Parwinder/bcda 8414 enable linters #2480
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: BCDA CI Workflow | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - .github/workflows/opt-out-import-* | |
| - optout/** | |
| pull_request: | |
| paths-ignore: | |
| - .github/workflows/opt-out-import-* | |
| - optout/** | |
| env: | |
| COMPOSE_INTERACTIVE_NO_CLI: 1 | |
| VAULT_PW: ${{ secrets.VAULT_PW }} | |
| jobs: | |
| lint: | |
| name: Modules Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Tidy modules | |
| run: | | |
| go mod tidy -v | |
| CHANGES_FOUND=$(git diff-files --quiet) | |
| if [[ "$(CHANGES_FOUND)" == "1" ]]; then | |
| echo "Changes found. Run go mod tidy to clean up modules." | |
| git diff | |
| exit 1 | |
| fi | |
| build: | |
| name: Build and Test | |
| runs-on: ubuntu-latest | |
| env: | |
| DOCKER_BUILDKIT: 1 | |
| COMPOSE_DOCKER_CLI_BUILD: 1 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Decrypt secrets | |
| run: | | |
| echo $VAULT_PW > .vault_password | |
| bash ops/secrets --decrypt | |
| mv -fv shared_files/encrypted/* shared_files/decrypted/ | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Build the stack | |
| run: | | |
| make docker-bootstrap | |
| - name: Run all tests | |
| run: | | |
| make test | |
| - name: Archive code coverage results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: code-coverage-report | |
| path: ./test_results/latest/testcoverage.out | |
| sonar-quality-gate: | |
| name: Sonarqube Quality Gate | |
| needs: build | |
| runs-on: self-hosted | |
| env: | |
| # Workaround until https://jira.cms.gov/browse/PLT-338 is implemented. | |
| ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: "true" | |
| steps: | |
| - name: Download code coverage | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: code-coverage-report | |
| - name: Set env vars from AWS params | |
| uses: cmsgov/ab2d-bcda-dpc-platform/actions/aws-params-env-action@main | |
| env: | |
| AWS_REGION: ${{ vars.AWS_REGION }} | |
| with: | |
| params: | | |
| SONAR_HOST_URL=/sonarqube/url | |
| SONAR_TOKEN=/sonarqube/token | |
| - name: Run quality gate scan | |
| uses: sonarsource/sonarqube-scan-action@master | |
| with: | |
| args: | |
| -Dsonar.projectKey=bcda-aco-api | |
| -Dsonar.sources=. -Dsonar.go.coverage.reportPaths=./test_results/latest/testcoverage.out | |
| -Dsonar.coverage.exclusions=**/*test.go,**/test/**/*,**/testUtils/*,**/scripts/*,**/ops/*,**/mock*.go | |
| -Dsonar.branch.name=${{ github.event.pull_request.head.ref }} -Dsonar.projectVersion=${{ github.event.pull_request.head.sha }} |