ci(megalinter): re-enable trivy #2000
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Test built docker images by building simple projects inside them | |
name: go-test | |
on: | |
pull_request: | |
pull_request_review: | |
types: ['submitted'] | |
merge_group: | |
push: | |
branches: ['main'] | |
tags: ['v*'] | |
permissions: | |
contents: read | |
jobs: | |
# Status check for all jobs below | |
# This is to allow SKIPPED be considered as SUCCESS | |
status-check-go-test: | |
runs-on: ubuntu-latest | |
if: always() | |
needs: | |
- go-test-resource-hogs | |
- go-test | |
steps: | |
- name: Check status | |
uses: re-actors/alls-green@release/v1 | |
with: | |
allowed-skips: ${{ toJSON(needs) }} | |
jobs: ${{ toJSON(needs) }} | |
# Check we jobs should be ran or skipped | |
skip-check: | |
runs-on: ubuntu-latest | |
# Required permissions | |
permissions: | |
pull-requests: read | |
outputs: | |
changes: ${{ steps.filter.outputs.changes }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: dorny/paths-filter@v3 | |
id: filter | |
with: | |
filters: | | |
changes: | |
- '.github/workflows/go-test.yml' | |
- 'action/**' | |
go-test-resource-hogs: | |
# Run tests that take up a lot of system resources separately | |
runs-on: ubuntu-latest | |
needs: skip-check | |
strategy: | |
matrix: | |
testregex: ['TestLinux', 'TestEdk2', 'TestCoreboot', 'TestStitching', 'TestURoot'] | |
if: ${{ ! (github.event_name == 'pull_request_review' && github.actor != 'github-actions[bot]') && needs.skip-check.outputs.changes == 'true' }} | |
# Skip if pull_request_review on PR not made by a bot | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: stable | |
- name: Install go dependencies | |
run: | | |
cd action | |
go get -d ./... | |
- name: Run go test | |
run: | | |
cd action | |
go test -race -v -timeout 60m -shuffle=on -covermode=atomic -coverprofile coverage.out -run ${{ matrix.testregex }} ./... | |
go-test: | |
# Run all remaining light tests | |
runs-on: ubuntu-latest | |
needs: skip-check | |
if: ${{ ! (github.event_name == 'pull_request_review' && github.actor != 'github-actions[bot]') && needs.skip-check.outputs.changes == 'true' }} | |
# Skip if pull_request_review on PR not made by a bot | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: stable | |
- name: Install go dependencies | |
run: | | |
cd action | |
go get -d ./... | |
- name: Run go test | |
run: | | |
cd action | |
go test -race -v -timeout 60m -shuffle=on -covermode=atomic -coverprofile coverage.out -skip '(TestLinux|TestEdk2|TestCoreboot|TestStitching)' ./... |