chore: last chance for GHA. I'm about to pull the dagger here

Signed-off-by: William Artero <git@artero.dev>
2023-12-06 16:17:03 +01:00 · 2023-12-06 16:17:03 +01:00 · 6c5e904e9d
commit 6c5e904e9d
parent 6cecec1a1c
9 changed files with 61 additions and 16 deletions
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@ -147,15 +147,19 @@ jobs:
    runs-on: ubuntu-latest
    env:
      CONTAINER_LINT_REPORT_FILE: hadolint-report.json
+      GOLANGCI_LINT_REPORT_FILE: golangci-lint-report.json
    steps:
    - name: checkout
      uses: actions/checkout@v3
+
    - name: setup golang
      uses: actions/setup-go@v3
      with:
        go-version: ${{ env.GOLANG_VERSION }}
+
    - name: set golang environment variables
      uses: wwmoraes/actions/golang/env@master
+
    - name: cache modules
      uses: pat-s/always-upload-cache@v2.1.5
      with:
@ -164,8 +168,10 @@ jobs:
        restore-keys: |
          ${{ runner.os }}-modules-${{ hashFiles('go.sum') }}
          ${{ runner.os }}-modules-
+
    - name: download modules
      run: go mod download
+
    - name: cache lint
      uses: pat-s/always-upload-cache@v2.1.5
      with:
@ -174,12 +180,21 @@ jobs:
        restore-keys: |
          ${{ runner.os }}-lint-${{ hashFiles('.golangci.yaml') }}
          ${{ runner.os }}-lint-
-    - name: lint code source
-      uses: wwmoraes/actions/golang/lint@master
-      id: lint
+
+    - name: lint code
+      run: make lint-report
+      env:
+        CONTAINER_LINT_FORMAT: sarif
+        GOLANGCI_LINT_FORMAT: github-actions
+
+    - name: setup reviewdog
+      uses: reviewdog/action-setup@v1
      with:
-        work-dir: ${{ env.WORK_DIR }}
-        version: v1.46-alpine
+        reviewdog_version: latest
+
+    - name: review code
+      run: make review-report
+
    - name: upload code lint report
      uses: actions/upload-artifact@v3
      if: always()
@ -304,6 +319,13 @@ jobs:
        name: coverage-report
        path: ${{ env.GOLANG_COVERAGE_PATH }}

+    - name: touch downloaded reports
+      run: |-
+        ls
+        ls coverage
+        touch -c coverage/run-report.json
+        touch -c coverage/merged.txt
+
    # - name: SonarCloud Scan
    #   uses: sonarsource/sonarcloud-github-action@master
    #   env:
--- a/.golangci.yaml
+++ b/.golangci.yaml
@ -1,3 +1,4 @@
+# cspell:disable
 run:
  modules-download-mode: readonly
  issues-exit-code: 0
--- a/.make/codecov.mk
+++ b/.make/codecov.mk
@ -6,4 +6,4 @@ CODECOV_TOKEN ?=
 codecov-report:
 	$(if $<,,$(error target codecov-report must have a source file as dependency))
 	$(info uploading Codecov report)
-	@${CODECOV} create-report -c -t ${CODECOV_TOKEN} ${CODECOV_FLAGS} -f "$<"
+	@${CODECOV} create-report -c -t ${CODECOV_TOKEN} ${CODECOV_FLAGS} $(addprefix -f ,$^)
--- a/.make/container.mk
+++ b/.make/container.mk
@ -1,8 +1,12 @@
 CONTAINER ?= docker
+CONTAINER_LINT ?= hadolint
 CONTAINER_STRUCTURE_TEST ?= container-structure-test

 CONTAINER_IMAGE ?=
 CONTAINER_STRUCTURE_TEST_FILE ?=
+CONTAINER_LINT_REPORT_FILE ?= hadolint-report.json
+CONTAINER_DOCKERFILE ?= Dockerfile
+CONTAINER_LINT_FORMAT ?= sarif

 ## https://github.com/moby/moby/issues/46129
 container-image: OTEL_EXPORTER_OTLP_ENDPOINT=
@ -21,3 +25,13 @@ container-image:

 container-test: ${CONTAINER_STRUCTURE_TEST_FILE}
 	@${CONTAINER_STRUCTURE_TEST} test -c "$<" -i "${CONTAINER_IMAGE}"
+
+container-lint: ${CONTAINER_DOCKERFILE}
+	$(info linting container source $<)
+	@${CONTAINER_LINT} $<
+
+container-lint-report: ${CONTAINER_LINT_REPORT_FILE}
+
+${CONTAINER_LINT_REPORT_FILE}: ${CONTAINER_DOCKERFILE}
+	$(info generating lint report of container source $<)
+	@${CONTAINER_LINT} -f ${CONTAINER_LINT_FORMAT} $< > $@
--- a/.make/golangci-lint.mk
+++ b/.make/golangci-lint.mk
@ -1,12 +1,17 @@
 GO ?= go
 GOLANGCI_LINT ?= golangci-lint
-GOLANGCI_LINT_REPORT_FILE ?= golangci-lint-report.xml
+GOLANGCI_LINT_REPORT_FILE ?= golangci-lint-report.json
+GOLANGCI_LINT_FORMAT ?= json

 GOLANGCI_LINT_SOURCE_FILES ?= $(shell ${GO} list -f '{{ range .GoFiles }}{{ printf "%s/%s\n" $$.Dir . }}{{ end }}' ./...)

 .PHONY: golang-lint
-golang-lint: ${GOLANGCI_LINT_REPORT_FILE}
+golang-lint:
+	$(info linting go source)
 	@${GOLANGCI_LINT} run

+golang-lint-report: ${GOLANGCI_LINT_REPORT_FILE}
+
 ${GOLANGCI_LINT_REPORT_FILE}: ${GOLANGCI_LINT_SOURCE_FILES}
-	@${GOLANGCI_LINT} run --out-format checkstyle > $@
+	$(info generating lint report of go source)
+	@${GOLANGCI_LINT} run --out-format json > $@
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,3 +1,4 @@
+# cspell:disable
 ## See https://pre-commit.com for more information
 ## See https://pre-commit.com/hooks.html for more hooks
 repos:
--- a/5
+++ b/5
@ -33,7 +33,10 @@ release: golang-release
 test: golang-test

 .PHONY: lint
-lint: golang-lint
+lint: golang-lint container-lint
+
+.PHONY: lint-report
+lint-report: golang-lint-report container-lint-report

 .PHONY: coverage
 coverage: golang-coverage
--- a/container-structure-test.yaml
+++ b/container-structure-test.yaml
@ -1,14 +1,12 @@
+# cspell:disable
+
 schemaVersion: "2.0.0"
 fileExistenceTests:
  - name: handler binary
    path: /usr/local/bin/handler
    shouldExist: true
-    ## Docker and Podman differ on how they handle the ownership of binaries.
-    ## Docker retains the source UID and GID; Podman ignores it, and reports the
-    ## active UID:GID as per the last USER directive
-    ## TODO fix binary owership
-    # gid: 0
-    # uid: 0
+    gid: 0
+    uid: 0
    permissions: -rwxr-xr-x
    isExecutableBy: any

--- a/cspell.config.yaml
+++ b/cspell.config.yaml
@ -42,6 +42,7 @@ words:
  - promhttp
  - promql
  - pyroscope
+  - radarr
  - redisotel
  - riandyrn
  - romaji