gosec/.github/workflows/ci.yml

name: CI
on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master
jobs:
  test:
    strategy:
      matrix:
        go_version:
          - '1.18.7' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
          - '1.19.2' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
    runs-on: ubuntu-latest
    env:
      GO111MODULE: on
    steps:
      - name: Setup go ${{ matrix.go_version }} 
        uses: actions/setup-go@v3
        with:
          go-version: ${{ matrix.go_version }}
      - name: Checkout Source 
        uses: actions/checkout@v3
      - uses: actions/cache@v3
        with:
          path: ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-            
      - name: lint
        uses: golangci/golangci-lint-action@v3
        with:
          version: latest
      - name: Run Tests
        run: make test
  coverage:
    needs: [test]
    runs-on: ubuntu-latest
    env:
      GO111MODULE: on
    steps:
      - name: Setup go
        uses: actions/setup-go@v3
        with:
          go-version: '1.19.2' # TODO: remove this once actions/setup-go@v3 uses latest as latest; see https://github.com/securego/gosec/pull/880
      - name: Checkout Source 
        uses: actions/checkout@v3
      - uses: actions/cache@v3
        with:
          path: ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-            
      - name: Create Test Coverage
        run: make test-coverage
      - name: Upload Test Coverage
        uses: codecov/codecov-action@v3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          fail_ci_if_error: true