mirror of
https://github.com/tiennm99/miti99bot.git
synced 2026-06-08 18:16:54 +00:00
tiennm99
c07d764aa2
- AWS SAM CloudFormation template for Lambda + DynamoDB + EventBridge - SAM config for us-east-1 deployment with guided parameters - Unified Makefile: build-lambda, dynamodb-local, sam-* targets - GitHub Actions: OIDC trust + SAM deploy on push to main - CI job: add iac stage (sam validate) - .gitignore: build/, bin/, .aws-sam/, samconfig.local.toml
78 lines
2.2 KiB
YAML
78 lines
2.2 KiB
YAML
name: ci
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
go:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
go: ['1.25']
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version: ${{ matrix.go }}
|
|
cache: true
|
|
|
|
- name: go vet
|
|
run: go vet ./...
|
|
|
|
# golangci-lint-action v7 is required for golangci-lint v2.x.
|
|
# Pinning to v2.12.x because our .golangci.yml targets Go 1.25 and
|
|
# earlier v2.x releases were built against go1.24, which the lint
|
|
# config rejects with "Go language version used to build golangci-lint
|
|
# is lower than the targeted Go version".
|
|
- name: golangci-lint
|
|
uses: golangci/golangci-lint-action@v7
|
|
with:
|
|
version: v2.12.2
|
|
|
|
# govulncheck is informational — failures don't block the build because
|
|
# stdlib CVEs surface routinely until the runner image catches up to
|
|
# the latest go-patch release. The signal we care about is dependency
|
|
# vulns, which we react to via go.mod bumps.
|
|
- name: govulncheck
|
|
continue-on-error: true
|
|
run: |
|
|
go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
govulncheck ./...
|
|
|
|
# Firestore emulator step removed: storage_test.go skips gracefully
|
|
# when FIRESTORE_EMULATOR_HOST is unset, and the emulator install
|
|
# adds 30-60s of CI time for tests not yet on the merge-gating path.
|
|
# Re-add when storage-layer changes need emulator coverage in CI.
|
|
- name: go test
|
|
env:
|
|
# Quiet test logs so real failures stand out.
|
|
LOG_LEVEL: error
|
|
run: go test -race -count=1 -coverprofile=cov.out ./...
|
|
|
|
- name: coverage summary
|
|
run: go tool cover -func=cov.out | tail -1
|
|
|
|
- name: go build
|
|
run: go build ./...
|
|
|
|
- name: docker build
|
|
run: docker build -t miti99bot-go .
|
|
|
|
iac:
|
|
name: SAM template validate
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: aws-actions/setup-sam@v2
|
|
with:
|
|
use-installer: true
|
|
- name: sam validate (offline)
|
|
run: sam validate --lint --region ap-southeast-1
|