Harden single-node operations with ACL, merge, and backup fixes. #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| lint-and-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.26' | |
| - name: Module verify | |
| run: go mod verify | |
| - name: Vet | |
| run: go vet ./... | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v7 | |
| with: | |
| version: v2.2.0 | |
| install-mode: goinstall | |
| - name: Test with coverage | |
| run: go test -v -race -coverprofile=coverage.out -covermode=atomic ./... | |
| - name: Upload coverage | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage | |
| path: coverage.out | |
| - name: Build | |
| run: | | |
| go build -o gitant ./cmd/gitant/ | |
| go build -o git-remote-gitant ./cmd/git-remote-gitant/ | |
| - name: Security scan (govulncheck) | |
| continue-on-error: true | |
| run: | | |
| go install golang.org/x/vuln/cmd/govulncheck@latest | |
| govulncheck ./... | |
| docker: | |
| runs-on: ubuntu-latest | |
| needs: lint-and-test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build Docker image | |
| run: docker build -t gitant:latest . | |
| - name: Smoke test container | |
| run: | | |
| docker run -d --name gitant-test -p 7777:7777 gitant:latest serve | |
| sleep 3 | |
| curl -f http://localhost:7777/health || (docker logs gitant-test && exit 1) | |
| docker stop gitant-test |