第一篇使用 Github Action 为 Golang 项目添加 Coveralls 徽标为一个 Golang Demo添加了几个徽标。
经过了一段时间的积累,我又发现了几个有意思、可以放到项目页的徽标,添加后效果如下:
Build Pass 徽标
添加 .github/workflows/go.yml 文件(.github/workflows 文件夹是 Github Action 的配置存放目录),内容如下:
name: Build
on: [push, pull_request]
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '^1.20'
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Get dependencies
run: |
go get -v -t -d ./...
if [ -f Gopkg.toml ]; then
curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
dep ensure
fi
- name: Check the build
shell: bash -l {0}
run: |
export PATH=${PATH}:`go env GOPATH`/bin
make build
在 README.md 文件添加以下链接,连接地址是项目地址 + “workflows” 固定的格式,“Build” 是在如上 Pipeline 中定义的 name 名称
![](https://github.com/sincerefly/easycmd/workflows/Build/badge.svg)
Go Report A+
打开 https://goreportcard.com/ 网站
输入 Golang 项目的 Github 地址
之前我的 Demo 项目的模块名称为 easycmd,使用内部模块的代码如下
import (
"fmt"
"easycmd/utils/random"
"easycmd/utils/requests"
)
加载项目地址时会报错:
将 go.mod 文件的模块名称修改为 github.com/sincerefly/easycmd
Commit: fix: module using absolute Path
等待一段时间等待库同步,重试即可。在 README.md 文件添加:
[![Go Report Card](https://goreportcard.com/badge/github.com/sincerefly/easycmd)](https://goreportcard.com/report/github.com/sincerefly/easycmd)
CodeCov 徽标
打开网站 https://app.codecov.io/gh 登录后选择要展示测试用例覆盖率的项目
选择项目,添加 CODECOV_TOKEN 到 settings > secrets and variable > actions 下的 “Repository secrets”
添加一个新的 Github Action,也可以将 “Upload coverage reports to Codecov” 集成到已存在的 Pipeline 配置中
.github/workflows/ci-codecov.yml
name: CodeCoverage
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
go:
- '1.21'
- '1.20'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go }}
- name: Build and test
run: go test -v -race -coverprofile=coverage.txt -covermode=atomic ./...
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
with:
files: ./coverage.txt
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
CodeCov 支持自定义 Settings,可以把以下示例配置放到项目的根目录下 codecov.yml
codecov:
require_ci_to_pass: yes
coverage:
status:
patch: no
project:
default:
threshold: 1%
if_not_found: success
changes: no
#What precision do you want the coverage value to be
precision: 2
#The value range where you want the value to be green
range: "50...100"
ignore:
- "test/.*"
- ".github/.*"
- "images/.*"
- ".mvn/.*"
- ".style/.*"
- "*.md"
comment:
layout: "reach,diff,flags,tree"
behavior: default
require_changes: no
在配置页面能找到 Badge 链接,添加到 README.md 文件
[![codecov](https://codecov.io/gh/sincerefly/easycmd/graph/badge.svg?token=W8Z0SWZJG3)](https://codecov.io/gh/sincerefly/easycmd)
PS: CodeCov 还支持比较酷炫的覆盖率图片,可以在设置页面找到 Embed 链接
CodeQL 徽标
跟 Build Pass 类似,添加 CodeQL 的 Github Action
.github/workflows/go.yml 配置内容:
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '24 3 * * 1'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3
# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
配置参考的 yq 项目,地址:https://github.com/mikefarah/yq/blob/master/.github/workflows/codeql.yml
徽标链接
![CodeQL](https://github.com/sincerefly/easycmd/workflows/CodeQL/badge.svg)
LICENSE 文件
项目授权文件,在跟目录创建名为 LICENSE 的文件,我选择的为 MIT 协议,内容如下:
The MIT License (MIT)
Copyright (c) 2017 Mike Farah
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
SECURITY.md
在根目录创建 SECURITY.md 文件,内容如下:
# Security Policy
If you have discovered a security vulnerability in this project, please report it
privately. **Do not disclose it as a public issue.** This gives me time to work with you
to fix the issue before public exposure, reducing the chance that the exploit will be
used before a patch is released.
You may submit the report by filling out
[this form](https://github.com/sincerefly/easycmd/security/advisories/new).
Please provide the following information in your report:
- A description of the vulnerability and its impact
- How to reproduce the issue
This project is maintained by a single maintainer on a reasonable-effort basis. As such,
I ask that you give me 90 days to work on a fix before public exposure.
参考自:https://github.com/mwaskom/seaborn
Contributor Covenant Code of Conduct
在根目录创建 code-of-conduct.md 文件,内容如下:
# Contributor Covenant Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, gender identity and expression, level of experience,
nationality, personal appearance, race, religion, or sexual identity and
orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as physical or electronic
address, without explicit permission
* Other conduct that could reasonably be considered inappropriate in a
professional setting
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
参考自:https://github.com/sindresorhus/awesome
参考
- https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/adding-a-workflow-status-badge
- https://github.com/yangwenmai/how-to-add-badge-in-github-readme
- https://github.com/luckyQing/ci-badge
- https://github.com/mikefarah/yq/blob/master/.github/workflows/codeql.yml
- https://github.com/mwaskom/seaborn
- https://github.com/sindresorhus/awesome