Skip to content

go mod

go mod #20

Workflow file for this run

name: Quantum ZKP CI/CD
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
release:
types: [ published ]
env:
GO_VERSION: '1.24'
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
# Code quality and security checks
lint-and-security:
name: Lint and Security Analysis
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Cache Go modules
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Install dependencies
run: go mod download
- name: Run basic Go checks
run: |
go fmt ./...
go vet ./...
- name: Run golangci-lint (basic checks only)
uses: golangci/golangci-lint-action@v6
with:
version: latest
args: --timeout=5m --disable-all --enable=errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused
continue-on-error: true
- name: Run gosec security scanner (basic)
run: |
go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest
gosec ./... || echo "gosec completed with warnings"
continue-on-error: true
# Comprehensive testing
test:
name: Test Suite
runs-on: ubuntu-latest
timeout-minutes: 10
strategy:
matrix:
go-version: ['1.23', '1.24']
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
- name: Cache Go modules
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}
- name: Install dependencies
run: |
go mod download
go mod verify
- name: Check Go environment
run: |
go version
go env
pwd
ls -la
- name: Run tests (with detailed output)
run: |
echo "Running all tests..."
go test -v -race -coverprofile=coverage.out ./... 2>&1 | tee test-output.log
echo "Test exit code: $?"
- name: Run scientific paper validation tests
run: |
echo "Running scientific paper validation..."
go test -v -run TestScientificPaperClaims 2>&1 | tee scientific-test-output.log
echo "Scientific test exit code: $?"
- name: Generate coverage report
run: go tool cover -html=coverage.out -o coverage.html
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./coverage.out
flags: unittests
name: codecov-umbrella
- name: Upload coverage artifacts
uses: actions/upload-artifact@v4
with:
name: coverage-report-go${{ matrix.go-version }}
path: |
coverage.out
coverage.html
# Performance benchmarking
benchmark:
name: Performance Benchmarks
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Run benchmarks
run: go test -bench=. -benchmem -run=^$ > benchmark.txt
- name: Upload benchmark results
uses: actions/upload-artifact@v4
with:
name: benchmark-results
path: benchmark.txt
# Security vulnerability scanning
security-scan:
name: Security Vulnerability Scan
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
# Build and test Docker image
docker-build:
name: Docker Build and Test
runs-on: ubuntu-latest
needs: [test]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image
run: docker build -t quantum-zkp:test .
- name: Verify Docker image exists
run: docker images quantum-zkp:test
- name: Test Docker image
run: |
echo "Testing Docker image default command (help)..."
docker run --rm quantum-zkp:test
echo "Testing demo..."
docker run --rm quantum-zkp:test ./qzkp demo
# Build and push Docker image (on release)
docker-release:
name: Docker Release
runs-on: ubuntu-latest
needs: [test, docker-build]
if: github.event_name == 'release'
permissions:
contents: read
packages: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max