mirrors/git-get
6
0
Fork 0
mirror of https://github.com/grdl/git-get.git synced 2026-02-04 12:46:46 +00:00
Code Activity

Clean up Github workflows

Browse Source
This commit is contained in:
Grzegorz Dlugoszewski
2025-08-24 20:40:12 +02:00
parent 42df73c75e
commit 1b8c05dd92
4 changed files with 3 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.github/dependabot.yml vendored
View File

@@ -1,39 +0,0 @@
version: 2
updates:
# Go modules
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
time: "09:00"
open-pull-requests-limit: 5
reviewers:
- "grdl"
assignees:
- "grdl"
commit-message:
prefix: "deps"
include: "scope"
labels:
- "dependencies"
- "go"
# GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
time: "09:00"
open-pull-requests-limit: 3
reviewers:
- "grdl"
assignees:
- "grdl"
commit-message:
prefix: "ci"
include: "scope"
labels:
- "dependencies"
- "github-actions"

29
.github/workflows/ci.yml vendored
View File

@@ -5,6 +5,7 @@ on:
branches: [master, main]
pull_request:
branches: [master, main]
workflow_call:
permissions:
contents: read
@@ -66,31 +67,3 @@ jobs:
version: v2.4.0
args: --timeout=5m
security:
name: Security
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v5
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.24'
cache: true
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: 'trivy-results.sarif'

46
.github/workflows/codeql.yml vendored
View File

@@ -1,46 +0,0 @@
name: "CodeQL Security Analysis"
on:
push:
branches: [master, main]
pull_request:
branches: [master, main]
schedule:
- cron: '30 2 * * 1' # Run weekly on Mondays at 2:30 AM UTC
permissions:
actions: read
contents: read
security-events: write
jobs:
analyze:
name: Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 360
strategy:
fail-fast: false
matrix:
include:
- language: go
build-mode: autobuild
steps:
- name: Checkout repository
uses: actions/checkout@v5
with:
fetch-depth: 2
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
# Enable additional security-and-quality query pack
queries: +security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"

43
.github/workflows/release.yml vendored
View File

@@ -10,47 +10,8 @@ permissions:
security-events: write
jobs:
validate:
name: Validate Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.24'
cache: true
- name: Download dependencies
run: go mod download
- name: Verify dependencies
run: go mod verify
- name: Set up Git (for tests)
run: |
git config --global user.email "test@example.com"
git config --global user.name "CI Test"
- name: Run tests
run: go test -race ./...
- name: Run lints
uses: golangci/golangci-lint-action@v8
with:
version: v2.4.0
args: --timeout=5m
- name: Validate GoReleaser config
uses: goreleaser/goreleaser-action@v6
with:
version: latest
args: check
build-and-test:
uses: ./.github/workflows/ci.yml
release:
name: GoReleaser