From 905b8403d824444dfdbba7c3b4757d2447a1e025 Mon Sep 17 00:00:00 2001
From: egibs <20933572+egibs@users.noreply.github.com>
Date: Mon, 23 Dec 2024 13:40:50 -0600
Subject: [PATCH] Try running tests in a container

Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
---
 .github/workflows/go-tests.yaml | 51 ++++-----------------------------
 .github/workflows/style.yaml    | 21 ++++++++++++++
 2 files changed, 26 insertions(+), 46 deletions(-)

diff --git a/.github/workflows/go-tests.yaml b/.github/workflows/go-tests.yaml
index 28d8b8ca2..e70fe55b8 100644
--- a/.github/workflows/go-tests.yaml
+++ b/.github/workflows/go-tests.yaml
@@ -17,56 +17,15 @@ permissions:
 jobs:
   test:
     runs-on: mal-ubuntu-latest-8-core
-    env:
-      PKG_CONFIG_PATH: ${{ github.workspace }}
-      LD_LIBRARY_PATH: ${{ github.workspace }}
+    container: cgr.dev/chainguard/wolfi-base:latest
     steps:
-      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
-        with:
-          egress-policy: audit
-
-      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
-        with:
-          go-version-file: go.mod
-          check-latest: true
-
-      - uses: chainguard-dev/actions/goimports@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
-
-      - name: install dependencies
+      - name: Install dependencies
         run: |
-          sudo apt update && sudo apt install xz-utils -y
+          apk update
+          apk add curl findutils git go nodejs xz yara-x-compat
 
-      - name: Clone yara-x
+      - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          repository: VirusTotal/yara-x
-          path: yara-x
-
-      - name: Setup Rust
-        uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # ???
-        with:
-          toolchain: stable
-
-      - name: Install yara-x-capi
-        run: |
-          cd ${{ github.workspace }}/yara-x
-          cargo install cargo-c
-          cargo cinstall -p yara-x-capi --release --destdir /tmp/yara-x
-          sudo mkdir -p /usr/local/lib
-          sudo mkdir -p /usr/local/include
-          sudo cp /tmp/yara-x/usr/local/include/yara_x.h /usr/local/include/
-          sudo cp -a /tmp/yara-x/usr/local/lib/x86_64-linux-gnu/* /usr/local/lib/
-          sudo ldconfig -v
-          cd ${{ github.workspace }}
-
-      - name: golangci-lint
-        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
-        with:
-          version: v1.62.0
-          args: --timeout=5m
 
       - name: Unit tests
         run: |
diff --git a/.github/workflows/style.yaml b/.github/workflows/style.yaml
index 74b7a5197..74d0e8136 100644
--- a/.github/workflows/style.yaml
+++ b/.github/workflows/style.yaml
@@ -111,3 +111,24 @@ jobs:
           check-latest: true
 
       - uses: chainguard-dev/actions/goimports@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
+
+  golangci-lint:
+    name: check golangci-lint
+    runs-on: ubuntu-latest
+    container: cgr.dev/chainguard/wolfi-base:latest
+    steps:
+      - name: Install dependencies
+        run: |
+          apk update
+          apk add curl findutils git go nodejs xz yara-x-compat
+
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        with:
+          egress-policy: audit
+
+      - name: Checkout code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Run golangci-lint
+        run: |
+          make golangci-lint-lint