
on:
|
|
pull_request_target:
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
|
|
lint:
|
|
name: Lint
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v4.1.0
|
|
with:
|
|
go-version: 1.17
|
|
id: go
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: golangci-lint
|
|
uses: golangci/golangci-lint-action@v6.0.1
|
|
with:
|
|
version: v1.44
|
|
|
|
test:
|
|
name: Test
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v4.1.0
|
|
with:
|
|
go-version: 1.17
|
|
id: go
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
ref: "refs/pull/${{ github.event.number }}/merge"
|
|
|
|
- name: Test
|
|
run: go test -coverprofile cover.out ./...
|
|
|
|
- name: SonarCloud Scan
|
|
uses: sonarsource/sonarcloud-github-action@master
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
|
|
image-scan:
|
|
name: Image Scan
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
ref: "refs/pull/${{ github.event.number }}/merge"
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v4.1.0
|
|
with:
|
|
go-version: 1.17
|
|
id: go
|
|
|
|
- name: Run GoReleaser
|
|
uses: goreleaser/goreleaser-action@v4.3.0
|
|
with:
|
|
version: latest
|
|
args: release --rm-dist --snapshot
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Scan image
|
|
uses: anchore/scan-action@v4.1.0
|
|
id: scan
|
|
with:
|
|
image: "hipages/php-fpm_exporter:latest"
|
|
acs-report-enable: true
|
|
fail-build: false
|
|
|
|
- name: Upload Anchore scan SARIF report
|
|
uses: github/codeql-action/upload-sarif@v2
|
|
with:
|
|
sarif_file: ${{ steps.scan.outputs.sarif }}
|