.github/workflows/integration.yml

name: Integration

on:
  push:
  pull_request:

jobs:
  check:
    name: Check
    runs-on: ubuntu-latest
    steps:
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "^1.23"

      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Static Check
        uses: dominikh/staticcheck-action@v1.3.1
        with:
          version: "latest"
          install-go: false

  vet:
    name: Vet
    runs-on: ubuntu-latest
    steps:
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "^1.19"

      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Vet Go code
        run: go vet ./...

  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Set up Go
        uses: actions/setup-go@v5
        with:
          go-version: "^1.19"

      - name: Check out code into the Go module directory
        uses: actions/checkout@v4

      - name: Compile
        run: make build

      - name: Trivy scan
        uses: aquasecurity/trivy-action@0.28.0
        env:
           TRIVY_DB_REPOSITORY: "ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db"
        with:
          scan-type: "fs"
          ignore-unfixed: true
          format: "table"
          exit-code: "1"
          vuln-type: "os,library"
          severity: "CRITICAL,HIGH"