Revert the container-based run; add GO linter instead of CodeQL
This commit is contained in:
parent
f82db99d62
commit
356026e818
|
@ -10,6 +10,13 @@ on:
|
||||||
# At 01:37 every Thursday. Details in https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#schedule
|
# At 01:37 every Thursday. Details in https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#schedule
|
||||||
- cron: '37 1 * * 4'
|
- cron: '37 1 * * 4'
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
# Optional: allow write access to checks to allow the action to annotate code in the PR.
|
||||||
|
checks: write
|
||||||
|
|
||||||
|
env:
|
||||||
|
GO_VERSION: stable
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
create-matrix:
|
create-matrix:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -23,15 +30,11 @@ jobs:
|
||||||
outputs:
|
outputs:
|
||||||
matrix: ${{ steps.set-matrix.outputs.languages }}
|
matrix: ${{ steps.set-matrix.outputs.languages }}
|
||||||
|
|
||||||
analyze:
|
code-ql:
|
||||||
name: Analyze
|
name: CodeQL
|
||||||
needs: create-matrix
|
needs: create-matrix
|
||||||
if: ${{ needs.create-matrix.outputs.matrix != '[]' && github.repository == 'photoview/photoview' }}
|
if: ${{ needs.create-matrix.outputs.matrix != '[]' && github.repository == 'photoview/photoview' }}
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
|
||||||
image: ${{ ( matrix.language == 'go' && 'golang:1.23-bookworm' ) || ( matrix.language == 'javascript' && 'node:18' ) || 'null' }}
|
|
||||||
volumes:
|
|
||||||
- /opt/hostedtoolcache:/opt/hostedtoolcache
|
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
|
@ -40,41 +43,6 @@ jobs:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Install GO build dependencies
|
|
||||||
if: ${{ matrix.language == 'go' }}
|
|
||||||
working-directory: ./api
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
rm -rf /opt/hostedtoolcache/* # free up some space
|
|
||||||
git config --global --add safe.directory /__w/photoview/photoview
|
|
||||||
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
|
|
||||||
ARCH=$(uname -m)
|
|
||||||
case "$ARCH" in
|
|
||||||
x86_64) ARCH="amd64" ;;
|
|
||||||
aarch64) ARCH="arm64" ;;
|
|
||||||
armv6l) ARCH="arm/v6" ;;
|
|
||||||
armv7l) ARCH="arm/v7" ;;
|
|
||||||
*) echo "Unsupported architecture: $ARCH"; exit 1 ;;
|
|
||||||
esac
|
|
||||||
export TARGETPLATFORM="$OS/$ARCH"
|
|
||||||
echo "Platform is ${TARGETPLATFORM}"
|
|
||||||
export GOPATH="/go"
|
|
||||||
export PATH="${GOPATH}/bin:${PATH}"
|
|
||||||
export CGO_ENABLED=1
|
|
||||||
. ../scripts/set_compiler_env.sh
|
|
||||||
# Comment out the last line with 'apt-get install -y reflex sqlite3'
|
|
||||||
sed -i '$ s/^/#/' ../scripts/install_build_dependencies.sh
|
|
||||||
chmod +x ../scripts/*.sh
|
|
||||||
../scripts/install_build_dependencies.sh
|
|
||||||
apt-get install -y file
|
|
||||||
echo "<<< Dependencies installed >>>"
|
|
||||||
go env
|
|
||||||
go mod download
|
|
||||||
# Patch go-face
|
|
||||||
sed -i 's/-march=native//g' ${GOPATH}/pkg/mod/github.com/!kagami/go-face*/face.go
|
|
||||||
# Build dependencies that use CGO
|
|
||||||
go install github.com/mattn/go-sqlite3 github.com/Kagami/go-face
|
|
||||||
|
|
||||||
# Initializes the CodeQL tools for scanning.
|
# Initializes the CodeQL tools for scanning.
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v3
|
uses: github/codeql-action/init@v3
|
||||||
|
@ -95,6 +63,28 @@ jobs:
|
||||||
with:
|
with:
|
||||||
category: "/language:${{ matrix.language }}"
|
category: "/language:${{ matrix.language }}"
|
||||||
|
|
||||||
|
golang-lint:
|
||||||
|
name: GOlangCI Lint
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Get GO version from `go.mod`
|
||||||
|
run: |
|
||||||
|
echo "GO_VERSION=$(grep '^go ' ./api/go.mod | awk '{print $2}')" >> "$GITHUB_ENV"
|
||||||
|
|
||||||
|
- name: Setup GO
|
||||||
|
uses: actions/setup-go@v5
|
||||||
|
with:
|
||||||
|
go-version: ${{ env.GO_VERSION }}
|
||||||
|
|
||||||
|
- name: golangci-lint
|
||||||
|
uses: golangci/golangci-lint-action@v6
|
||||||
|
with:
|
||||||
|
version: latest
|
||||||
|
working-directory: ./api
|
||||||
|
|
||||||
anchore:
|
anchore:
|
||||||
name: Anchore scan code dependencies
|
name: Anchore scan code dependencies
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
|
@ -0,0 +1,263 @@
|
||||||
|
# Options for analysis running.
|
||||||
|
run:
|
||||||
|
# Number of operating system threads (`GOMAXPROCS`) that can execute golangci-lint simultaneously.
|
||||||
|
# If it is explicitly set to 0 (i.e. not the default) then golangci-lint will automatically set the value to match Linux container CPU quota.
|
||||||
|
# Default: the number of logical CPUs in the machine
|
||||||
|
#concurrency: 4
|
||||||
|
# Timeout for analysis, e.g. 30s, 5m.
|
||||||
|
# Default: 1m
|
||||||
|
#timeout: 5m
|
||||||
|
# Exit code when at least one issue was found.
|
||||||
|
# Default: 1
|
||||||
|
#issues-exit-code: 2
|
||||||
|
# Include test files or not.
|
||||||
|
# Default: true
|
||||||
|
tests: false
|
||||||
|
# List of build tags, all linters use it.
|
||||||
|
# Default: []
|
||||||
|
#build-tags:
|
||||||
|
# - mytag
|
||||||
|
# If set, we pass it to "go list -mod={option}". From "go help modules":
|
||||||
|
# If invoked with -mod=readonly, the go command is disallowed from the implicit
|
||||||
|
# automatic updating of go.mod described above. Instead, it fails when any changes
|
||||||
|
# to go.mod are needed. This setting is most useful to check that go.mod does
|
||||||
|
# not need updates, such as in a continuous integration and testing system.
|
||||||
|
# If invoked with -mod=vendor, the go command assumes that the vendor
|
||||||
|
# directory holds the correct copies of dependencies and ignores
|
||||||
|
# the dependency descriptions in go.mod.
|
||||||
|
#
|
||||||
|
# Allowed values: readonly|vendor|mod
|
||||||
|
# Default: ""
|
||||||
|
#modules-download-mode: readonly
|
||||||
|
# Allow multiple parallel golangci-lint instances running.
|
||||||
|
# If false, golangci-lint acquires file lock on start.
|
||||||
|
# Default: false
|
||||||
|
allow-parallel-runners: true
|
||||||
|
# Allow multiple golangci-lint instances running, but serialize them around a lock.
|
||||||
|
# If false, golangci-lint exits with an error if it fails to acquire file lock on start.
|
||||||
|
# Default: false
|
||||||
|
allow-serial-runners: true
|
||||||
|
# Define the Go version limit.
|
||||||
|
# Mainly related to generics support since go1.18.
|
||||||
|
# Default: use Go version from the go.mod file, fallback on the env var `GOVERSION`, fallback on 1.17
|
||||||
|
#go: '1.19'
|
||||||
|
|
||||||
|
# output configuration options
|
||||||
|
output:
|
||||||
|
# The formats used to render issues.
|
||||||
|
# Formats:
|
||||||
|
# - `colored-line-number`
|
||||||
|
# - `line-number`
|
||||||
|
# - `json`
|
||||||
|
# - `colored-tab`
|
||||||
|
# - `tab`
|
||||||
|
# - `html`
|
||||||
|
# - `checkstyle`
|
||||||
|
# - `code-climate`
|
||||||
|
# - `junit-xml`
|
||||||
|
# - `github-actions`
|
||||||
|
# - `teamcity`
|
||||||
|
# - `sarif`
|
||||||
|
# Output path can be either `stdout`, `stderr` or path to the file to write to.
|
||||||
|
#
|
||||||
|
# For the CLI flag (`--out-format`), multiple formats can be specified by separating them by comma.
|
||||||
|
# The output can be specified for each of them by separating format name and path by colon symbol.
|
||||||
|
# Example: "--out-format=checkstyle:report.xml,json:stdout,colored-line-number"
|
||||||
|
# The CLI flag (`--out-format`) override the configuration file.
|
||||||
|
#
|
||||||
|
# Default:
|
||||||
|
# formats:
|
||||||
|
# - format: colored-line-number
|
||||||
|
# path: stdout
|
||||||
|
formats:
|
||||||
|
- format: junit-xml
|
||||||
|
path: golang-lint.xml
|
||||||
|
- format: sarif
|
||||||
|
path: golang-lint.sarif
|
||||||
|
- format: github-actions
|
||||||
|
# Print lines of code with issue.
|
||||||
|
# Default: true
|
||||||
|
#print-issued-lines: false
|
||||||
|
# Print linter name in the end of issue text.
|
||||||
|
# Default: true
|
||||||
|
#print-linter-name: false
|
||||||
|
# Make issues output unique by line.
|
||||||
|
# Default: true
|
||||||
|
#uniq-by-line: false
|
||||||
|
# Add a prefix to the output file references.
|
||||||
|
# Default: ""
|
||||||
|
#path-prefix: ""
|
||||||
|
# Sort results by the order defined in `sort-order`.
|
||||||
|
# Default: false
|
||||||
|
sort-results: true
|
||||||
|
# Order to use when sorting results.
|
||||||
|
# Require `sort-results` to `true`.
|
||||||
|
# Possible values: `file`, `linter`, and `severity`.
|
||||||
|
#
|
||||||
|
# If the severity values are inside the following list, they are ordered in this order:
|
||||||
|
# 1. error
|
||||||
|
# 2. warning
|
||||||
|
# 3. high
|
||||||
|
# 4. medium
|
||||||
|
# 5. low
|
||||||
|
# Either they are sorted alphabetically.
|
||||||
|
#
|
||||||
|
# Default: ["file"]
|
||||||
|
sort-order:
|
||||||
|
- linter
|
||||||
|
- severity
|
||||||
|
- file # filepath, line, and column.
|
||||||
|
# Show statistics per linter.
|
||||||
|
# Default: false
|
||||||
|
show-stats: true
|
||||||
|
|
||||||
|
linters:
|
||||||
|
# Disable all linters.
|
||||||
|
# Default: false
|
||||||
|
#disable-all: true
|
||||||
|
# Enable specific linter
|
||||||
|
# https://golangci-lint.run/usage/linters/#enabled-by-default
|
||||||
|
enable:
|
||||||
|
- asasalint
|
||||||
|
- asciicheck
|
||||||
|
- bidichk
|
||||||
|
- bodyclose
|
||||||
|
- canonicalheader
|
||||||
|
- containedctx
|
||||||
|
- contextcheck
|
||||||
|
- copyloopvar
|
||||||
|
- cyclop
|
||||||
|
- decorder
|
||||||
|
- depguard
|
||||||
|
- dogsled
|
||||||
|
- dupl
|
||||||
|
- dupword
|
||||||
|
- durationcheck
|
||||||
|
- err113
|
||||||
|
- errcheck
|
||||||
|
- errchkjson
|
||||||
|
- errname
|
||||||
|
- errorlint
|
||||||
|
- execinquery
|
||||||
|
- exhaustive
|
||||||
|
- exhaustruct
|
||||||
|
- exportloopref
|
||||||
|
- fatcontext
|
||||||
|
- forbidigo
|
||||||
|
- forcetypeassert
|
||||||
|
- funlen
|
||||||
|
- gci
|
||||||
|
- ginkgolinter
|
||||||
|
- gocheckcompilerdirectives
|
||||||
|
- gochecknoglobals
|
||||||
|
- gochecknoinits
|
||||||
|
- gochecksumtype
|
||||||
|
- gocognit
|
||||||
|
- goconst
|
||||||
|
- gocritic
|
||||||
|
- gocyclo
|
||||||
|
- godot
|
||||||
|
- godox
|
||||||
|
- gofmt
|
||||||
|
- gofumpt
|
||||||
|
- goheader
|
||||||
|
- goimports
|
||||||
|
- gomoddirectives
|
||||||
|
- gomodguard
|
||||||
|
- goprintffuncname
|
||||||
|
- gosec
|
||||||
|
- gosimple
|
||||||
|
- gosmopolitan
|
||||||
|
- govet
|
||||||
|
- grouper
|
||||||
|
- importas
|
||||||
|
- inamedparam
|
||||||
|
- ineffassign
|
||||||
|
- interfacebloat
|
||||||
|
- intrange
|
||||||
|
- ireturn
|
||||||
|
- lll
|
||||||
|
- loggercheck
|
||||||
|
- maintidx
|
||||||
|
- makezero
|
||||||
|
- mirror
|
||||||
|
- misspell
|
||||||
|
- mnd
|
||||||
|
- musttag
|
||||||
|
- nakedret
|
||||||
|
- nestif
|
||||||
|
- nilerr
|
||||||
|
- nilnil
|
||||||
|
- nlreturn
|
||||||
|
- noctx
|
||||||
|
- nolintlint
|
||||||
|
- nonamedreturns
|
||||||
|
- nosprintfhostport
|
||||||
|
- paralleltest
|
||||||
|
- perfsprint
|
||||||
|
- prealloc
|
||||||
|
- predeclared
|
||||||
|
- promlinter
|
||||||
|
- protogetter
|
||||||
|
- reassign
|
||||||
|
- revive
|
||||||
|
- rowserrcheck
|
||||||
|
- sloglint
|
||||||
|
- spancheck
|
||||||
|
- sqlclosecheck
|
||||||
|
- staticcheck
|
||||||
|
- stylecheck
|
||||||
|
- tagalign
|
||||||
|
- tagliatelle
|
||||||
|
- tenv
|
||||||
|
- testableexamples
|
||||||
|
- testifylint
|
||||||
|
- testpackage
|
||||||
|
- thelper
|
||||||
|
- tparallel
|
||||||
|
- typecheck
|
||||||
|
- unconvert
|
||||||
|
- unparam
|
||||||
|
- unused
|
||||||
|
- usestdlibvars
|
||||||
|
- varnamelen
|
||||||
|
- wastedassign
|
||||||
|
- whitespace
|
||||||
|
- wrapcheck
|
||||||
|
- wsl
|
||||||
|
- zerologlint
|
||||||
|
# Enable all available linters.
|
||||||
|
# Default: false
|
||||||
|
#enable-all: true
|
||||||
|
# Disable specific linter
|
||||||
|
# https://golangci-lint.run/usage/linters/#disabled-by-default
|
||||||
|
disable:
|
||||||
|
- deadcode # Deprecated
|
||||||
|
- exhaustivestruct # Deprecated
|
||||||
|
- golint # Deprecated
|
||||||
|
- ifshort # Deprecated
|
||||||
|
- interfacer # Deprecated
|
||||||
|
- maligned # Deprecated
|
||||||
|
- gomnd # Deprecated
|
||||||
|
- nosnakecase # Deprecated
|
||||||
|
- scopelint # Deprecated
|
||||||
|
- structcheck # Deprecated
|
||||||
|
- varcheck # Deprecated
|
||||||
|
# Enable presets.
|
||||||
|
# https://golangci-lint.run/usage/linters
|
||||||
|
# Default: []
|
||||||
|
presets:
|
||||||
|
- bugs
|
||||||
|
- comment
|
||||||
|
- complexity
|
||||||
|
- error
|
||||||
|
- format
|
||||||
|
- import
|
||||||
|
- metalinter
|
||||||
|
- module
|
||||||
|
- performance
|
||||||
|
- sql
|
||||||
|
- style
|
||||||
|
# Enable only fast linters from enabled linters set (first run won't be fast)
|
||||||
|
# Default: false
|
||||||
|
fast: true
|
Loading…
Reference in New Issue