organize CI actions

This commit organizes the CI actions into the following categories: - Build - Test - Security Signed-off-by: Andreas Auernhammer <hi@aead.dev>
minio · Sep 12, 2022 · b0fb876 · b0fb876
1 parent 501a090
commit b0fb876
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 59 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,52 +1,37 @@
-name: "Code scanning - action"
-
+name: CodeQL
 on:
-  push:
   pull_request:
-  schedule:
-    - cron: '0 19 * * 0'
-
+    branches:
+    - master
+  push:
+    branches:
+    - master
 jobs:
-  CodeQL-Build:
-
-    # CodeQL runs on ubuntu-latest and windows-latest
+  codeql:
+    name: Analysis
     runs-on: ubuntu-latest
-
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
         fetch-depth: 2
-
     # If this run was triggered by a pull request event, then checkout
     # the head of the pull request instead of the merge commit.
     - run: git checkout HEAD^2
       if: ${{ github.event_name == 'pull_request' }}
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       # Override language selection by uncommenting this and choosing your languages
       # with:
       #   languages: go, javascript, csharp, python, cpp, java
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
+      uses: github/codeql-action/autobuild@v2
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -8,7 +8,7 @@ on:
     - master
 jobs:
   build:
-    name: Build Go ${{ matrix.go-version }}
+    name: Build ${{ matrix.go-version }}
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -20,16 +20,18 @@ jobs:
         go-version: ${{ matrix.go-version }}
       id: go
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
-    - name: Build
+      uses: actions/checkout@v3
+    - name: Build and Lint
       env:
         GO111MODULE: on
       run: |
+         go build ./...
+         go vet ./...
          curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.48.0
          $(go env GOPATH)/bin/golangci-lint run --config ./.golangci.yml
-         go vet ./...
+
   test:
-    name: Testing Go ${{ matrix.go-version }} on ${{ matrix.os }}
+    name: Test ${{ matrix.go-version }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
@@ -41,18 +43,16 @@ jobs:
       with:
         go-version: ${{ matrix.go-version }}
       id: go
-
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
-
+      uses: actions/checkout@v3
     - name: Test on ${{ matrix.os }}
       env:
         GO111MODULE: on
       run: |
          go test ./...
 
   integration:
-    name: Integration Test Go ${{ matrix.go-version }}
+    name: Integration Test
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -63,10 +63,8 @@ jobs:
       with:
         go-version: ${{ matrix.go-version }}
       id: go
-
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
-
+      uses: actions/checkout@v3
     - name: Integration Test
       env:
         GO111MODULE: on

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,32 +1,33 @@
-name: goreleaser
-
+name: Release
 on:
   pull_request:
+    branches:
+    - master
   push:
-
+    branches:
+    - master
 jobs:
   goreleaser:
+    name: Go ${{ matrix.go-version }}
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: [1.19.x]
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v3
-      -
-        name: Unshallow
+      - name: Unshallow
         run: git fetch --prune --unshallow
-      -
-        name: Set up Go
+      - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.19.x
-      -
-        name: Set up QEMU
+          go-version: ${{ matrix.go-version }}
+        id: go
+      - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
-      -
-        name: Set up Docker Buildx
+      - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
-      -
-        name: Run GoReleaser
+      - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v3
         with:
           version: latest

diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml
@@ -1,4 +1,4 @@
-name: Security
+name: VulnCheck
 on:
   pull_request:
     branches:
@@ -7,11 +7,11 @@ on:
     branches:
     - master
 jobs:
-  build:
-    name: VulnCheck
+  vulncheck:
+    name: Analysis
     runs-on: ubuntu-latest
     steps:
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Check for vulnerabilities
       uses: kmulvey/govulncheck-action@main