Skip to content

Bump github/codeql-action from 3.26.7 to 3.27.7 #1811

Bump github/codeql-action from 3.26.7 to 3.27.7

Bump github/codeql-action from 3.26.7 to 3.27.7 #1811

Workflow file for this run

name: Go-static-analysis
on: [push, pull_request]
permissions:
contents: read
jobs:
golangci:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: 1.22.3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.3
- name: remove deployer container from dockerfile
run: sed -ie '/End of builder/,+5d' ./docker/userspacecni/Dockerfile
- name: Build the Docker image
run: docker build . -f ./docker/userspacecni/Dockerfile -t userspacecni:latest
- name: run container
run: docker run --name userspacecni -itd userspacecni:latest bash
- name: docker copy generated bin api files
run: docker cp userspacecni:/root/userspace-cni-network-plugin/cnivpp ./
- name: golangci-lint
uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1
with:
# Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
version: v1.56.2
args: --timeout=20m
shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.3
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # main
hadolint:
runs-on: ubuntu-latest
name: Hadolint
env:
HADOLINT_RECURSIVE: "true"
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
name: Run Hadolint
with:
recursive: true
ignore: DL3008,DL3059,DL3015
go-check:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
- name: remove deployer container from dockerfile
run: sed -ie '/End of builder/,+5d' ./docker/userspacecni/Dockerfile
- name: Build the Docker image
run: docker build . -f ./docker/userspacecni/Dockerfile -t userspacecni:latest
- name: run container
run: docker run --name userspacecni -itd userspacecni:latest bash
- name: docker copy generated bin api files
run: docker cp userspacecni:/root/userspace-cni-network-plugin/cnivpp ./
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: 1.22.3
- name: Checkout dockerfile to avoid false diff
run: git checkout ./docker/userspacecni/Dockerfile
# if this fails, run go mod tidy
- name: Tidy
run: go mod tidy
- name: Check if module files are consistent with code
run: git diff --exit-code
# if this fails, run go mod vendor
- name: Check if vendor directory is consistent with go modules
run: go mod vendor && git diff --exit-code