forked from cert-manager/cert-manager
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initially we enable only the gosec linter and only check G112 because that has been addressed in cert-manager#6534. Signed-off-by: Richard Wall <richard.wall@venafi.com>
- Loading branch information
Showing
2 changed files
with
64 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: golangci-lint | ||
on: | ||
push: | ||
branches: | ||
- master | ||
pull_request: | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
golangci: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/setup-go@v4 | ||
with: | ||
go-version-file: go.mod | ||
# setup-go v4 uses cache automatically, which conflicts with golangci-lint's cache. | ||
# See https://github.com/golangci/golangci-lint-action/pull/704 | ||
cache: false | ||
# A workspace file is needed for golangci-lint to check the sub-modules. | ||
# https://github.com/golangci/golangci-lint-action/issues/544 | ||
- run: make go-workspace | ||
# Work around missing go:embed file which causes a typecheck error. | ||
# https://github.com/golangci/golangci-lint/issues/2912 | ||
- run: touch test/integration/versionchecker/testdata/test_manifests.tar | ||
# To check sub-modules, you need to supply their paths as positional arguments. | ||
# This step finds the paths and adds them to a variable which is used | ||
# later in the args value. | ||
# https://github.com/golangci/golangci-lint/issues/828 | ||
- name: find-go-modules | ||
id: find-go-modules | ||
run: | | ||
find . -type f -name 'go.mod' -printf '%h/...\n' \ | ||
| jq -r -R -s 'split("\n")[:-1] | sort | join(" ") | "GO_MODULES=\(.)"' \ | ||
>> "$GITHUB_OUTPUT" | ||
- uses: golangci/golangci-lint-action@v3 | ||
with: | ||
version: v1.55.2 | ||
args: --timeout=30m --config=.golangci.ci.yaml ${{ steps.find-go-modules.outputs.GO_MODULES }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# This golangci-lint configuration is for use in CI. | ||
# It has a non-standard filename so that maintainers can still easily run the | ||
# full `golangci-lint` suite locally on their laptops. | ||
# This configuration limits golangci-lint to check only for those issues that | ||
# have already been fixed. to allow us to incrementally fix the remaining | ||
# issues. | ||
# Please contribute small PRs where a new linter is added or a particular | ||
# exclude is removed in the first commit, wait for golangci-lint-action to | ||
# report the issues and then fix those issues in a subsequent commit. | ||
linters: | ||
disable-all: true | ||
enable: | ||
- gosec | ||
issues: | ||
exclude-rules: | ||
# Exclude some linters from running on tests files. | ||
- path: _test\.go | ||
linters: | ||
- gosec | ||
# Ignore some of the gosec warnings until we have time to address them. | ||
- linters: | ||
- gosec | ||
text: "G(101|107|204|306|402|404|501|505|601)" |