Skip to content

critical: fix banded scoring on variation within bands #3058

critical: fix banded scoring on variation within bands

critical: fix banded scoring on variation within bands #3058

Workflow file for this run

name: Code Test
## Only trigger tests if source is changing
on:
push:
paths:
- '**.go'
- '**.mod'
- '**.ct'
- 'go.sum'
- '.github/workflows/pr-test-lint.yml'
jobs:
# Check if there is any dirty change for go mod tidy
go-mod:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ">=${{ env.golang-version }}"
cache: false
- name: Check go mod
run: |
go mod tidy
git diff --exit-code go.mod
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ">=${{ env.golang-version }}"
cache: false
- name: Run golangci-lint
uses: golangci/[email protected]
with:
version: latest
args: --timeout=30m
go-test:
runs-on: ubuntu-latest
outputs:
outcome: ${{ steps.tests.outcome }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ">=${{ env.golang-version }}"
cache: false
# https://github.com/actions/cache/blob/main/examples.md#go---modules
- uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Make provider dir
run: mkdir -p ${PWD}/${GITHUB_JOB}/.providers
- name: Set provider env
run: echo "PROVIDERS_PATH=${PWD}/${GITHUB_JOB}/.providers" >> $GITHUB_ENV
- name: Display Provider Path
run: echo $PROVIDERS_PATH
- run: make test/go/plain-ci
id: tests
- uses: actions/upload-artifact@v4 # upload test results
if: success() || failure() # run this step even if previous step failed
with:
name: test-results
path: report.xml
go-auto-approve:
runs-on: ubuntu-latest
needs: go-test
if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' && needs.go-test.outputs.outcome == 'success' }}
permissions:
contents: write
pull-requests: write
steps:
- name: Fetch PR infos
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve a PR
# For now, we only auto approve and merge go dep PRs because we have tests for this in place.
if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'go' }}
# Settings the comment will auto merge the PR after all tests passed
# https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands
run: gh pr review --comment "@dependabot squash and merge" --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
event_file:
name: "Store event file"
runs-on: ubuntu-latest
steps:
- name: Upload
uses: actions/upload-artifact@v4
with:
name: Event File
path: ${{ github.event_path }}
go-bench:
runs-on: ubuntu-latest
if: github.ref != 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ">=${{ env.golang-version }}"
cache: false
- name: Make provider dir
run: mkdir -p ${PWD}/${GITHUB_JOB}/.providers
- name: Set provider env
run: echo "PROVIDERS_PATH=${PWD}/${GITHUB_JOB}/.providers" >> $GITHUB_ENV
- name: Display Provider Path
run: echo $PROVIDERS_PATH
- name: Run benchmark
run: make benchmark/go | tee benchmark.txt
# Remove log statements and leave just the benchmark results
- name: Cleanup benchmark file
run: sed -i -n '/goos:/,$p' benchmark.txt
# Download previous benchmark result from cache (if exists)
- name: Download previous benchmark data
uses: actions/cache/restore@v4
with:
path: ./cache
key: ${{ runner.os }}-benchmark
# Run `github-action-benchmark` action
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@v1
with:
# What benchmark tool the output.txt came from
tool: 'go'
# Where the output from the benchmark tool is stored
output-file-path: benchmark.txt
# Where the previous data file is stored
external-data-json-path: ./cache/benchmark-data.json
github-token: ${{ secrets.GITHUB_TOKEN }}
comment-on-alert: true
summary-always: true
fail-on-alert: true
save-data-file: false
alert-threshold: '150%'