diff --git a/.github/workflows/greet.yaml b/.github/workflows/greet.yaml index 7907435..bb63100 100644 --- a/.github/workflows/greet.yaml +++ b/.github/workflows/greet.yaml @@ -1,9 +1,6 @@ name: First interaction on: - push: - branches: - - main pull_request: branches: - main diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 75ae7f4..f072fa4 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,15 +1,26 @@ name: Lint on: push: - tags: - - v* - branches: - - '**' pull_request: jobs: + pre_job: + # continue-on-error: true + runs-on: ubuntu-latest + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@v5 + with: + concurrent_skipping: 'same_content_newer' + skip_after_successful_duplicate: 'true' + cancel_others: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' golangci: name: GolangCI Lint + needs: pre_job runs-on: ubuntu-latest + if: needs.pre_job.outputs.should_skip != 'true' steps: - uses: actions/checkout@v4 - name: golangci-lint diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml index 6c5dcb9..d8e2025 100644 --- a/.github/workflows/scan.yaml +++ b/.github/workflows/scan.yaml @@ -1,14 +1,17 @@ name: Security scanning on: push: - tags: - - v* branches: - main + schedule: + - cron: '0 0 * * *' # daily jobs: security: if: github.repository == 'manhtukhang/vault-plugin-secrets-nexus-repository' + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results runs-on: ubuntu-latest steps: - name: checkout @@ -19,3 +22,10 @@ jobs: uses: snyk/actions/golang@master env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + continue-on-error: true # To make sure that SARIF upload gets called + with: + args: --sarif-file-output=snyk.sarif + - name: Upload result to GitHub Code Scanning + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: snyk.sarif diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 06fdbdc..eafe0c0 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -2,13 +2,25 @@ name: Test on: push: - branches: - - "**" pull_request: jobs: + pre_job: + # continue-on-error: true + runs-on: ubuntu-latest + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@v5 + with: + concurrent_skipping: 'same_content_newer' + skip_after_successful_duplicate: 'true' + cancel_others: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' test: name: Test + needs: pre_job runs-on: ubuntu-latest strategy: matrix: @@ -23,11 +35,11 @@ jobs: run: sudo apt-get update && sudo apt-get install -y make - name: Setup gotest run: curl -L https://gotest-release.s3.amazonaws.com/gotest_linux > gotest && chmod +x gotest && sudo mv gotest /usr/bin/gotest + # - name: Test - if: github.event_name == 'pull_request' - run: make test - - + if: needs.pre_job.outputs.should_skip != 'true' + run: make test-coverage + # - name: Hack Code Climate and Go Modules if: github.event_name != 'pull_request' && github.ref_name == 'main' run: mkdir -p github.com/${{ github.repository_owner }} && ln -sf $(pwd) github.com/${{ github.repository }} diff --git a/go.mod b/go.mod index a0ffb44..42a6e25 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/manhtukhang/vault-plugin-secrets-nexus-repository -go 1.22 - -toolchain go1.22.0 +go 1.22.1 require ( github.com/datadrivers/go-nexus-client v1.10.0