chore(deps): bump the aws group with 2 updates #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| jobs: | |
| test: | |
| name: test (go ${{ matrix.go }} / ${{ matrix.os }}) | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| go: ["1.25"] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: ${{ matrix.go }} | |
| cache: true | |
| - name: Download modules | |
| run: go mod download | |
| - name: Verify go.mod / go.sum are tidy | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| go mod tidy | |
| git diff --exit-code -- go.mod go.sum | |
| - name: Vet | |
| run: go vet ./... | |
| - name: Build | |
| run: go build ./... | |
| - name: Test (race) | |
| run: go test -race -count=1 -timeout=5m ./... | |
| # Integration tests need service containers (Linux-only in Actions). | |
| # Split out from the matrix so it runs once against a real Postgres + | |
| # MinIO and gates on TEST_* env vars the same way a developer would. | |
| integration: | |
| name: integration (postgres + minio) | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:16 | |
| env: | |
| POSTGRES_USER: vle | |
| POSTGRES_PASSWORD: vle | |
| POSTGRES_DB: vle_test | |
| ports: ["5432:5432"] | |
| options: >- | |
| --health-cmd "pg_isready -U vle -d vle_test" | |
| --health-interval 5s | |
| --health-timeout 5s | |
| --health-retries 10 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: "1.25" | |
| cache: true | |
| # MinIO can't run as a `services:` container because GitHub Actions | |
| # doesn't expose a way to pass the required `server /data` command. | |
| # Start it in a step instead, wait for health, create the bucket. | |
| - name: Start MinIO | |
| run: | | |
| docker run -d --name minio \ | |
| -p 9000:9000 \ | |
| -e MINIO_ROOT_USER=minioadmin \ | |
| -e MINIO_ROOT_PASSWORD=minioadmin \ | |
| quay.io/minio/minio:latest server /data | |
| for i in {1..30}; do | |
| if curl -sf http://localhost:9000/minio/health/live > /dev/null; then | |
| echo "MinIO ready" | |
| break | |
| fi | |
| echo "waiting for MinIO ($i)..." | |
| sleep 2 | |
| done | |
| docker run --rm --network host \ | |
| -e MC_HOST_local=http://minioadmin:minioadmin@localhost:9000 \ | |
| quay.io/minio/mc mb -p local/vle-test | |
| - name: Run integration tests | |
| env: | |
| TEST_DATABASE_URL: postgres://vle:vle@localhost:5432/vle_test?sslmode=disable | |
| TEST_S3_ENDPOINT: http://localhost:9000 | |
| TEST_S3_BUCKET: vle-test | |
| TEST_S3_ACCESS_KEY: minioadmin | |
| TEST_S3_SECRET_KEY: minioadmin | |
| TEST_S3_PATH_STYLE: "true" | |
| TEST_S3_REGION: us-east-1 | |
| run: go test -count=1 -timeout=5m -run 'Integration' ./... | |
| lint: | |
| name: lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version: "1.25" | |
| cache: true | |
| - name: staticcheck | |
| uses: dominikh/staticcheck-action@v1 | |
| with: | |
| version: latest | |
| install-go: false | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v9 | |
| with: | |
| version: latest | |
| args: --timeout=5m | |
| govulncheck: | |
| name: govulncheck | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version: "1.25" | |
| cache: true | |
| - name: Install govulncheck | |
| run: go install golang.org/x/vuln/cmd/govulncheck@latest | |
| - name: Scan | |
| run: govulncheck ./... |