nuke/.github/workflows/go.yml

name: Go

on:
  push:
    branches: ["main"]
  pull_request:
    branches: ["main"]

permissions:
  contents: read
  actions: write

jobs:
  go_tests:
    #runs-on: alrest-techarohq
    runs-on: ubuntu-24.04
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
        with:
          persist-credentials: false

      - name: build essential
        run: |
          sudo apt-get update
          sudo apt-get install -y build-essential

      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
        with:
          node-version: latest

      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
        with:
          go-version: stable

      - name: Cache playwright binaries
        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
        id: playwright-cache
        with:
          path: |
            ~/.cache/ms-playwright
          key: ${{ runner.os }}-playwright-${{ hashFiles('**/go.sum') }}

      - name: install node deps
        run: |
          npm ci

      - name: install playwright browsers
        run: |
          npx --no-install playwright@1.52.0 install --with-deps
          npx --no-install playwright@1.52.0 run-server --port 9001 &

      - name: Build
        run: npm run build

      - name: Test
        run: npm run test

      - name: Lint with staticcheck
        uses: dominikh/staticcheck-action@024238d2898c874f26d723e7d0ff4308c35589a2 # v1.4.0
        with:
          version: "latest"

      - name: Govulncheck
        run: |
          go tool govulncheck ./...