--- name: CI permissions: actions: read checks: read contents: read deployments: read issues: read discussions: read pull-requests: read repository-projects: read security-events: read statuses: read on: push: tags: - v* branches: - master - stable - v1 release: types: - published - released pull_request: types: - opened - edited - reopened - synchronize - ready_for_review jobs: test: name: Test runs-on: ubuntu-latest timeout-minutes: 10 strategy: matrix: go_version: - ^1.25 steps: - name: Checkout uses: actions/checkout@v6 with: submodules: recursive - name: Setup Go uses: actions/setup-go@v6 with: go-version: ${{ matrix.go_version }} - name: Cache dependencies uses: actions/cache@v5 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-go- - name: Run tests run: go test -coverprofile=./coverage.txt -covermode=atomic -v ./... - name: Collect coverage uses: codecov/codecov-action@v5 with: files: ./coverage.txt fuzz: name: Fuzzing runs-on: ubuntu-latest timeout-minutes: 20 steps: - name: Checkout uses: actions/checkout@v6 with: submodules: recursive - name: Setup Go uses: actions/setup-go@v6 with: go-version: ^1.25 - name: Cache fuzz results uses: actions/cache@v5 with: path: ~/.cache/go-build/fuzz key: ${{ runner.os }}-go-${{ hashFiles('**/*_fuzz_test.go', '**/*_fuzz_internal_test.go') }} restore-keys: ${{ runner.os }}-go- - name: Cache dependencies uses: actions/cache@v2 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-go- - name: Run fuzzing run: make -j4 fuzz lint: name: Lint runs-on: ubuntu-latest timeout-minutes: 5 steps: - name: Checkout uses: actions/checkout@v6 with: submodules: recursive - name: Setup Go uses: actions/setup-go@v6 with: go-version: ^1.25 - name: Run linter uses: golangci/golangci-lint-action@v9.2.0 docker: name: Docker runs-on: ubuntu-latest timeout-minutes: 20 steps: - name: Checkout uses: actions/checkout@v6 with: submodules: recursive - name: Get Docker meta id: docker_meta uses: crazy-max/ghaction-docker-meta@v1 with: images: nineseconds/mtg,ghcr.io/9seconds/mtg tag-semver: "{{version}},{{major}},{{major}}.{{minor}}" - name: Setup QEMU uses: docker/setup-qemu-action@v1 - name: Setup BuildX uses: docker/setup-buildx-action@v1 - name: Setup cache uses: actions/cache@v5 with: path: /tmp/buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- # # - name: Login to DockerHub # if: github.event_name != 'pull_request' # uses: docker/login-action@v1 # with: # username: ${{ secrets.DOCKERHUB_USERNAME }} # password: ${{ secrets.DOCKERHUB_PASSWORD }} # # - name: Login to GHCR.io # if: github.event_name != 'pull_request' # uses: docker/login-action@v1 # with: # registry: ghcr.io # username: ${{ github.repository_owner }} # password: ${{ secrets.GH_PAT }} # # - name: Build and push # uses: docker/build-push-action@v2 # with: # pull: true # context: . # platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7,linux/arm/v6 # push: ${{ github.event_name != 'pull_request' }} # tags: ${{ steps.docker_meta.outputs.tags }} # labels: ${{ steps.docker_meta.outputs.labels }} # cache-from: type=local,src=/tmp/buildx-cache # cache-to: type=local,dest=/tmp/buildx-cache