Run nancy validation for all dependencies #1243
Conversation
SVilgelm
added
area: tests
.github/workflows/pr.yml
Outdated
| @@ -15,6 +15,11 @@ jobs: | |||
| runs-on: ubuntu-latest | |||
| steps: | |||
| - uses: actions/checkout@v2 | |||
| - uses: actions/setup-go@v2 | |||
There was a problem hiding this comment.
should it be in another job as this job is focusing on golangci-lint ? I think golangci-lint and nancy are two independent tasks, they can be running in parallel as well :)
.github/workflows/pr.yml
Outdated
| # We cannot use nancy-github-action because it is outdated, so it's better to use the latest | ||
| # docker image for the validation | ||
| - name: nancy | ||
| run: go list -m all | docker run -i sonatypecommunity/nancy:latest |
There was a problem hiding this comment.
We might need to test it out for negative case to make sure it failed here. I faced a few cases github action didn't fail as expected, so just a precautious step.
There was a problem hiding this comment.
I'm using it in several projects, and at work and it's failing :)
There was a problem hiding this comment.
recently I had to disable it on a weekend because the server was unavailable
There was a problem hiding this comment.
oh I see, we can just let it run as non-required job for sometime first, then change settings later once we see fit.
There was a problem hiding this comment.
then I need to move it to a separate file
There was a problem hiding this comment.
oh actually, you can still have it in the same pr workflow, mandatory setting is per job.
Anyway, no harm to keep it in another file.
|
/lgtm |
then approve? ;-) |
.github/workflows/pr-extra.yml
Outdated
| # We cannot use nancy-github-action because it is outdated, so it's better to use the latest | ||
| # docker image for the validation | ||
| - name: nancy | ||
| run: go list -m all | docker run -i sonatypecommunity/nancy:latest |
There was a problem hiding this comment.
Use `-json` flag
No description provided.