name: CI Workflow on: pull_request: workflow_dispatch: push: branches: - main env: GO_VERSION: "1.25" CODE_COVERAGE_FILE_NAME: "coverage.out" # must be the same as in Makefile CODE_COVERAGE_ARTIFACT_NAME: "code-coverage" jobs: main: name: CI runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Build uses: ./.github/actions/build with: go-version: ${{ env.GO_VERSION }} - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: terraform_wrapper: false - name: "Ensure docs are up-to-date" if: ${{ github.event_name == 'pull_request' }} run: ./scripts/check-docs.sh continue-on-error: true - name: "Run go mod tidy" if: ${{ github.event_name == 'pull_request' }} run: go mod tidy - name: golangci-lint uses: golangci/golangci-lint-action@v9 with: version: v2.7 args: --config=golang-ci.yaml --allow-parallel-runners --timeout=5m - name: Lint run: make lint - name: Test run: make test - name: Archive code coverage results uses: actions/upload-artifact@v4 with: name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} path: "stackit/${{ env.CODE_COVERAGE_FILE_NAME }}" config: name: Check GoReleaser config if: github.event_name == 'pull_request' runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Check GoReleaser uses: goreleaser/goreleaser-action@v6 with: args: check code_coverage: name: "Code coverage report" if: github.event_name == 'pull_request' # Do not run when workflow is triggered by push to main branch runs-on: ubuntu-latest needs: main permissions: contents: read actions: read # to download code coverage results from "main" job pull-requests: write # write permission needed to comment on PR steps: - name: Check new code coverage uses: fgrosse/go-coverage-report@v1.2.0 continue-on-error: true # Add this line to prevent pipeline failures in forks with: coverage-artifact-name: ${{ env.CODE_COVERAGE_ARTIFACT_NAME }} coverage-file-name: ${{ env.CODE_COVERAGE_FILE_NAME }} root-package: 'github.com/stackitcloud/terraform-provider-stackit'