github-actions icon indicating copy to clipboard operation
github-actions copied to clipboard

verified publisher icon TykTechnologies

Metadata

Collection of shared github actions

Re-usable github actions

Collection of shared github actions which are used in our org.

PR Checkout

The checkout PR action will fetch only the commits that belong to the PR. This is required for various code analysis tooling, including sonarcloud.

Example usage:

jobs:
  golangci-lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout PR
        uses: TykTechnologies/github-actions/.github/actions/checkout-pr@main

Print Go API Changes

For a PR, the action will print the changes in go doc output. This surfaces API changes (function removals, renames, additions), as well as comment changes.

Example usage:

jobs:
  godoc:
    uses: TykTechnologies/github-actions/.github/workflows/godoc.yml@main
    secrets:
      ORG_GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }}

OWASP scanner

Example usage:

jobs:
  owasp:
    uses: TykTechnologies/github-actions/.github/workflows/owasp.yaml@main
    with:
      target: http://staging-url.com

Nancy Scan

OSS scanner which helps find CVEs in Go dependencies

Example usage:

jobs:
  nancy:
    strategy:
      fail-fast: false
      matrix:
        package:
          - controller
          - dashboard
          - billing
          - monitor
          - pkg
          
    uses: TykTechnologies/github-actions/.github/workflows/nancy.yaml@main
    with:
      dir: ${{ matrix.package }}
    secrets: inherit

Semgrep

CodeQL like OSS linter

Example usage:

jobs:
  semgrep:
    uses: TykTechnologies/github-actions/.github/workflows/semgrep.yaml@main

Golang CI

Popular linter for Go lang with good defaults

Example usage:

jobs:
  golangci:
    uses: TykTechnologies/github-actions/.github/workflows/golangci.yaml@main
  with:
    main_branch: master

SonarCloud

Put it after Golang CI to automatically upload its reports to SonarCloud

Example usage:

jobs:
  golangci:
    uses: TykTechnologies/github-actions/.github/workflows/sonarcloud.yaml@main
  with:
    main_branch: master
    exclusions: ""
  secrets: inherit

Go govulncheck

Official Go Vulnerability Management See https://go.dev/blog/vuln

Example usage:

jobs:
  govulncheck:
    uses: TykTechnologies/github-actions/.github/workflows/govulncheck.yaml@main

Metadata

24
Stars
0
Forks
Watchers

Owner

verified publisher icon TykTechnologies

Metadata

Collection of shared github actions

Back