Collection of shared github actions which are used in our org.
The checkout PR action will fetch only the commits that belong to the PR. This is required for various code analysis tooling, including sonarcloud.
Example usage:
jobs:
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout PR
uses: TykTechnologies/github-actions/.github/actions/checkout-pr@main
For a PR, the action will print the changes in go doc
output. This
surfaces API changes (function removals, renames, additions), as well as
comment changes.
Example usage:
jobs:
godoc:
uses: TykTechnologies/github-actions/.github/workflows/godoc.yml@main
secrets:
ORG_GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }}
Example usage:
jobs:
owasp:
uses: TykTechnologies/github-actions/.github/workflows/owasp.yaml@main
with:
target: http://staging-url.com
OSS scanner which helps find CVEs in Go dependencies
Example usage:
jobs:
nancy:
strategy:
fail-fast: false
matrix:
package:
- controller
- dashboard
- billing
- monitor
- pkg
uses: TykTechnologies/github-actions/.github/workflows/nancy.yaml@main
with:
dir: ${{ matrix.package }}
secrets: inherit
CodeQL like OSS linter
Example usage:
jobs:
semgrep:
uses: TykTechnologies/github-actions/.github/workflows/semgrep.yaml@main
Popular linter for Go lang with good defaults
Example usage:
jobs:
golangci:
uses: TykTechnologies/github-actions/.github/workflows/golangci.yaml@main
with:
main_branch: master
Put it after Golang CI to automatically upload its reports to SonarCloud
Example usage:
jobs:
golangci:
uses: TykTechnologies/github-actions/.github/workflows/sonarcloud.yaml@main
with:
main_branch: master
exclusions: ""
secrets: inherit
Official Go Vulnerability Management See https://go.dev/blog/vuln
Example usage:
jobs:
govulncheck:
uses: TykTechnologies/github-actions/.github/workflows/govulncheck.yaml@main