-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTaskfile.yaml
94 lines (81 loc) · 2.6 KB
/
Taskfile.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
version: '3'
vars:
git_root:
sh: git rev-parse --show-toplevel
test_dir: pkg
trivy_version: v0.35.0
golangci_lint_version: v1.50.1
tasks:
default:
cmds:
- echo "Please enter a task name or use -l or --list-all to list all available tasks"
silent: true
desc: Default task.
install/lint:
desc: Install golangci-lint.
cmds:
- sudo curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sudo sh -s -- -b /usr/local/bin {{.golangci_lint_version}}
- golangci-lint version
sources:
- /usr/local/bin/golangci-lint
install/trivy:
desc: Install trivy security scanner.
cmds:
- curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin {{.trivy_version}}
- trivy version
sources:
- /usr/local/bin/trivy
cleanup:
desc: Project cleanup.
cmds:
- find {{.git_root}} -type d -iname "*tmp*" | xargs -r rm -r
ignore_error: true
silent: true
lint:
desc: Run golangci-lint linter.
deps:
- vendor
cmds:
- golangci-lint run pkg/... -v --timeout=15m
gofumpt:
desc: Enforce a stricter format than gofmt, while being backwards compatible. Auto fixes issues.
cmds:
- gofumpt -l -w .
goimports:
desc: Format and fix all go imports.
cmds:
- goimports -w -local github.com/dimaunx/gencert $(find {{.git_root}} -type f -name '*.go' -not -path "{{.git_root}}/vendor/*")
vendor:
desc: Run go mod vendor.
cmds:
- |
echo Running vendor...
if [ -d "{{.git_root}}/vendor" ]; then
echo "{{.git_root}}/vendor folder already exists"
cd {{.git_root}} && go mod tidy
else
cd {{.git_root}} && go mod tidy && go mod vendor
fi
silent: true
trivy:
desc: Scan the whole code repository for vulnerabilities and misconfigurations.
cmds:
- trivy fs {{.git_root}} --no-progress --skip-dirs ./.idea --skip-dirs ./vendor --exit-code 1 --debug
- trivy config {{.git_root}} --severity HIGH,CRITICAL,MEDIUM,LOW --skip-dirs ./vendor --exit-code 1 --debug
test:
desc: Run tests
cmds:
- defer: { task: cleanup }
- cmd: echo Running tests on {{OS}} {{ARCH}}...
silent: true
- go test -parallel=4 -shuffle=on {{.git_root}}/{{.test_dir}}/... -cover -coverprofile={{.git_root}}/coverage.out
cover:
desc: Show code coverage in a browser.
cmds:
- go tool cover -html={{.git_root}}/coverage.out
build:
desc: Build the binary
deps:
- vendor
cmds:
- go build -o gencert