opentdf · jakedoublev · Feb 5, 2024 · Feb 5, 2024 · Feb 5, 2024 · Feb 5, 2024
@@ -0,0 +1,65 @@
+name: 'CI'
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
+        with:
+          go-version-file: 'go.mod'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc
+        with:
+          version: v1.55
+  unit:
+    name: unit tests
+    runs-on: ubuntu-22.04
+    env:
+      GOPRIVATE: github.com/opentdf/opentdf-v2-poc/*
+    steps:
+      - name: Generate a token
+        id: generate_token
+        uses: actions/[email protected]
+        with:
+          app-id: '416599'
+          private-key: '${{ secrets.GH_APP_PRIVATE_KEY }}'
+          owner: ${{ github.repository_owner }}
+          repositories: 'opentdf-v2-poc'
+      - run: git config --global url.https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/.insteadOf https://github.com/
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
+        with:
+          go-version-file: 'go.mod'
+          cache: false
+      - name: Unit Tests with the Go CLI
+        run: go test ./... -short -race -cover
+  end-to-end:
+    name: e2e tests
+    runs-on: ubuntu-22.04
+    env:
+      GOPRIVATE: github.com/opentdf/opentdf-v2-poc/*
+    steps:
+      - name: Generate a token
+        id: generate_token
+        uses: actions/[email protected]
+        with:
+          app-id: '416599'
+          private-key: '${{ secrets.GH_APP_PRIVATE_KEY }}'
+          owner: ${{ github.repository_owner }}
+          repositories: 'opentdf-v2-poc'
+      - run: git config --global url.https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/.insteadOf https://github.com/
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
+        with:
+          go-version-file: 'go.mod'
+          cache: false
+      - name: e2e Tests
+        run: echo "No e2e tests yet." && exit 0
@@ -1,4 +1,4 @@
-name: "Lint PR"
+name: '🧹 Lint PR Title'
 on:
   pull_request_target:
     types:

@@ -0,0 +1,29 @@
+name: '🔍 Security Check'
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  govulncheck_job:
+    runs-on: ubuntu-latest
+    name: Run govulncheck
+    env:
+      GOPRIVATE: github.com/opentdf/opentdf-v2-poc/*
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Generate a token
+        id: generate_token
+        uses: actions/[email protected]
+        with:
+          app-id: '416599'
+          private-key: '${{ secrets.GH_APP_PRIVATE_KEY }}'
+          owner: ${{ github.repository_owner }}
+          repositories: 'opentdf-v2-poc'
+      - run: git config --global url.https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/.insteadOf https://github.com/
+      - id: govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          go-version-file: go.mod
+          go-package: ./...
@@ -0,0 +1,12 @@
+issues:
+  # Show only new issues: if there are unstaged changes or untracked files,
+  # only those changes are analyzed, else only changes in HEAD~ are analyzed.
+  # It's a super-useful option for integration of golangci-lint into existing large codebase.
+  # It's not practical to fix all existing issues at the moment of integration:
+  # much better don't allow issues in new code.
+  #
+  # Default: false
+  new: true
+  # Show only new issues created after git revision `REV`.
+  # Default: ""
+  new-from-rev: HEAD