Skip to content

ci: migrate Go test pipeline from CircleCI to GitHub Actions (V6.2)#4317

Merged
reinkrul merged 1 commit into
V6.2from
backport-4250-4259-v6.2
Jun 5, 2026
Merged

ci: migrate Go test pipeline from CircleCI to GitHub Actions (V6.2)#4317
reinkrul merged 1 commit into
V6.2from
backport-4250-4259-v6.2

Conversation

@reinkrul
Copy link
Copy Markdown
Member

@reinkrul reinkrul commented Jun 4, 2026
edited
Loading

Backports the CircleCI→GitHub Actions migration to V6.2.

Ports two merged master PRs:

CI changes

  • Add .github/workflows/go-test.yaml; remove .circleci/config.yml
  • build-images: build only linux/amd64 on PRs, full multi-arch on push/tag (arm under QEMU is slow and adds no PR signal)
  • e2e-tests: enable GHA layer cache (type=gha,scope=e2e)

Test changes

  • Drop brittle DNS-error assertions in crypto/storage/vault and didman/api/v1 tests. They matched Go net-package error strings (no such host / Temporary failure in name resolution), which differ on the ubuntu-latest runner (systemd-resolved returns server misbehaving). The require.Error + nil-result checks still cover the contract.

Production code change

  • policy/local.go: loadFromDirectory now uses os.ReadDir instead of os.Open + dir.Readdir(0). Readdir(0) returned directory entries in filesystem order, so duplicate-scope detection processed .json files in a non-deterministic order across platforms. os.ReadDir returns entries sorted by filename, making policy load order — and the duplicate-scope error it reports — deterministic. No change to which mappings are loaded; only the order in which files are read and thus which file is named when two declare the same scope.

All three changes are ported verbatim from #4250.

@reinkrul
ci: migrate Go test pipeline from CircleCI to GitHub Actions
1ec736a 
Backport of #4250 and #4259 from master, limited to CI:

- add .github/workflows/go-test.yaml, remove .circleci/config.yml
- build-images: build only linux/amd64 on PRs, multi-arch on push/tag
- e2e-tests: enable GHA layer cache
- drop brittle DNS-error / readdir-order test assertions exposed by the
  ubuntu-latest runner (same fixes as #4250) so go-test passes

Assisted by AI
@qltysh
Copy link
Copy Markdown
Contributor

qltysh Bot commented Jun 4, 2026

❌ 1 blocking issue (1 total)

Tool Category Rule Count
zizmor Vulnerability overly broad permissions 1

@qltysh
Copy link
Copy Markdown
Contributor

qltysh Bot commented Jun 4, 2026

Qlty


Coverage Impact

⬆️ Merging this pull request will increase total coverage on V6.2 by 0.01%.

Modified Files with Diff Coverage (1)

RatingFile% DiffUncovered Line #s
Coverage rating: D Coverage rating: D
policy/local.go100.0%
Total100.0%
🚦 See full report on Qlty Cloud »

🛟 Help

  • Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

  • Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

  • File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

    • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

@reinkrul reinkrul merged commit 3f033bc into V6.2 Jun 5, 2026
9 checks passed
@reinkrul reinkrul deleted the backport-4250-4259-v6.2 branch June 5, 2026 07:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stevenvegt stevenvegt stevenvegt approved these changes

@woutslakhorst woutslakhorst Awaiting requested review from woutslakhorst woutslakhorst is a code owner

@gerardsn gerardsn Awaiting requested review from gerardsn gerardsn is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@reinkrul @stevenvegt