diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/build-and-test.yaml | 45 | ||||
| -rw-r--r-- | .github/workflows/update-deps.yaml | 62 |
2 files changed, 107 insertions, 0 deletions
diff --git a/.github/workflows/build-and-test.yaml b/.github/workflows/build-and-test.yaml new file mode 100644 index 0000000..75d4785 --- /dev/null +++ b/.github/workflows/build-and-test.yaml @@ -0,0 +1,45 @@ +name: Build and deploy +env: + GO_VERSION: 1.21.6 +on: + workflow_dispatch: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + test: + strategy: + matrix: + go-version: [ ${{ env.GO_VERSION }} ] + os: [ ubuntu-20.04 ] + runs-on: ${{ matrix.os }} + + name: lint, test, and build + steps: + - name: Check out code into the Go module directory + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: ${{ env.GO_VERSION }} + id: go + + - name: Check for CRLF endings + uses: erclu/check-crlf@v1 + + - name: All tests + run: go test -v ./... + + - name: Vet + run: go vet ./... + + - name: Staticcheck + uses: dominikh/[email protected] + with: + install-go: false + version: "latest"
\ No newline at end of file diff --git a/.github/workflows/update-deps.yaml b/.github/workflows/update-deps.yaml new file mode 100644 index 0000000..d53d59f --- /dev/null +++ b/.github/workflows/update-deps.yaml @@ -0,0 +1,62 @@ +name: Update Dependencies +env: + GO_VERSION: 1.21.6 + +on: + workflow_dispatch: + schedule: + - cron: "0 14 * * 1" # 2pm cest, weekly on Monday + +jobs: + dep_update: + runs-on: ubuntu-latest + timeout-minutes: 10 + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Install Go + uses: actions/setup-go@v4 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Update minor and patch-level dependencies + run: go get -t -u ./... + + - name: Tidy + run: go mod tidy + + - name: Create pull request + uses: peter-evans/create-pull-request@v4 + with: + title: "Update package dependencies + tidy" + body: | + This is a change initiated automatically on a weekly basis by a + GitHub Action that updates the projects dependencies to their latest + minor and patch-level versions. This lets us stay up to date + incrementally so that updates are less effort to get merged compared + to large monolithic updates, and gets us security updates more + expediently. + + If the build passes, you are probably A-OK to merge and deploy this. + If not, try to dig into what's not working and see if you can fix it + so that the dep train stays on its rails. + + Note that although minor/patch level changes are handled + automatically, notably major version changes like you'd find in + stripe-go are not and those upgrades need to be performed manually. + That should theoretically not be a problem if fixes are backported + to all previous majors, but in practice they are often not, so it's + worthwhile to occasionally look for new majors and integrate them. + branch: "feature/dep-update" + commit-message: | + Update package dependencies + tidy + + Weekly update to the project's package dependencies initiated by an + automatic GitHub Action running on cron. Keeps upgrades less of a + monolithic task and lets security-related patches trickle in more + quickly. + author: "Bot <[email protected]>" + committer: "Bot <[email protected]>" + delete-branch: true
\ No newline at end of file |