diff --git a/.codecov.yml b/.codecov.yml new file mode 100644 index 00000000..2f0a040f --- /dev/null +++ b/.codecov.yml @@ -0,0 +1,8 @@ +coverage: + status: + project: + default: + informational: true + patch: + default: + target: 60% diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 5aba7b0d..351cf3d9 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -2,22 +2,32 @@ name: Coverage on: push: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .github/workflows/coverage.yml pull_request: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .github/workflows/coverage.yml permissions: contents: read jobs: - codecov: - runs-on: ubuntu-22.04 + coverage: + runs-on: ubuntu-latest steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: - go-version: '1.23' + go-version-file: go.mod - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: @@ -27,10 +37,18 @@ jobs: run: python3 scripts/fetch_meta.py - name: Run tests with coverage - run: go test -coverprofile=coverage.txt -covermode=atomic ./... + run: go test -race -coverprofile=coverage.txt -covermode=atomic ./... - - name: Upload coverage to Codecov - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5 - with: - files: coverage.txt - token: ${{ secrets.CODECOV_TOKEN }} + - name: Generate coverage report + run: | + total=$(go tool cover -func=coverage.txt | grep total | awk '{print $3}') + echo "## Coverage Report" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "**Total coverage: ${total}**" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
Details" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + go tool cover -func=coverage.txt >> $GITHUB_STEP_SUMMARY + echo '```' >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 2d0da6b6..cec20a8b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -2,43 +2,36 @@ name: Lint on: push: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .golangci.yml + - .github/workflows/lint.yml pull_request: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .golangci.yml + - .github/workflows/lint.yml permissions: contents: read jobs: - staticcheck: - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - - - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 - with: - go-version: '1.23' - - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 - with: - python-version: '3.x' - - - name: Fetch meta_data.json - run: python3 scripts/fetch_meta.py - - - name: Run staticcheck - uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1 - with: - install-go: false - golangci-lint: - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + with: + fetch-depth: 0 - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: - go-version: '1.23' + go-version-file: go.mod - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: @@ -47,26 +40,21 @@ jobs: - name: Fetch meta_data.json run: python3 scripts/fetch_meta.py + - name: Ensure go.mod and go.sum are tidy + run: | + go mod tidy + if ! git diff --quiet go.mod go.sum; then + echo "::error::go.mod or go.sum is not tidy. Run 'go mod tidy' and commit the changes." + git diff go.mod go.sum + exit 1 + fi + - name: Run golangci-lint - uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6 - with: - version: latest + run: go run github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.1.6 run --new-from-rev=origin/main - vet: - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + - name: Run govulncheck + continue-on-error: true # informational until Go version is upgraded + run: go run golang.org/x/vuln/cmd/govulncheck@v1.1.4 ./... - - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 - with: - go-version: '1.23' - - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 - with: - python-version: '3.x' - - - name: Fetch meta_data.json - run: python3 scripts/fetch_meta.py - - - name: Run go vet - run: go vet ./... + - name: Check dependency licenses + run: go run github.com/google/go-licenses/v2@v2.0.1 check ./... --disallowed_types=forbidden,restricted,reciprocal,unknown diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 11136dcf..58351696 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -2,22 +2,32 @@ name: Tests on: push: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .github/workflows/tests.yml pull_request: - branches: [ main ] + branches: [main] + paths: + - "**.go" + - go.mod + - go.sum + - .github/workflows/tests.yml permissions: contents: read jobs: unit-test: - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5 with: - go-version: '1.23' + go-version-file: go.mod - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: @@ -27,4 +37,7 @@ jobs: run: python3 scripts/fetch_meta.py - name: Run tests - run: go test -v -race -count=1 -timeout=30s ./cmd/... ./internal/... ./shortcuts/... + run: go test -v -race -count=1 -timeout=5m ./cmd/... ./internal/... ./shortcuts/... + + - name: Build + run: go build -v ./... diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 00000000..4690fe93 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,66 @@ +version: "2" + +run: + timeout: 5m + +linters: + default: none + enable: + - asasalint # checks for pass []any as any in variadic func(...any) + - asciicheck # checks that code does not contain non-ASCII identifiers + - bidichk # checks for dangerous unicode character sequences + - bodyclose # checks whether HTTP response body is closed successfully + - copyloopvar # detects places where loop variables are copied + - durationcheck # checks for two durations multiplied together + - exptostd # detects functions from golang.org/x/exp/ replaceable by std + - fatcontext # detects nested contexts in loops + - gocheckcompilerdirectives # validates go compiler directive comments (//go:) + - gochecksumtype # checks exhaustiveness on Go "sum types" + - gocritic # diagnostics for bugs, performance and style + - gomoddirectives # checks for replace, retract, and exclude in go.mod + - goprintffuncname # checks that printf-like functions end with f + - govet # reports suspicious constructs + - ineffassign # detects ineffective assignments + - nilerr # finds code that returns nil even if error is not nil + - nolintlint # reports ill-formed nolint directives + - nosprintfhostport # checks for misuse of Sprintf to construct host:port + - reassign # checks that package variables are not reassigned + - unconvert # removes unnecessary type conversions + - unused # checks for unused constants, variables, functions and types + + # To enable later after fixing existing issues: + # - errcheck # checks for unchecked errors + # - errname # checks that error types are named XxxError + # - errorlint # checks error wrapping best practices + # - gosec # security-oriented linter + # - misspell # finds commonly misspelled English words + # - staticcheck # comprehensive static analysis + + exclusions: + paths: + - generated + rules: + - path: _test\.go$ + linters: + - bodyclose + - gocritic + + settings: + gocritic: + disabled-checks: + - appendAssign + - hugeParam + disabled-tags: + - style + govet: + enable: + - httpresponse + +formatters: + enable: + - gofmt + - goimports + +issues: + max-issues-per-linter: 0 + max-same-issues: 0