ci: add workflows to run lint, test and vulnerability check tasks

Signed-off-by: VirtualTam <[email protected]>
virtualtam · Nov 5, 2024 · 60152c4 · 60152c4
1 parent a1941bb
commit 60152c4
Show file tree

Hide file tree

Showing 5 changed files with 96 additions and 1 deletion.
diff --git a/.editorconfig b/.editorconfig
@@ -12,6 +12,10 @@ indent_size = 4
 indent_style = tab
 tab_width = 4
 
+[*.{yaml,yml}]
+indent_style = space
+indent_size = 2
+
 [Makefile]
 indent_style = tab
 tab_width = 4

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -0,0 +1,42 @@
+---
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+  pull_request: {}
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Lint
+        uses: golangci/golangci-lint-action@v6
+        with:
+          args: --timeout=10m
+          version: "v1.58"
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Test
+        run: make cover
diff --git a/.github/workflows/copywrite.yaml b/.github/workflows/copywrite.yaml
@@ -0,0 +1,23 @@
+---
+name: Copywrite
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+  pull_request: {}
+
+jobs:
+  copywrite:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install copywrite
+        uses: hashicorp/[email protected]
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Validate license header compliance
+        run: copywrite headers --plan
diff --git a/.github/workflows/vulncheck.yaml b/.github/workflows/vulncheck.yaml
@@ -0,0 +1,24 @@
+---
+name: Vulnerabilities
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - v*
+  pull_request: {}
+
+jobs:
+  vulnerabilities:
+    runs-on: ubuntu-latest
+    steps:
+      - name: vulncheck
+        id: govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          # The setup-go action does not necessarily use the latest Go patch release.
+          # As such, this job may fail due to vulnerabilities present in previous
+          # patch releases (including the one used by the setup-go action).
+          # See https://github.com/actions/setup-go/issues/407
+          go-version-file: go.mod
diff --git a/README.md b/README.md
@@ -1,4 +1,6 @@
-# opml-go - Parse and export OPML files
+# opml-go - Parse and export OPML outline files
+
+<img src="https://github.com/virtualtam/opml-go/actions/workflows/ci.yml/badge.svg?branch=main" alt="Continuous integration workflow status">
 
 `opml-go` provides a library to marshal and unmarshal outlines using the
 [Outline Processor Markup Language (OPML)](https://opml.org/spec2.opml) 2.0 format.