From 111716b8afef0ea6103e464bfb48173e36be5748 Mon Sep 17 00:00:00 2001 From: Russel Van Tuyl Date: Sun, 29 Oct 2023 17:20:53 -0400 Subject: [PATCH] Added workflow --- .github/workflows/go.yml | 71 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 .github/workflows/go.yml diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml new file mode 100644 index 0000000..b898f3b --- /dev/null +++ b/.github/workflows/go.yml @@ -0,0 +1,71 @@ +# This workflow will build a golang project +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go + +name: "Merlin Agent Build & Test" + +on: + push: + pull_request: + +jobs: + + build: + name: 'Build Job' + runs-on: ubuntu-latest + steps: + - name: Checkout Repository + id: checkout + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: '1.21' + + - name: 'Build Merlin Agent' + id: build + run: 'make all' + + - name: Install 7zip + id: install_7zip + run: sudo apt-get install p7zip-full + + - name: Package Release + id: package + run: make package-all + + - name: 'Test Merlin Agent' + id: test + run: 'go test ./...' + + - name: GoVulnCheck + id: govulncheck + uses: golang/govulncheck-action@v1 + with: + go-version-input: '1.21' + go-package: './...' + + - name: Gosec Security Scanner + id: gosec + uses: securego/gosec@master + with: + args: '-fmt sarif -out gosec.sarif ./...' + + - name: Upload Gosec SARIF file + id: gosec_upload_sarif + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: gosec.sarif + + - name: Go Report Card - Install + id: goreportcard_install + working-directory: /tmp + run: | + git clone https://github.com/gojp/goreportcard.git + cd goreportcard + make install + go install ./cmd/goreportcard-cli + + - name: Go Report Card - Run + id: goreportcard_run + run: 'goreportcard-cli -v' # This renames the files in the ./rpc directory to *.grc.bak causing builds to fail