add GH action workflows #80
Conversation
- dependabot to keep dependencies up to date - PR workflow to run tests and lint fix: linter findings Signed-off-by: Sandor Szücs <[email protected]>
Signed-off-by: Sandor Szücs <[email protected]>
|
👍 |
| @@ -0,0 +1,43 @@ | |||
| name: pr | |||
| on: [ pull_request ] | |||
There was a problem hiding this comment.
shouldn't this be [ push ] to compile on any new commit?
There was a problem hiding this comment.
It updates on each push but online if there's an open pr
| check-race: | ||
| runs-on: ubuntu-latest | ||
| steps: |
There was a problem hiding this comment.
why do you propose to test two times: with and without -race?
There was a problem hiding this comment.
Race takes significant longer and that's why it makes sense to break out.
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 | ||
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 |
There was a problem hiding this comment.
Why not just an official release version instead of an unclear commit?
uses: actions/checkout@v3
uses: actions/setup-go@v3
There was a problem hiding this comment.
for security reasons. Usage of v3 opens up possibility for script injections into CI/CD. +1 for commit usage in Zalando context.
| @@ -21,14 +21,18 @@ var AccessTuples []AccessTuple | |||
| // AccessTuple is the type defined for use in AccessTuples. | |||
| type AccessTuple struct { | |||
| Realm string `yaml:"realm,omitempty"` // p.e. "employees", "services" | |||
| Uid string `yaml:"uid,omitempty"` // UnixName | |||
| Cn string `yaml:"cn,omitempty"` // RealName | |||
| //lint:ignore ST1003 public interface | |||
There was a problem hiding this comment.
I think that disabling is setting a bad example here? Better to fix the linter violations here.
There was a problem hiding this comment.
That would be a breaking change
| - run: go vet ./github ./google ./zalando | ||
| - run: go test ./... | ||
| - run: go install honnef.co/go/tools/cmd/staticcheck@latest | ||
| - run: staticcheck -checks "all" ./github ./google ./zalando |
There was a problem hiding this comment.
Should the staticcheck be in own step. You can use the action from dominikh/staticcheck-action@xxx
|
👍 |
1 similar comment
|
👍 |
|
👍 |
| if si, ok := data["error_description"]; ok { | ||
| s, ok := si.(string) | ||
| if !ok { | ||
| s = "" |
There was a problem hiding this comment.
Do you expect this line to be executed? If yes, why is it okay to ignore data["error_description"]?
|
👍 |
add GH action workflows:
fix: linter findings