Files
runc/.github/workflows/validate.yml
T
dependabot[bot] a04363c1b9 build(deps): bump actions/cache from 3.0.10 to 3.0.11
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.10...v3.0.11)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-14 04:11:15 +00:00

200 lines
5.5 KiB
YAML

name: validate
on:
push:
tags:
- v*
branches:
- main
- release-*
pull_request:
env:
GO_VERSION: 1.19.x
permissions:
contents: read
jobs:
lint:
permissions:
contents: read
pull-requests: read
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- uses: actions/setup-go@v3
with:
go-version: "${{ env.GO_VERSION }}"
- name: install deps
run: |
sudo apt -q update
sudo apt -q install libseccomp-dev
- uses: golangci/golangci-lint-action@v3
with:
version: v1.48
# Extra linters, only checking new code from a pull request.
- name: lint-extra
if: github.event_name == 'pull_request'
run: |
golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 --out-format=github-actions
compile-buildtags:
runs-on: ubuntu-20.04
env:
# Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them.
CGO_CFLAGS: -g -O2 -Werror
steps:
- uses: actions/checkout@v3
- name: install go
uses: actions/setup-go@v3
with:
go-version: "${{ env.GO_VERSION }}"
- name: compile with no build tags
run: make BUILDTAGS=""
codespell:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: install deps
# Version of codespell bundled with Ubuntu is way old, so use pip.
run: pip install codespell
- name: run codespell
run: codespell
shfmt:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: vars
run: |
echo "VERSION=3.3.1" >> $GITHUB_ENV
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
- name: cache go mod and $GOCACHE
uses: actions/cache@v3.0.11
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-shfmt-${{ env.VERSION }}
restore-keys: ${{ runner.os }}-shfmt-
- name: install shfmt
run: |
command -v shfmt || \
(cd ~ && GO111MODULE=on time go get mvdan.cc/sh/v3/cmd/shfmt@v$VERSION)
- name: shfmt
run: make shfmt
shellcheck:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: install shellcheck
env:
VERSION: v0.8.0
BASEURL: https://github.com/koalaman/shellcheck/releases/download
SHA256: f4bce23c11c3919c1b20bcb0f206f6b44c44e26f2bc95f8aa708716095fa0651
run: |
mkdir ~/bin
curl -sSfL --retry 5 $BASEURL/$VERSION/shellcheck-$VERSION.linux.x86_64.tar.xz |
tar xfJ - -C ~/bin --strip 1 shellcheck-$VERSION/shellcheck
sha256sum --strict --check - <<<"$SHA256 *$HOME/bin/shellcheck"
# make sure to remove the old version
sudo rm -f /usr/bin/shellcheck
# Add ~/bin to $PATH.
echo ~/bin >> $GITHUB_PATH
- uses: lumaxis/shellcheck-problem-matchers@v1
- name: run
run: make shellcheck
- name: check-config.sh
run : ./script/check-config.sh
deps:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: install go
uses: actions/setup-go@v3
with:
go-version: "${{ env.GO_VERSION }}"
- name: cache go mod and $GOCACHE
uses: actions/cache@v3.0.11
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go.sum-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go.sum-
- name: verify deps
run: make verify-dependencies
commit:
permissions:
contents: read
pull-requests: read
runs-on: ubuntu-20.04
# Only check commits on pull requests.
if: github.event_name == 'pull_request'
steps:
- name: get pr commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@v1.2.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: check subject line length
uses: tim-actions/commit-message-checker-with-regex@v0.3.1
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}
pattern: '^.{0,72}(\n.*)*$'
error: 'Subject too long (max 72)'
cfmt:
runs-on: ubuntu-20.04
steps:
- name: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: install deps
run: |
sudo apt -qq update
sudo apt -qq install indent
- name: cfmt
run: |
make cfmt
git diff --exit-code
release:
runs-on: ubuntu-20.04
steps:
- name: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: check CHANGELOG.md
run: make verify-changelog
# We have to run this under Docker as Ubuntu (host) does not support all
# the architectures we want to compile test against, and Dockerfile uses
# Debian (which does).
#
# XXX: as currently this is the only job that is using Docker, we are
# building and using the runcimage locally. In case more jobs running
# under Docker will emerge, it will be good to have a separate make
# runcimage job and share its result (the docker image) with whoever
# needs it.
- name: build docker image
run: make runcimage
- name: make releaseall
run: make releaseall
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: release-${{ github.run_id }}
path: release/*