Skip to content

Fix middleware (#137) #76

Fix middleware (#137)

Fix middleware (#137) #76

Workflow file for this run

name: Code Quality Analysis
on:
workflow_dispatch:
schedule:
# Run code quality checks weekly on Monday at 3 AM UTC
- cron: '0 3 * * 1'
push:
branches: [ main ]
paths:
- '**.go'
- 'go.mod'
- 'go.sum'
env:
GO_VERSION: '1.24'
jobs:
quality-analysis:
name: Code Quality Analysis
runs-on: ubuntu-latest
permissions:
contents: write # Allow commit comments
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
- name: Cache Go modules
uses: actions/cache@v5
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Install analysis tools
run: |
go install github.com/fzipp/gocyclo/cmd/gocyclo@latest
go install github.com/mibk/dupl@latest
go install github.com/client9/misspell/cmd/misspell@latest
go install honnef.co/go/tools/cmd/staticcheck@latest
go install github.com/securego/gosec/v2/cmd/gosec@latest
go install golang.org/x/vuln/cmd/govulncheck@latest
- name: Code complexity analysis
run: |
echo "## Code Complexity Report" > quality-report.md
echo "" >> quality-report.md
echo "### Functions with cyclomatic complexity > 10" >> quality-report.md
echo "\`\`\`" >> quality-report.md
gocyclo -over 10 . >> quality-report.md || echo "No complex functions found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Code duplication analysis
run: |
echo "### Code Duplication" >> quality-report.md
echo "\`\`\`" >> quality-report.md
dupl -threshold 50 -html ./... > duplication.html 2>&1 || true
dupl -threshold 50 ./... >> quality-report.md 2>&1 || echo "No significant duplication found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Spelling check
run: |
echo "### Spelling Issues" >> quality-report.md
echo "\`\`\`" >> quality-report.md
misspell -error . >> quality-report.md 2>&1 || echo "No spelling issues found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Static analysis
run: |
echo "### Static Analysis (staticcheck)" >> quality-report.md
echo "\`\`\`" >> quality-report.md
staticcheck ./... >> quality-report.md 2>&1 || echo "No issues found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Security analysis
continue-on-error: true
run: |
echo "### Security Analysis" >> quality-report.md
echo "\`\`\`" >> quality-report.md
gosec -fmt text ./... >> quality-report.md 2>&1 || echo "No security issues found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Vulnerability check
run: |
echo "### Vulnerability Scan" >> quality-report.md
echo "\`\`\`" >> quality-report.md
govulncheck ./... >> quality-report.md 2>&1 || echo "No vulnerabilities found" >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Code metrics
run: |
echo "### Code Metrics" >> quality-report.md
echo "" >> quality-report.md
echo "**Lines of Code:**" >> quality-report.md
echo "\`\`\`" >> quality-report.md
find . -name '*.go' -not -path './vendor/*' -not -path './tests/mocks/*' | xargs wc -l | tail -1 >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
echo "**Test Files:**" >> quality-report.md
echo "\`\`\`" >> quality-report.md
find . -name '*_test.go' | wc -l >> quality-report.md
echo "\`\`\`" >> quality-report.md
echo "" >> quality-report.md
- name: Display quality report
run: cat quality-report.md
- name: Upload quality reports
uses: actions/upload-artifact@v7
with:
name: code-quality-report
path: |
quality-report.md
duplication.html
- name: Comment on commit (if pushed)
if: github.event_name == 'push'
uses: actions/github-script@v8
with:
script: |
const fs = require('fs');
const report = fs.readFileSync('quality-report.md', 'utf8');
// Post as a commit comment
await github.rest.repos.createCommitComment({
owner: context.repo.owner,
repo: context.repo.repo,
commit_sha: context.sha,
body: `## Code Quality Report\n\n${report}\n\nView full artifacts for detailed analysis.`
});