diff --git a/.github/workflows/fortress-benchmarks.yml b/.github/workflows/fortress-benchmarks.yml index f121f9c..7f636dc 100644 --- a/.github/workflows/fortress-benchmarks.yml +++ b/.github/workflows/fortress-benchmarks.yml @@ -264,7 +264,7 @@ jobs: # Fail the step if benchmarks failed or contained errors if [ "$BENCH_STATUS" = "failure" ]; then - echo "::error::Benchmark execution failed or contained errors" + echo "::error title=Benchmark Failed::Benchmark execution failed or contained errors (panic, fatal, or timeout) - see job summary for details" exit 1 fi diff --git a/.github/workflows/fortress-code-quality.yml b/.github/workflows/fortress-code-quality.yml index 8b0db88..a50be5c 100644 --- a/.github/workflows/fortress-code-quality.yml +++ b/.github/workflows/fortress-code-quality.yml @@ -348,7 +348,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Restore golangci-lint binary cache id: cache-golangci-lint-binary - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cache/golangci-lint-bin key: ${{ inputs.primary-runner }}-golangci-lint-binary-${{ env.MAGE_X_GOLANGCI_LINT_VERSION }} @@ -377,7 +377,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Cache golangci-lint build cache id: cache-golangci-lint-build - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cache/go-build key: ${{ inputs.primary-runner }}-go-build-golangci-${{ env.MAGE_X_GOLANGCI_LINT_VERSION }}-${{ hashFiles('**/*.go') }} @@ -389,7 +389,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Cache golangci-lint analysis id: cache-golangci-lint - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ${{ env.GOLANGCI_LINT_CACHE }} key: ${{ inputs.primary-runner }}-golangci-lint-analysis-${{ hashFiles('.golangci.json', env.GO_SUM_FILE) }}-${{ steps.golangci-lint-version.outputs.version }} diff --git a/.github/workflows/fortress-completion-finalize.yml b/.github/workflows/fortress-completion-finalize.yml index c5fba99..82c26c8 100644 --- a/.github/workflows/fortress-completion-finalize.yml +++ b/.github/workflows/fortress-completion-finalize.yml @@ -72,13 +72,31 @@ jobs: TIMING_DATA: ${{ inputs.timing-data }} run: | echo "๐Ÿ“‹ Parsing workflow inputs..." - echo "$ALL_INPUTS" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do - echo "INPUT_$key=$value" >> $GITHUB_ENV + # Note: Replace hyphens with underscores in keys for GitHub Actions expression compatibility + # Use heredoc syntax to safely handle multiline values (e.g., env-json) + echo "$ALL_INPUTS" | jq -r 'to_entries | .[] | @base64' | while read -r entry; do + decoded=$(echo "$entry" | base64 -d) + key=$(echo "$decoded" | jq -r '.key') + value=$(echo "$decoded" | jq -r '.value') + normalized_key=$(echo "$key" | tr '-' '_') + { + echo "INPUT_$normalized_key<> $GITHUB_ENV done echo "๐Ÿ“‹ Parsing timing data..." - echo "$TIMING_DATA" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do - echo "TIMING_$key=$value" >> $GITHUB_ENV + echo "$TIMING_DATA" | jq -r 'to_entries | .[] | @base64' | while read -r entry; do + decoded=$(echo "$entry" | base64 -d) + key=$(echo "$decoded" | jq -r '.key') + value=$(echo "$decoded" | jq -r '.value') + normalized_key=$(echo "$key" | tr '-' '_') + { + echo "TIMING_$normalized_key<> $GITHUB_ENV done # -------------------------------------------------------------------- @@ -109,39 +127,101 @@ jobs: continue-on-error: ${{ env.ARTIFACT_DOWNLOAD_CONTINUE_ON_ERROR }} # -------------------------------------------------------------------- - # Initialize final report with header + # Initialize final report with STATUS BANNER FIRST # -------------------------------------------------------------------- - name: ๐Ÿ“ Initialize Final Report run: | - # Create the initial completion report with professional structure + # Determine overall workflow status + WORKFLOW_FAILED=false + FAILED_JOBS="" + + # Check each critical job result + if [[ "${{ env.INPUT_setup_result }}" != "success" && "${{ env.INPUT_setup_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Setup Configuration\n" + fi + if [[ "${{ env.INPUT_test_magex_result }}" != "success" && "${{ env.INPUT_test_magex_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Test MAGE-X\n" + fi + if [[ "${{ env.INPUT_pre_commit_result }}" != "success" && "${{ env.INPUT_pre_commit_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Pre-commit Checks\n" + fi + if [[ "${{ env.INPUT_security_result }}" != "success" && "${{ env.INPUT_security_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Security Scans\n" + fi + if [[ "${{ env.INPUT_code_quality_result }}" != "success" && "${{ env.INPUT_code_quality_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Code Quality\n" + fi + if [[ "${{ env.INPUT_test_suite_result }}" != "success" && "${{ env.INPUT_test_suite_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Test Suite\n" + fi + if [[ "${{ env.INPUT_benchmarks_result }}" != "success" && "${{ env.INPUT_benchmarks_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Benchmarks\n" + fi + if [[ "${{ env.INPUT_release_result }}" != "success" && "${{ env.INPUT_release_result }}" != "skipped" ]]; then + WORKFLOW_FAILED=true + FAILED_JOBS="$FAILED_JOBS- โŒ Release\n" + fi + SUMMARY_TIME=$(date -u +"%Y-%m-%d %H:%M:%S UTC") { - echo "# ๐Ÿฐ GoFortress Workflow Completion Report" - echo "_Generated at: ${SUMMARY_TIME}_" + # ================================================================= + # STATUS BANNER (Always visible at top - immediate failure visibility) + # ================================================================= + echo "# ๐Ÿ Workflow Complete" + echo "" + + if [[ "$WORKFLOW_FAILED" == "true" ]]; then + echo "> [!CAUTION]" + echo "> ## ๐Ÿ”ด WORKFLOW FAILED" + echo ">" + echo "> **Failed Jobs:**" + echo -e "$FAILED_JOBS" | while IFS= read -r line; do echo "> $line"; done + echo "" + else + echo "> [!TIP]" + echo "> ## ๐ŸŸข ALL CHECKS PASSED" + fi echo "" - echo "**GoFortress System Version:** \`${{ env.INPUT_gofortress-version }}\` | **Released:** ${{ env.INPUT_gofortress-released }}" + echo "| Job | Result |" + echo "|-----|--------|" + echo "| Setup Configuration | $([ "${{ env.INPUT_setup_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_setup_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + echo "| Test MAGE-X | $([ "${{ env.INPUT_test_magex_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_test_magex_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + echo "| Pre-commit Checks | $([ "${{ env.INPUT_pre_commit_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_pre_commit_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + echo "| Security Scans | $([ "${{ env.INPUT_security_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_security_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + echo "| Code Quality | $([ "${{ env.INPUT_code_quality_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_code_quality_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + echo "| Test Suite | $([ "${{ env.INPUT_test_suite_result }}" = "success" ] && echo "โœ… Passed" || ([ "${{ env.INPUT_test_suite_result }}" = "skipped" ] && echo "โญ๏ธ Skipped" || echo "โŒ Failed")) |" + # Only show benchmarks if attempted + if [[ "${{ env.INPUT_benchmarks_result }}" != "skipped" ]]; then + echo "| Benchmarks | $([ "${{ env.INPUT_benchmarks_result }}" = "success" ] && echo "โœ… Passed" || echo "โŒ Failed") |" + fi + # Only show release if attempted + if [[ "${{ env.INPUT_release_result }}" != "skipped" ]]; then + echo "| Release | $([ "${{ env.INPUT_release_result }}" = "success" ] && echo "โœ… Passed" || echo "โŒ Failed") |" + fi echo "" - echo "---" + echo "**Duration:** ${TIMING_total_minutes:-0}m ${TIMING_total_seconds:-0}s" echo "" - echo "## ๐Ÿ Workflow Summary" + echo "**Generated:** $SUMMARY_TIME" echo "" - echo "### โฑ๏ธ Execution Timeline" - echo "| Metric | Value |" - echo "|--------|-------|" - echo "| **Total Duration** | ${TIMING_total_minutes:-0}m ${TIMING_total_seconds:-0}s |" - echo "| **Start Time** | ${{ env.INPUT_start-time }} |" - echo "| **End Time** | $(date -u +"%Y-%m-%dT%H:%M:%SZ") |" - echo "| **Workflow** | ${{ github.workflow }} |" - echo "| **Run Number** | ${{ github.run_number }} |" - echo "| **Trigger** | ${{ github.event_name }} |" - echo "| **Source** | ${{ github.event.pull_request.head.repo && github.event.pull_request.head.repo.full_name == github.repository && 'Internal' || 'Fork' }} |" + + # ================================================================= + # DETAILED SECTIONS (Collapsed by default) + # ================================================================= + echo "
" + echo "๐Ÿ“Š Statistics (Cache, Coverage, LOC)" echo "" - echo "

" } > final-report.md # -------------------------------------------------------------------- - # Append report sections from sub-workflows + # Append report sections from sub-workflows (inside collapsed details) # -------------------------------------------------------------------- - name: ๐Ÿ“„ Append Statistics Section if: always() @@ -155,6 +235,15 @@ jobs: ${{ inputs.statistics-report }} EOF fi + # Close statistics details, open tests details + { + echo "" + echo "
" + echo "" + echo "
" + echo "๐Ÿงช Test Analysis" + echo "" + } >> final-report.md - name: ๐Ÿ“„ Append Tests Section if: always() @@ -168,100 +257,57 @@ jobs: ${{ inputs.tests-report }} EOF fi + # Close tests details + echo "" >> final-report.md + echo "
" >> final-report.md + echo "" >> final-report.md # -------------------------------------------------------------------- - # Generate job results summary + # Generate Job Results Summary # -------------------------------------------------------------------- - name: ๐Ÿ”ง Generate Job Results Summary id: job-results run: | - { - echo "" - echo "

" - echo "" - echo "### โœ… Workflow Status Overview" - echo "| Job | Status | Result |" - echo "|-----|--------|--------|" - echo "| ๐ŸŽฏ Setup Configuration | ${{ env.INPUT_setup-result }} | $([ "${{ env.INPUT_setup-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" - echo "| ๐Ÿช„ Test MAGE-X | ${{ env.INPUT_test-magex-result }} | $([ "${{ env.INPUT_test-magex-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" - echo "| ๐Ÿช Pre-commit Checks | ${{ env.INPUT_pre-commit-result }} | $([ "${{ env.INPUT_pre-commit-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" - echo "| ๐Ÿ”’ Security Scans | ${{ env.INPUT_security-result }} | $([ "${{ env.INPUT_security-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" - echo "| ๐Ÿ“Š Code Quality | ${{ env.INPUT_code-quality-result }} | $([ "${{ env.INPUT_code-quality-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" - echo "| ๐Ÿงช Test Suite | ${{ env.INPUT_test-suite-result }} | $([ "${{ env.INPUT_test-suite-result }}" = "success" ] && echo "โœ…" || ([ "${{ env.INPUT_test-suite-result }}" = "skipped" ] && echo "โญ๏ธ" || echo "โŒ")) |" - } >> final-report.md - - # Only show benchmarks row if it was attempted - if [[ "${{ env.INPUT_benchmarks-result }}" != "skipped" ]]; then - echo "| ๐Ÿƒ Benchmarks | ${{ env.INPUT_benchmarks-result }} | $([ "${{ env.INPUT_benchmarks-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" >> final-report.md - fi - - # Always show status-check result - echo "| ๐ŸŽฏ All Tests Passed | ${{ env.INPUT_status-check-result }} | $([ "${{ env.INPUT_status-check-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" >> final-report.md - - # Only show release row if it was attempted - if [[ "${{ env.INPUT_release-result }}" != "skipped" ]]; then - echo "| ๐Ÿš€ Release | ${{ env.INPUT_release-result }} | $([ "${{ env.INPUT_release-result }}" = "success" ] && echo "โœ…" || echo "โŒ") |" >> final-report.md - fi - - echo "" >> final-report.md - - # Add fork PR specific information if this is a fork PR - if [[ "${{ env.INPUT_is-fork-pr }}" == "true" ]]; then + # Add fork PR specific information if this is a fork PR (collapsed by default) + if [[ "${{ env.INPUT_is_fork_pr }}" == "true" ]]; then { - echo "" - echo "## ๐Ÿ” Fork PR Security Status" + echo "
" + echo "๐Ÿ” Fork PR Security Status" echo "" echo "โš ๏ธ **This workflow ran on a FORK Pull Request**" echo "" - echo "**Security Mode:** \`${{ env.INPUT_fork-security-mode }}\`" + echo "**Security Mode:** \`${{ env.INPUT_fork_security_mode }}\`" echo "" - echo "### Jobs Status for Fork PR" - echo "**โœ… Jobs That Ran Successfully:**" - echo "- Setup & Configuration" - echo "- MAGE-X Testing" - echo "- Code Quality Checks" - echo "- Pre-Commit System" - echo "- $([ "${{ env.INPUT_benchmarks-result }}" != "skipped" ] && echo "Benchmarks" || echo "_(Benchmarks were skipped)_")" + echo "**Jobs That Ran:** Setup, MAGE-X Testing, Code Quality, Pre-Commit$([ "${{ env.INPUT_benchmarks_result }}" != "skipped" ] && echo ", Benchmarks")" echo "" - echo "**โ›” Jobs Skipped for Security:**" - echo "- **Security Scans** - Requires secrets (\`OSSI_TOKEN\`, \`OSSI_USERNAME\`, \`GITLEAKS_LICENSE\`)" - echo "- **Test Suite** - Requires \`CODECOV_TOKEN\` for coverage uploads" - echo "- **Release** - PRs cannot trigger releases (tags only)" + echo "**Jobs Skipped (Require Secrets):** Security Scans, Test Suite with Coverage, Release" echo "" - echo "### Why Were Jobs Skipped?" - echo "Fork PRs have restricted access to repository secrets for security:" - echo "- โœ… Prevents credential theft from malicious fork PRs" - echo "- โœ… Protects external service tokens (OSSI, Codecov)" - echo "- โœ… Prevents unauthorized access through workflow modifications" + echo "
" echo "" - echo "**Note for Fork Contributors:**" - echo "Repository maintainers will review your PR and can manually run security scans if needed." - echo "All code quality checks and tests that don't require secrets have already run successfully!" } >> final-report.md fi # Add release-specific information if this was a tag push if [[ "${{ github.ref }}" == refs/tags/v* ]]; then { - echo "" - echo "## ๐Ÿ“ฆ Release Information" + echo "### ๐Ÿ“ฆ Release Information" } >> final-report.md - if [[ "${{ env.INPUT_release-result }}" == "success" ]]; then + if [[ "${{ env.INPUT_release_result }}" == "success" ]]; then { echo "โœ… Release ${{ github.ref_name }} created successfully!" echo "[View Release](https://github.com/${{ github.repository }}/releases/tag/${{ github.ref_name }})" } >> final-report.md - elif [[ "${{ env.INPUT_release-result }}" == "skipped" ]]; then + elif [[ "${{ env.INPUT_release_result }}" == "skipped" ]]; then echo "โญ๏ธ Release was skipped (likely due to test failures)" >> final-report.md - elif [[ "${{ env.INPUT_release-result }}" == "failure" ]]; then + elif [[ "${{ env.INPUT_release_result }}" == "failure" ]]; then echo "โŒ Release creation failed - check logs for details" >> final-report.md fi echo "" >> final-report.md fi # -------------------------------------------------------------------- - # Generate performance insights + # Generate performance insights (collapsed) # -------------------------------------------------------------------- - name: ๐Ÿš€ Generate Performance Insights id: performance-insights @@ -271,70 +317,40 @@ jobs: TOTAL_SECONDS=${TIMING_total_seconds:-0} { - echo "

" + echo "
" + echo "โฑ๏ธ Performance Insights" echo "" - echo "### ๐Ÿ“Š Workflow Analytics & Insights" } >> final-report.md # Overall timing insights if [[ $TOTAL_DURATION -gt 600 ]]; then - echo "- โš ๏ธ **Warning**: Workflow took longer than 10 minutes (${TOTAL_MINUTES}m ${TOTAL_SECONDS}s)" >> final-report.md + echo "- โš ๏ธ Workflow took longer than 10 minutes (${TOTAL_MINUTES}m ${TOTAL_SECONDS}s)" >> final-report.md elif [[ $TOTAL_DURATION -gt 300 && $TOTAL_DURATION -le 600 ]]; then - echo "- โ„น๏ธ Workflow completed in ${TOTAL_MINUTES}m ${TOTAL_SECONDS}s." >> final-report.md + echo "- โ„น๏ธ Workflow completed in ${TOTAL_MINUTES}m ${TOTAL_SECONDS}s" >> final-report.md elif [[ $TOTAL_DURATION -gt 180 && $TOTAL_DURATION -le 300 ]]; then - echo "- ๐ŸŽ‰ **Great Performance**: Workflow completed in under 5 minutes (${TOTAL_MINUTES}m ${TOTAL_SECONDS}s)!" >> final-report.md + echo "- ๐ŸŽ‰ Great: Under 5 minutes (${TOTAL_MINUTES}m ${TOTAL_SECONDS}s)" >> final-report.md elif [[ $TOTAL_DURATION -le 180 ]]; then - echo "- ๐Ÿš€ **Excellent Performance**: Workflow completed in under 3 minutes!" >> final-report.md + echo "- ๐Ÿš€ Excellent: Under 3 minutes!" >> final-report.md fi # Standard insights { - echo "- **Parallel Jobs**: Multiple jobs ran in parallel to optimize execution time" - echo "- **Matrix Strategy**: Tests ran across $(echo '${{ env.INPUT_test-matrix }}' | jq '.include | length') configurations" + echo "- **Parallel Jobs**: Multiple jobs ran in parallel" + echo "- **Matrix Strategy**: $(echo '${{ env.INPUT_test_matrix }}' | jq '.include | length') configurations" } >> final-report.md - if [ "${{ env.ENABLE_VERBOSE_TEST_OUTPUT }}" != "true" ]; then - echo "- **Verbose Output**: Disabled to speed up test execution" >> final-report.md - else - echo "- **Verbose Output**: Enabled for detailed test logs" >> final-report.md - fi - - # Add failure analysis if any job failed - FAILED_JOBS="" - [ "${{ env.INPUT_setup-result }}" != "success" ] && [ "${{ env.INPUT_setup-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Setup Configuration, " - [ "${{ env.INPUT_test-magex-result }}" != "success" ] && [ "${{ env.INPUT_test-magex-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Test MAGE-X, " - [ "${{ env.INPUT_pre-commit-result }}" != "success" ] && [ "${{ env.INPUT_pre-commit-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Pre-commit Checks, " - [ "${{ env.INPUT_security-result }}" != "success" ] && [ "${{ env.INPUT_security-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Security Scans, " - [ "${{ env.INPUT_code-quality-result }}" != "success" ] && [ "${{ env.INPUT_code-quality-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Code Quality, " - [ "${{ env.INPUT_test-suite-result }}" != "success" ] && [ "${{ env.INPUT_test-suite-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Test Suite, " - [ "${{ env.INPUT_benchmarks-result }}" != "success" ] && [ "${{ env.INPUT_benchmarks-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Benchmarks, " - [ "${{ env.INPUT_status-check-result }}" != "success" ] && [ "${{ env.INPUT_status-check-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Status Check, " - [ "${{ env.INPUT_release-result }}" != "success" ] && [ "${{ env.INPUT_release-result }}" != "skipped" ] && FAILED_JOBS="${FAILED_JOBS}Release, " - - if [ -n "$FAILED_JOBS" ]; then - FAILED_JOBS=${FAILED_JOBS%, } # Remove trailing comma - { - echo "

" - echo "" - echo "### โš ๏ธ Failed Components" - echo "The following jobs did not complete successfully:" - echo "- ${FAILED_JOBS}" - } >> final-report.md - fi + echo "" >> final-report.md + echo "
" >> final-report.md + echo "" >> final-report.md # -------------------------------------------------------------------- - # Add professional footer + # Add compact footer # -------------------------------------------------------------------- - name: โœ… Add Report Footer run: | - # Add professional footer before finalizing { - echo "

" - echo "" echo "---" - echo "๐ŸŽฏ **Workflow completed** at $(date -u +"%H:%M:%S UTC")" - echo "" - echo "_GoFortress CI/CD Pipeline - Built Strong. Tested Harder._" + echo "_๐ŸŽฏ Workflow completed at $(date -u +"%H:%M:%S UTC") โ€” GoFortress CI/CD Pipeline_" } >> final-report.md # -------------------------------------------------------------------- diff --git a/.github/workflows/fortress-coverage.yml b/.github/workflows/fortress-coverage.yml index 0640b65..a0dd365 100644 --- a/.github/workflows/fortress-coverage.yml +++ b/.github/workflows/fortress-coverage.yml @@ -192,7 +192,7 @@ jobs: - name: ๐Ÿ’พ Restore go-coverage binary cache (production) id: go-coverage-cache if: env.GO_COVERAGE_USE_LOCAL != 'true' - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: | ~/.cache/go-coverage-bin @@ -203,7 +203,7 @@ jobs: - name: ๐Ÿ’พ Restore go-coverage binary cache (local) id: go-coverage-local-cache if: env.GO_COVERAGE_USE_LOCAL == 'true' - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: | ~/.cache/go-coverage-local diff --git a/.github/workflows/fortress-pre-commit.yml b/.github/workflows/fortress-pre-commit.yml index d264d29..6169215 100644 --- a/.github/workflows/fortress-pre-commit.yml +++ b/.github/workflows/fortress-pre-commit.yml @@ -110,7 +110,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Restore golangci-lint analysis cache id: cache-golangci-lint-analysis - uses: actions/cache/restore@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ${{ env.GOLANGCI_LINT_CACHE }} key: ${{ inputs.primary-runner }}-golangci-lint-analysis-${{ hashFiles('.golangci.json', env.GO_SUM_FILE) }}-${{ env.GO_PRE_COMMIT_GOLANGCI_LINT_VERSION }} @@ -125,7 +125,7 @@ jobs: - name: ๐Ÿ’พ Restore go-pre-commit binary cache id: go-pre-commit-cache if: env.GO_PRE_COMMIT_USE_LOCAL != 'true' - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: | ~/.cache/go-pre-commit-bin @@ -139,7 +139,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Restore go-pre-commit tools cache id: go-pre-commit-tools-cache - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: | ~/.cache/go-pre-commit-tools @@ -690,6 +690,8 @@ jobs: if [ "${CHECKS_EXIT:-0}" -ne 0 ]; then echo "โŒ Pre-commit checks failed with exit code: ${CHECKS_EXIT}" + # Emit GitHub annotation for visibility at top of summary + echo "::error title=Pre-commit Checks Failed::Code quality issues detected - formatting, linting, or other pre-commit checks failed" exit ${CHECKS_EXIT} fi diff --git a/.github/workflows/fortress-release.yml b/.github/workflows/fortress-release.yml index 4de6864..28edefa 100644 --- a/.github/workflows/fortress-release.yml +++ b/.github/workflows/fortress-release.yml @@ -173,7 +173,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Cache golangci-lint analysis id: cache-golangci-lint - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ${{ env.GOLANGCI_LINT_CACHE }} key: ${{ inputs.primary-runner }}-golangci-lint-analysis-${{ hashFiles('.golangci.json', env.GO_SUM_FILE) }}-${{ inputs.golangci-lint-version }} @@ -197,6 +197,7 @@ jobs: else echo "โŒ GoReleaser configuration is invalid" >&2 echo "goreleaser_config_status=invalid" >> $GITHUB_OUTPUT + echo "::error title=Release Config Invalid::GoReleaser configuration validation failed - see job summary for details" exit 1 fi else @@ -207,6 +208,7 @@ jobs: else echo "โŒ GoReleaser configuration is invalid" >&2 echo "goreleaser_config_status=invalid" >> $GITHUB_OUTPUT + echo "::error title=Release Config Invalid::GoReleaser configuration validation failed - see job summary for details" exit 1 fi fi @@ -319,6 +321,7 @@ jobs: echo "โŒ GoReleaser with godocs via MAGE-X encountered issues" >&2 echo "goreleaser_status=failure" >> $GITHUB_OUTPUT echo "godocs_published=false" >> $GITHUB_OUTPUT + echo "::error title=Release Failed::GoReleaser with godocs failed - see job summary for details" exit 1 fi else @@ -331,6 +334,7 @@ jobs: echo "โŒ GoReleaser with godocs via MAGE-X encountered issues" >&2 echo "goreleaser_status=failure" >> $GITHUB_OUTPUT echo "godocs_published=false" >> $GITHUB_OUTPUT + echo "::error title=Release Failed::GoReleaser with godocs failed - see job summary for details" exit 1 fi fi @@ -346,6 +350,7 @@ jobs: echo "โŒ GoReleaser via MAGE-X encountered issues" >&2 echo "goreleaser_status=failure" >> $GITHUB_OUTPUT echo "godocs_published=skipped" >> $GITHUB_OUTPUT + echo "::error title=Release Failed::GoReleaser failed - see job summary for details" exit 1 fi else @@ -358,6 +363,7 @@ jobs: echo "โŒ GoReleaser via MAGE-X encountered issues" >&2 echo "goreleaser_status=failure" >> $GITHUB_OUTPUT echo "godocs_published=skipped" >> $GITHUB_OUTPUT + echo "::error title=Release Failed::GoReleaser failed - see job summary for details" exit 1 fi fi diff --git a/.github/workflows/fortress-security-scans.yml b/.github/workflows/fortress-security-scans.yml index 1abdc2b..b905908 100644 --- a/.github/workflows/fortress-security-scans.yml +++ b/.github/workflows/fortress-security-scans.yml @@ -322,7 +322,7 @@ jobs: # -------------------------------------------------------------------- - name: ๐Ÿ’พ Restore govulncheck binary cache id: govuln-cache - uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: | ~/.cache/govulncheck-bin diff --git a/.github/workflows/fortress-setup-config.yml b/.github/workflows/fortress-setup-config.yml index f4dc84b..c857e50 100644 --- a/.github/workflows/fortress-setup-config.yml +++ b/.github/workflows/fortress-setup-config.yml @@ -555,7 +555,7 @@ jobs: with: env-json: ${{ inputs.env-json }} # -------------------------------------------------------------------- - # Build the configuration summary (Part 1: Header and Core Config) + # Build the configuration summary (Part 1: Compact Overview) # -------------------------------------------------------------------- - name: ๐Ÿ“‹ Build Configuration Summary (Part 1) id: config-summary-part1 @@ -567,28 +567,39 @@ jobs: # Count environment variables ENV_COUNT=$(echo "$ENV_JSON" | jq 'keys | length') + ENABLED_FEATURES=$(echo "$ENV_JSON" | jq -r '[to_entries | .[] | select(.key | startswith("ENABLE_")) | select(.value == "true")] | length') + DISABLED_FEATURES=$(echo "$ENV_JSON" | jq -r '[to_entries | .[] | select(.key | startswith("ENABLE_")) | select(.value == "false")] | length') + MATRIX_COUNT=$(echo "$MATRIX_JSON" | jq '.include | length') - # Get current timestamp - SUMMARY_TIME=$(date -u +"%Y-%m-%d %H:%M:%S UTC") - - # Start building the summary - echo "# GoFortress CI Configuration Report" >> $GITHUB_STEP_SUMMARY - echo "_Generated at: ${SUMMARY_TIME}_" >> $GITHUB_STEP_SUMMARY + # ================================================================= + # COMPACT SUMMARY (Always visible - the "5%") + # ================================================================= + echo "# ๐Ÿฐ GoFortress CI Configuration" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "## ๐Ÿฐ GoFortress System Information" >> $GITHUB_STEP_SUMMARY echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY - echo "| **System Version** | \`${{ steps.extract-version.outputs.version }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Release Date** | ${{ steps.extract-version.outputs.released }} |" >> $GITHUB_STEP_SUMMARY - - # Count all fortress workflow files (including main fortress.yml) - FORTRESS_FILES=$(find .github/workflows -name "fortress*.yml" | wc -l | tr -d ' ') - echo "| **Workflow Components** | ${FORTRESS_FILES} fortress files |" >> $GITHUB_STEP_SUMMARY + echo "| **Version** | \`${{ steps.extract-version.outputs.version }}\` (${{ steps.extract-version.outputs.released }}) |" >> $GITHUB_STEP_SUMMARY + echo "| **Trigger** | \`${{ github.event_name }}\` โ†’ \`${{ github.ref_name }}\` @ \`${GITHUB_SHA:0:7}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **Features** | $ENABLED_FEATURES enabled ยท $DISABLED_FEATURES disabled |" >> $GITHUB_STEP_SUMMARY + echo "| **Test Matrix** | $MATRIX_COUNT combinations |" >> $GITHUB_STEP_SUMMARY + echo "| **Go Versions** | $(echo "$UNIQUE_GO_VERSIONS" | jq -r 'join(", ")') |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY - # Workflow Trigger Information - echo "## ๐ŸŽฏ Workflow Trigger" >> $GITHUB_STEP_SUMMARY + # Fork PR Warning (if applicable) - this stays visible + if [[ "${{ steps.fork-detection.outputs.is-fork-pr }}" == "true" ]]; then + echo "โš ๏ธ **FORK PR DETECTED** โ€” Security scans requiring secrets will be skipped." >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + fi + + # ================================================================= + # INDIVIDUAL COLLAPSIBLE SECTIONS (Each one collapsed by default) + # ================================================================= + + # Workflow Trigger Information (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐ŸŽฏ Workflow Trigger" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "### Trigger Details" >> $GITHUB_STEP_SUMMARY echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY echo "| **Trigger Type** | \`${{ github.event_name }}\` |" >> $GITHUB_STEP_SUMMARY @@ -596,48 +607,26 @@ jobs: echo "| **Branch/Tag** | \`${{ github.ref_name }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Commit SHA** | \`${{ github.sha }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Is Tag Push** | $([ "${{ startsWith(github.ref, 'refs/tags/') }}" == "true" ] && echo "โœ… Yes" || echo "โŒ No") |" >> $GITHUB_STEP_SUMMARY - echo "| **Is Release Eligible** | $([ "${{ startsWith(github.ref, 'refs/tags/v') }}" == "true" ] && echo "๐Ÿš€ **Yes - Release will run if tests pass**" || echo "โŒ No") |" >> $GITHUB_STEP_SUMMARY + echo "| **Is Release Eligible** | $([ "${{ startsWith(github.ref, 'refs/tags/v') }}" == "true" ] && echo "๐Ÿš€ Yes" || echo "โŒ No") |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY # Fork PR Status (if applicable) if [[ "${{ steps.fork-detection.outputs.is-fork-pr }}" == "true" ]]; then - echo "## ๐Ÿ” Fork PR Security Status" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "โš ๏ธ **This is a FORK Pull Request**" >> $GITHUB_STEP_SUMMARY + echo "#### ๐Ÿ” Fork PR Security" >> $GITHUB_STEP_SUMMARY + echo "**Security Mode:** \`${{ steps.fork-detection.outputs.fork-security-mode }}\`" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "**Security Mode:** \`${{ steps.fork-detection.outputs.fork-security-mode }}\` (restricted for security)" >> $GITHUB_STEP_SUMMARY + echo "**Runs:** Setup, MAGE-X, Cache, Code Quality, Pre-Commit, Benchmarks" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "### Jobs That Will Run:" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **Setup & Configuration** - Environment detection and matrix generation" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **MAGE-X Testing** - Build system verification" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **Cache Warming** - Dependency and build cache preparation" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **Code Quality** - golangci-lint, static analysis, YAML validation" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **Pre-Commit Checks** - Formatting, whitespace, EOF checks (17x faster)" >> $GITHUB_STEP_SUMMARY - echo "- โœ… **Benchmarks** - Performance testing and regression detection" >> $GITHUB_STEP_SUMMARY + echo "**Skipped:** Security Scans, Test Suite with Coverage, Release" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "### Jobs That Will Be Skipped (Require Secrets):" >> $GITHUB_STEP_SUMMARY - echo "- โ›” **Security Scans** - Nancy (requires \`OSSI_TOKEN\`), Govulncheck, Gitleaks" >> $GITHUB_STEP_SUMMARY - echo "- โ›” **Test Suite with Coverage** - Codecov upload (requires \`CODECOV_TOKEN\`)" >> $GITHUB_STEP_SUMMARY - echo "- โ›” **Release** - Already skipped for PRs (only runs on tags)" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "### Why Are Some Jobs Skipped?" >> $GITHUB_STEP_SUMMARY - echo "Fork PRs run with limited access to repository secrets for security. This prevents:" >> $GITHUB_STEP_SUMMARY - echo "- Unauthorized access to external service credentials (OSSI, Codecov)" >> $GITHUB_STEP_SUMMARY - echo "- Potential credential theft from malicious fork PRs" >> $GITHUB_STEP_SUMMARY - echo "- Exposure of sensitive tokens through workflow modifications" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "**Maintainers will review your PR and can manually run security scans if needed.**" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY fi + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY - # Configuration Statistics (moved up for overview) - echo "## ๐Ÿ“ˆ Configuration Overview" >> $GITHUB_STEP_SUMMARY - ENABLED_FEATURES=$(echo "$ENV_JSON" | jq -r '[to_entries | .[] | select(.key | startswith("ENABLE_")) | select(.value == "true")] | length') - DISABLED_FEATURES=$(echo "$ENV_JSON" | jq -r '[to_entries | .[] | select(.key | startswith("ENABLE_")) | select(.value == "false")] | length') - MATRIX_COUNT=$(echo "$MATRIX_JSON" | jq '.include | length') - + # Configuration Statistics (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ“ˆ Configuration Overview" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY echo "- **Workflow Start Time**: ${{ steps.timer.outputs.start-time }}" >> $GITHUB_STEP_SUMMARY # Configuration File Discovery @@ -646,11 +635,10 @@ jobs: BASE_COUNT="${{ inputs.base-var-count }}" CUSTOM_COUNT="${{ inputs.custom-var-count }}" - # Show configuration sources if [[ "$CUSTOM_FOUND" == "true" ]]; then - echo "- **Configuration Sources**: ๐Ÿ“‚ Base (\`.env.base\`: $BASE_COUNT vars) + ๐ŸŽจ Custom (\`.env.custom\`: $CUSTOM_COUNT overrides)" >> $GITHUB_STEP_SUMMARY + echo "- **Configuration Sources**: Base (\`.env.base\`: $BASE_COUNT vars) + Custom (\`.env.custom\`: $CUSTOM_COUNT overrides)" >> $GITHUB_STEP_SUMMARY else - echo "- **Configuration Sources**: ๐Ÿ“‚ Base only (\`.env.base\`: $BASE_COUNT variables)" >> $GITHUB_STEP_SUMMARY + echo "- **Configuration Sources**: Base only (\`.env.base\`: $BASE_COUNT variables)" >> $GITHUB_STEP_SUMMARY fi echo "- **Total Environment Variables**: $ENV_COUNT" >> $GITHUB_STEP_SUMMARY @@ -660,10 +648,13 @@ jobs: echo "- **Unique Go Versions**: $(echo "$UNIQUE_GO_VERSIONS" | jq 'length')" >> $GITHUB_STEP_SUMMARY echo "- **Runner Operating Systems**: $([ "${{ env.PRIMARY_RUNNER }}" == "${{ env.SECONDARY_RUNNER }}" ] && echo "1" || echo "2")" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY - # Core Configuration - echo "## ๐Ÿ›  Core CI Configuration" >> $GITHUB_STEP_SUMMARY + # Core Configuration (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ›  Core CI Configuration" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY echo "| Setting | Value | Description |" >> $GITHUB_STEP_SUMMARY echo "|---------|-------|-------------|" >> $GITHUB_STEP_SUMMARY echo "| **Primary Runner** | \`${{ env.PRIMARY_RUNNER }}\` | Main OS for CI jobs |" >> $GITHUB_STEP_SUMMARY @@ -672,13 +663,13 @@ jobs: echo "| **Secondary Go Version** | \`${{ env.GO_SECONDARY_VERSION }}\` | Additional Go version for testing |" >> $GITHUB_STEP_SUMMARY echo "| **Unique Go Versions** | $UNIQUE_GO_VERSIONS | Deduplicated list of Go versions |" >> $GITHUB_STEP_SUMMARY echo "| **Go Sum File** | \`${{ env.GO_SUM_FILE }}\` | Location of go.sum for dependency verification |" >> $GITHUB_STEP_SUMMARY - echo "| **Go Module Directory** | \`${{ env.GO_MODULE_DIR || '.' }}\` | Directory containing go.mod (extracted from go.sum path) |" >> $GITHUB_STEP_SUMMARY - echo "| **Module Root Type** | $([ -n \"${{ env.GO_MODULE_DIR }}\" ] && echo \"๐Ÿ“ Subdirectory\" || echo \"๐Ÿ“‚ Repository Root\") | Whether go.mod is in repository root or subdirectory |" >> $GITHUB_STEP_SUMMARY - echo "| **Multi-Module Testing** | $([ \"${{ env.ENABLE_MULTI_MODULE_TESTING }}\" == \"true\" ] && echo \"โœ… Enabled\" || echo \"โŒ Disabled\") | $([ \"${{ env.ENABLE_MULTI_MODULE_TESTING }}\" == \"true\" ] && echo \"Tests run from repo root with automatic module discovery\" || echo \"Tests run from module directory specified by GO_SUM_FILE\") |" >> $GITHUB_STEP_SUMMARY - echo "| **Multi-Module Workspace** | $([ \"${{ steps.detect-gowork.outputs.gowork-exists }}\" == \"true\" ] && echo \"โœ… go.work found\" || echo \"โšช No go.work file\") | $([ \"${{ steps.detect-gowork.outputs.gowork-exists }}\" == \"true\" ] && echo \"Workspace file enables cross-module dependency resolution\" || echo \"Single module repository\") |" >> $GITHUB_STEP_SUMMARY - echo "| **Test Execution Context** | $([ \"${{ env.ENABLE_MULTI_MODULE_TESTING }}\" == \"true\" ] && echo \"๐Ÿ“ฆ Repository Root\" || echo \"๐Ÿ“ Module Directory\") | Working directory for test execution and cache keys |" >> $GITHUB_STEP_SUMMARY + echo "| **Go Module Directory** | \`${{ env.GO_MODULE_DIR || '.' }}\` | Directory containing go.mod |" >> $GITHUB_STEP_SUMMARY + echo "| **Module Root Type** | $([ -n \"${{ env.GO_MODULE_DIR }}\" ] && echo \"๐Ÿ“ Subdirectory\" || echo \"๐Ÿ“‚ Repository Root\") | go.mod location |" >> $GITHUB_STEP_SUMMARY + echo "| **Multi-Module Testing** | $([ \"${{ env.ENABLE_MULTI_MODULE_TESTING }}\" == \"true\" ] && echo \"โœ… Enabled\" || echo \"โŒ Disabled\") | Auto module discovery |" >> $GITHUB_STEP_SUMMARY + echo "| **Multi-Module Workspace** | $([ \"${{ steps.detect-gowork.outputs.gowork-exists }}\" == \"true\" ] && echo \"โœ… go.work found\" || echo \"โšช No go.work\") | Workspace support |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY # -------------------------------------------------------------------- # Build the configuration summary (Part 2: Test Matrix and Features) # -------------------------------------------------------------------- @@ -688,11 +679,11 @@ jobs: ENV_JSON: ${{ inputs.env-json }} run: | MATRIX_JSON='${{ steps.matrix.outputs.matrix }}' - - # Test Matrix - echo "## ๐Ÿงช Generated Test Matrix" >> $GITHUB_STEP_SUMMARY MATRIX_COUNT=$(echo "$MATRIX_JSON" | jq '.include | length') - echo "**Total test configurations**: $MATRIX_COUNT" >> $GITHUB_STEP_SUMMARY + + # Test Matrix (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿงช Generated Test Matrix ($MATRIX_COUNT configurations)" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "| # | OS | Go Version | Configuration Name |" >> $GITHUB_STEP_SUMMARY echo "|---|----|-----------|--------------------|" >> $GITHUB_STEP_SUMMARY @@ -700,29 +691,33 @@ jobs: echo "$MATRIX_JSON" | jq -r '.include | to_entries | .[] | "| \(.key + 1) | \(.value.os) | \(.value["go-version"]) | \(.value.name) |"' >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY - # Feature Flags - echo "## ๐Ÿš€ Feature Flags" >> $GITHUB_STEP_SUMMARY + # Feature Flags (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿš€ Feature Flags" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY echo "| Feature | Status | Impact |" >> $GITHUB_STEP_SUMMARY echo "|---------|--------|--------|" >> $GITHUB_STEP_SUMMARY - echo "| **Benchmarks** | $([ "${{ env.ENABLE_BENCHMARKS }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Performance benchmarks will $([ "${{ env.ENABLE_BENCHMARKS }}" == "true" ] && echo "run in **${{ env.BENCHMARK_MODE }}** mode" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Cache Warming** | $([ "${{ env.ENABLE_CACHE_WARMING }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Go module and build caches will $([ "${{ env.ENABLE_CACHE_WARMING }}" == "true" ] && echo "be pre-warmed for faster test execution" || echo "not be pre-warmed (saves memory)") |" >> $GITHUB_STEP_SUMMARY - echo "| **Code Coverage** | $([ "${{ env.ENABLE_CODE_COVERAGE }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Coverage will $([ "${{ env.ENABLE_CODE_COVERAGE }}" == "true" ] && echo "use $([ "${{ env.GO_COVERAGE_PROVIDER }}" == "codecov" ] && echo "**Codecov**" || echo "**go-coverage**") (${{ env.GO_COVERAGE_THRESHOLD }}% threshold)" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Fuzz Testing** | $([ "${{ env.ENABLE_FUZZ_TESTING }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Fuzz tests will $([ "${{ env.ENABLE_FUZZ_TESTING }}" == "true" ] && echo "run in parallel job on Linux with primary Go version" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Go Tests** | $([ "${{ env.ENABLE_GO_TESTS }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Test suite will $([ "${{ env.ENABLE_GO_TESTS }}" == "true" ] && echo "run across matrix configurations" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Gitleaks (Secret Scan)** | $([ "${{ env.ENABLE_SECURITY_SCAN_GITLEAKS }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Gitleaks will $([ "${{ env.ENABLE_SECURITY_SCAN_GITLEAKS }}" == "true" ] && echo "scan for leaked secrets" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Go Linting** | $([ "${{ env.ENABLE_GO_LINT }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | golangci-lint via MAGE-X will $([ "${{ env.ENABLE_GO_LINT }}" == "true" ] && echo "analyze code quality" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Govulncheck** | $([ "${{ env.ENABLE_SECURITY_SCAN_GOVULNCHECK }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | govulncheck via MAGE-X will $([ "${{ env.ENABLE_SECURITY_SCAN_GOVULNCHECK }}" == "true" ] && echo "scan for Go vulnerabilities" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Nancy (Dep Checks)** | $([ "${{ env.ENABLE_SECURITY_SCAN_NANCY }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Nancy will $([ "${{ env.ENABLE_SECURITY_SCAN_NANCY }}" == "true" ] && echo "scan dependencies for vulnerabilities" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Pre-Commit System** | $([ "${{ env.ENABLE_GO_PRE_COMMIT }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | GoFortress pre-commit hooks will $([ "${{ env.ENABLE_GO_PRE_COMMIT }}" == "true" ] && echo "run 17x faster than Python alternatives" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Race Detection** | $([ "${{ env.ENABLE_RACE_DETECTION }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Tests will $([ "${{ env.ENABLE_RACE_DETECTION }}" == "true" ] && echo "run with -race flag" || echo "run without race detection") |" >> $GITHUB_STEP_SUMMARY - echo "| **Static Analysis** | $([ "${{ env.ENABLE_STATIC_ANALYSIS }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Static analysis will $([ "${{ env.ENABLE_STATIC_ANALYSIS }}" == "true" ] && echo "check for code issues" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **YAML Linting** | $([ "${{ env.ENABLE_YAML_LINT }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | yamlfmt via MAGE-X will $([ "${{ env.ENABLE_YAML_LINT }}" == "true" ] && echo "validate YAML/JSON formatting" || echo "be skipped") |" >> $GITHUB_STEP_SUMMARY - echo "| **Redis Service** | $([ "${{ steps.redis-config.outputs.redis-enabled }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Redis ${{ env.REDIS_VERSION }} will $([ "${{ steps.redis-config.outputs.redis-enabled }}" == "true" ] && echo "run as service container for tests" || echo "not be available") |" >> $GITHUB_STEP_SUMMARY - echo "| **Go Docs Publishing** | $([ "${{ env.ENABLE_GODOCS_PUBLISHING }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Go documentation will $([ "${{ env.ENABLE_GODOCS_PUBLISHING }}" == "true" ] && echo "be syndicated to pkg.go.dev on releases" || echo "not be published") |" >> $GITHUB_STEP_SUMMARY + echo "| **Benchmarks** | $([ "${{ env.ENABLE_BENCHMARKS }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_BENCHMARKS }}" == "true" ] && echo "Mode: **${{ env.BENCHMARK_MODE }}**" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Cache Warming** | $([ "${{ env.ENABLE_CACHE_WARMING }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_CACHE_WARMING }}" == "true" ] && echo "Pre-warm module/build caches" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Code Coverage** | $([ "${{ env.ENABLE_CODE_COVERAGE }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_CODE_COVERAGE }}" == "true" ] && echo "Provider: $([ "${{ env.GO_COVERAGE_PROVIDER }}" == "codecov" ] && echo "Codecov" || echo "go-coverage") (${{ env.GO_COVERAGE_THRESHOLD }}%)" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Fuzz Testing** | $([ "${{ env.ENABLE_FUZZ_TESTING }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_FUZZ_TESTING }}" == "true" ] && echo "Parallel on Linux" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Go Tests** | $([ "${{ env.ENABLE_GO_TESTS }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_GO_TESTS }}" == "true" ] && echo "Matrix execution" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Gitleaks** | $([ "${{ env.ENABLE_SECURITY_SCAN_GITLEAKS }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_SECURITY_SCAN_GITLEAKS }}" == "true" ] && echo "Secret scanning" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Go Linting** | $([ "${{ env.ENABLE_GO_LINT }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_GO_LINT }}" == "true" ] && echo "golangci-lint" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Govulncheck** | $([ "${{ env.ENABLE_SECURITY_SCAN_GOVULNCHECK }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_SECURITY_SCAN_GOVULNCHECK }}" == "true" ] && echo "Go vulnerability scan" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Nancy** | $([ "${{ env.ENABLE_SECURITY_SCAN_NANCY }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_SECURITY_SCAN_NANCY }}" == "true" ] && echo "Dependency checks" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Pre-Commit** | $([ "${{ env.ENABLE_GO_PRE_COMMIT }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_GO_PRE_COMMIT }}" == "true" ] && echo "17x faster hooks" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Race Detection** | $([ "${{ env.ENABLE_RACE_DETECTION }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_RACE_DETECTION }}" == "true" ] && echo "-race flag" || echo "No race detection") |" >> $GITHUB_STEP_SUMMARY + echo "| **Static Analysis** | $([ "${{ env.ENABLE_STATIC_ANALYSIS }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_STATIC_ANALYSIS }}" == "true" ] && echo "go vet" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **YAML Linting** | $([ "${{ env.ENABLE_YAML_LINT }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_YAML_LINT }}" == "true" ] && echo "yamlfmt" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "| **Redis Service** | $([ "${{ steps.redis-config.outputs.redis-enabled }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ steps.redis-config.outputs.redis-enabled }}" == "true" ] && echo "Redis ${{ env.REDIS_VERSION }}" || echo "Not available") |" >> $GITHUB_STEP_SUMMARY + echo "| **Go Docs** | $([ "${{ env.ENABLE_GODOCS_PUBLISHING }}" == "true" ] && echo "โœ…" || echo "โŒ") | $([ "${{ env.ENABLE_GODOCS_PUBLISHING }}" == "true" ] && echo "Publish to pkg.go.dev" || echo "Skipped") |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY # -------------------------------------------------------------------- # Build the configuration summary (Part 3: Benchmark and Coverage Config) # -------------------------------------------------------------------- @@ -731,64 +726,53 @@ jobs: env: ENV_JSON: ${{ inputs.env-json }} run: | - # Benchmark Configuration (only show if benchmarks are enabled) + # Benchmark Configuration (collapsed, only if enabled) if [[ "${{ env.ENABLE_BENCHMARKS }}" == "true" ]]; then - echo "## ๐Ÿƒ Benchmark Configuration" >> $GITHUB_STEP_SUMMARY - echo "| Setting | Value | Description |" >> $GITHUB_STEP_SUMMARY - echo "|---------|-------|-------------|" >> $GITHUB_STEP_SUMMARY - echo "| **Benchmark Mode** | \`${{ env.BENCHMARK_MODE }}\` | $(case "${{ env.BENCHMARK_MODE }}" in quick) echo "Quick runs (50ms)" ;; full) echo "Comprehensive runs (10s)" ;; *) echo "Normal runs (100ms)" ;; esac) |" >> $GITHUB_STEP_SUMMARY - echo "| **Benchmark Timeout** | \`${{ env.BENCHMARK_TIMEOUT }}\` minutes | Maximum time allowed for benchmark execution |" >> $GITHUB_STEP_SUMMARY - echo "| **Available Modes** | quick, normal, full | Set via \`BENCHMARK_MODE\` in configuration |" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿƒ Benchmark Configuration" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Setting | Value |" >> $GITHUB_STEP_SUMMARY + echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY + echo "| **Mode** | \`${{ env.BENCHMARK_MODE }}\` ($(case "${{ env.BENCHMARK_MODE }}" in quick) echo "50ms" ;; full) echo "10s" ;; *) echo "100ms" ;; esac)) |" >> $GITHUB_STEP_SUMMARY + echo "| **Timeout** | ${{ env.BENCHMARK_TIMEOUT }} minutes |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY fi - # Coverage Configuration (only show if coverage is enabled) + # Coverage Configuration (collapsed, only if enabled) if [[ "${{ env.ENABLE_CODE_COVERAGE }}" == "true" ]]; then - echo "## ๐Ÿ“Š Coverage System Configuration" >> $GITHUB_STEP_SUMMARY - echo "| Setting | Value | Description |" >> $GITHUB_STEP_SUMMARY - echo "|---------|-------|-------------|" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ“Š Coverage System" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Setting | Value |" >> $GITHUB_STEP_SUMMARY + echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY - # Show provider-specific configuration if [[ "${{ env.GO_COVERAGE_PROVIDER }}" == "codecov" ]]; then - echo "| **Coverage System** | \`Codecov\` | External coverage service |" >> $GITHUB_STEP_SUMMARY - echo "| **Token Required** | $([ "${{ env.CODECOV_TOKEN_REQUIRED }}" == "true" ] && echo "โœ… Yes" || echo "โŒ No") | CODECOV_TOKEN secret requirement |" >> $GITHUB_STEP_SUMMARY - echo "| **Coverage Threshold** | \`${{ env.GO_COVERAGE_THRESHOLD }}%\` | Minimum acceptable coverage |" >> $GITHUB_STEP_SUMMARY - - # Always show codecov config location when using codecov provider - echo "| **Codecov Config Location** | $([ -f "codecov.yml" ] && echo "\`codecov.yml\`" || ([ -f ".codecov.yml" ] && echo "\`.codecov.yml\`" || echo "โŒ Not Found")) | Codecov configuration file in repository root |" >> $GITHUB_STEP_SUMMARY + echo "| **System** | Codecov |" >> $GITHUB_STEP_SUMMARY + echo "| **Threshold** | ${{ env.GO_COVERAGE_THRESHOLD }}% |" >> $GITHUB_STEP_SUMMARY else - echo "| **Coverage System** | \`Internal go-coverage\` | Self-hosted coverage tracking with GitHub Pages |" >> $GITHUB_STEP_SUMMARY - echo "| **Coverage Threshold** | \`${{ env.GO_COVERAGE_THRESHOLD }}%\` | Minimum acceptable coverage |" >> $GITHUB_STEP_SUMMARY - echo "| **Badge Style** | \`${{ env.GO_COVERAGE_BADGE_STYLE }}\` | Coverage badge appearance |" >> $GITHUB_STEP_SUMMARY - echo "| **Badge Logo** | \`${{ env.GO_COVERAGE_BADGE_LOGO }}\` | Badge logo/icon |" >> $GITHUB_STEP_SUMMARY - echo "| **Report Theme** | \`${{ env.GO_COVERAGE_REPORT_THEME }}\` | HTML report styling |" >> $GITHUB_STEP_SUMMARY - echo "| **PR Comments** | $([ "${{ env.GO_COVERAGE_POST_COMMENTS }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Coverage comments on pull requests |" >> $GITHUB_STEP_SUMMARY - echo "| **History Retention** | \`${{ env.GO_COVERAGE_HISTORY_RETENTION }}\` days | Coverage data retention period |" >> $GITHUB_STEP_SUMMARY - echo "| **Exclude Paths** | \`${{ env.GO_COVERAGE_EXCLUDE_PATHS }}\` | Paths excluded from coverage |" >> $GITHUB_STEP_SUMMARY + echo "| **System** | Internal go-coverage |" >> $GITHUB_STEP_SUMMARY + echo "| **Threshold** | ${{ env.GO_COVERAGE_THRESHOLD }}% |" >> $GITHUB_STEP_SUMMARY + echo "| **PR Comments** | $([ "${{ env.GO_COVERAGE_POST_COMMENTS }}" == "true" ] && echo "โœ…" || echo "โŒ") |" >> $GITHUB_STEP_SUMMARY fi echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY fi - # Redis Service Configuration (only show if redis is enabled) + # Redis Service Configuration (collapsed, only if enabled) if [[ "${{ steps.redis-config.outputs.redis-enabled }}" == "true" ]]; then - echo "## ๐Ÿ—„๏ธ Redis Service Configuration" >> $GITHUB_STEP_SUMMARY - echo "| Setting | Value | Description |" >> $GITHUB_STEP_SUMMARY - echo "|---------|-------|-------------|" >> $GITHUB_STEP_SUMMARY - echo "| **Service Status** | \`โœ… Enabled\` | Redis service container will be available for tests and benchmarks |" >> $GITHUB_STEP_SUMMARY - echo "| **Service Mode** | \`${{ steps.redis-config.outputs.redis-service-mode }}\` | How Redis enablement was determined (auto/always/never) |" >> $GITHUB_STEP_SUMMARY - echo "| **Redis Version** | \`${{ steps.redis-config.outputs.redis-version }}\` | Docker image version used for service container |" >> $GITHUB_STEP_SUMMARY - echo "| **Connection Host** | \`${{ steps.redis-config.outputs.redis-host }}\` | Redis server hostname for test connections |" >> $GITHUB_STEP_SUMMARY - echo "| **Connection Port** | \`${{ steps.redis-config.outputs.redis-port }}\` | Redis server port for test connections |" >> $GITHUB_STEP_SUMMARY - echo "| **Health Check Retries** | \`${{ steps.redis-config.outputs.redis-health-retries }}\` | Number of health check retries before considering service unhealthy |" >> $GITHUB_STEP_SUMMARY - echo "| **Health Check Interval** | \`${{ steps.redis-config.outputs.redis-health-interval }}\` seconds | Time between health check attempts |" >> $GITHUB_STEP_SUMMARY - echo "| **Health Check Timeout** | \`${{ steps.redis-config.outputs.redis-health-timeout }}\` seconds | Maximum time allowed for each health check |" >> $GITHUB_STEP_SUMMARY - echo "| **Force Pull Image** | $([ "${{ steps.redis-config.outputs.redis-cache-force-pull }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Always pull latest Docker image vs using cache |" >> $GITHUB_STEP_SUMMARY - echo "| **Trust Service Health** | $([ "${{ steps.redis-config.outputs.redis-trust-service-health }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Trust Docker service health checks vs custom script |" >> $GITHUB_STEP_SUMMARY - echo "| **Service Container** | Docker with native health checks | Uses GitHub Actions native service containers for reliability |" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ—„๏ธ Redis Service" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Setting | Value |" >> $GITHUB_STEP_SUMMARY + echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY + echo "| **Version** | ${{ steps.redis-config.outputs.redis-version }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Connection** | ${{ steps.redis-config.outputs.redis-host }}:${{ steps.redis-config.outputs.redis-port }} |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY fi # -------------------------------------------------------------------- # Build the configuration summary (Part 4: Pre-commit and Security) @@ -798,45 +782,53 @@ jobs: env: ENV_JSON: ${{ inputs.env-json }} run: | - # Pre-Commit System Configuration (only show if pre-commit is enabled) + # Pre-Commit System Configuration (collapsed, only if enabled) if [[ "${{ env.ENABLE_GO_PRE_COMMIT }}" == "true" ]]; then - echo "## ๐Ÿช Pre-Commit System Configuration" >> $GITHUB_STEP_SUMMARY - echo "| Setting | Value | Description |" >> $GITHUB_STEP_SUMMARY - echo "|---------|-------|-------------|" >> $GITHUB_STEP_SUMMARY - echo "| **Pre-Commit System** | \`go-pre-commit\` | Pure Go implementation, 17x faster execution |" >> $GITHUB_STEP_SUMMARY - echo "| **Timeout** | \`${{ env.GO_PRE_COMMIT_TIMEOUT_SECONDS }}\` seconds | Maximum time allowed for all checks |" >> $GITHUB_STEP_SUMMARY - echo "| **Parallel Workers** | \`${{ env.GO_PRE_COMMIT_PARALLEL_WORKERS }}\` | Concurrent check execution (0 = auto CPU count) |" >> $GITHUB_STEP_SUMMARY - echo "| **Fail Fast Mode** | $([ "${{ env.GO_PRE_COMMIT_FAIL_FAST }}" == "true" ] && echo "โšก Enabled" || echo "๐Ÿ“ Disabled") | Stop on first failure vs run all checks |" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿช Pre-Commit System" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Setting | Value |" >> $GITHUB_STEP_SUMMARY + echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY + echo "| **System** | go-pre-commit (17x faster) |" >> $GITHUB_STEP_SUMMARY + echo "| **Timeout** | ${{ env.GO_PRE_COMMIT_TIMEOUT_SECONDS }}s |" >> $GITHUB_STEP_SUMMARY + echo "| **Workers** | ${{ env.GO_PRE_COMMIT_PARALLEL_WORKERS }} (0=auto) |" >> $GITHUB_STEP_SUMMARY + echo "| **Fail Fast** | $([ "${{ env.GO_PRE_COMMIT_FAIL_FAST }}" == "true" ] && echo "โšก Yes" || echo "No") |" >> $GITHUB_STEP_SUMMARY echo "| **Log Level** | \`${{ env.GO_PRE_COMMIT_LOG_LEVEL }}\` | Debug/info logging output level |" >> $GITHUB_STEP_SUMMARY echo "| **Max File Size** | \`${{ env.GO_PRE_COMMIT_MAX_FILE_SIZE_MB }}\` MB | Maximum file size limit for processing |" >> $GITHUB_STEP_SUMMARY echo "| **Max Open Files** | \`${{ env.GO_PRE_COMMIT_MAX_FILES_OPEN }}\` | Maximum concurrent file handles |" >> $GITHUB_STEP_SUMMARY echo "| **Exclude Patterns** | \`${{ env.GO_PRE_COMMIT_EXCLUDE_PATTERNS }}\` | Patterns excluded from pre-commit checks |" >> $GITHUB_STEP_SUMMARY - echo "| **Color Output** | $([ "${{ env.GO_PRE_COMMIT_COLOR_OUTPUT }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Terminal color support |" >> $GITHUB_STEP_SUMMARY - echo "| **Tool Versions** | golangci-lint: \`${{ env.GO_PRE_COMMIT_GOLANGCI_LINT_VERSION }}\`, gofumpt: \`${{ env.GO_PRE_COMMIT_FUMPT_VERSION }}\` | Pinned tool versions for consistency |" >> $GITHUB_STEP_SUMMARY + echo "| **Tools** | golangci-lint \`${{ env.GO_PRE_COMMIT_GOLANGCI_LINT_VERSION }}\`, gofumpt \`${{ env.GO_PRE_COMMIT_FUMPT_VERSION }}\` |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY fi - # Build Requirements - echo "## ๐Ÿ”จ Build Requirements" >> $GITHUB_STEP_SUMMARY - echo "| Requirement | Status | Details |" >> $GITHUB_STEP_SUMMARY - echo "|-------------|--------|---------|" >> $GITHUB_STEP_SUMMARY - echo "| **.mage.yaml** | $([ "${{ steps.config.outputs.magefile-exists }}" == "true" ] && echo "โœ… Found" || echo "โš ๏ธ Not Found") | Required: $([ "${{ env.MAGEFILE_REQUIRED }}" == "true" ] && echo "Yes" || echo "No") |" >> $GITHUB_STEP_SUMMARY - echo "| **Verbose Output** | $([ "${{ env.ENABLE_VERBOSE_TEST_OUTPUT }}" == "true" ] && echo "โœ… Enabled" || echo "โŒ Disabled") | Test output verbosity |" >> $GITHUB_STEP_SUMMARY + # Build Requirements (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ”จ Build Requirements" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Requirement | Status |" >> $GITHUB_STEP_SUMMARY + echo "|-------------|--------|" >> $GITHUB_STEP_SUMMARY + echo "| **.mage.yaml** | $([ "${{ steps.config.outputs.magefile-exists }}" == "true" ] && echo "โœ… Found" || echo "โš ๏ธ Not Found") (Required: $([ "${{ env.MAGEFILE_REQUIRED }}" == "true" ] && echo "Yes" || echo "No")) |" >> $GITHUB_STEP_SUMMARY + echo "| **Verbose Output** | $([ "${{ env.ENABLE_VERBOSE_TEST_OUTPUT }}" == "true" ] && echo "โœ…" || echo "โŒ") |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + + # Security Tools Configuration (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ”’ Security Tools" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY - - # Security Tools Configuration - echo "## ๐Ÿ”’ Security Tools Configuration" >> $GITHUB_STEP_SUMMARY - echo "| Tool | Version | Configuration |" >> $GITHUB_STEP_SUMMARY - echo "|------|---------|---------------|" >> $GITHUB_STEP_SUMMARY - echo "| **Gitleaks** | \`${{ env.GITLEAKS_VERSION }}\` | Notify: \`${{ env.GITLEAKS_NOTIFY_USER_LIST }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Govulncheck** | \`${{ env.GOVULNCHECK_VERSION }}\` | Go vulnerability scanner |" >> $GITHUB_STEP_SUMMARY - echo "| **Nancy** | \`${{ env.NANCY_VERSION }}\` | Excludes: \`${{ env.NANCY_EXCLUDES }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| Tool | Version |" >> $GITHUB_STEP_SUMMARY + echo "|------|---------|" >> $GITHUB_STEP_SUMMARY + echo "| **Gitleaks** | ${{ env.GITLEAKS_VERSION }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Govulncheck** | ${{ env.GOVULNCHECK_VERSION }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Nancy** | ${{ env.NANCY_VERSION }} |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY # -------------------------------------------------------------------- - # Build the configuration summary (Part 5: Authentication and Variables) + # Build the configuration summary (Part 5: Close details and footer) # -------------------------------------------------------------------- - name: ๐Ÿ“‹ Build Configuration Summary (Part 5) id: config-summary-part5 @@ -845,48 +837,43 @@ jobs: run: | ENV_COUNT=$(echo "$ENV_JSON" | jq 'keys | length') - # GitHub Token Configuration - echo "## ๐Ÿ”‘ Authentication" >> $GITHUB_STEP_SUMMARY + # Authentication (collapsed) + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ”‘ Authentication" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY echo "| Setting | Value |" >> $GITHUB_STEP_SUMMARY echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY - echo "| **Preferred Token** | \`${{ env.PREFERRED_GITHUB_TOKEN }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Token Type** | $([ "${{ env.PREFERRED_GITHUB_TOKEN }}" == "GH_PAT_TOKEN" ] && echo "Personal Access Token (5000 req/hour)" || echo "Default GITHUB_TOKEN (1000 req/hour)") |" >> $GITHUB_STEP_SUMMARY + echo "| **Token** | $([ "${{ env.PREFERRED_GITHUB_TOKEN }}" == "GH_PAT_TOKEN" ] && echo "PAT (5000/hr)" || echo "GITHUB_TOKEN (1000/hr)") |" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY - # Custom Project Variables - echo "## ๐ŸŽจ Custom Project Configuration" >> $GITHUB_STEP_SUMMARY + # Custom Project Variables (collapsed, only if present) PROJECT_VARS=$(echo "$ENV_JSON" | jq -r 'to_entries | map(select(.key | startswith("CUSTOM_"))) | length') if [ "$PROJECT_VARS" -gt 0 ]; then - echo "Found **$PROJECT_VARS** CUSTOM-specific environment variables:" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "๐ŸŽจ Custom Variables ($PROJECT_VARS)" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "| Variable | Value |" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY - echo "$ENV_JSON" | jq -r 'to_entries | map(select(.key | startswith("CUSTOM_"))) | sort_by(.key) | .[] | "| **\(.key)** | `\(.value)` |"' >> $GITHUB_STEP_SUMMARY - else - echo "_No project-specific (CUSTOM_*) variables found._" >> $GITHUB_STEP_SUMMARY + echo "$ENV_JSON" | jq -r 'to_entries | map(select(.key | startswith("CUSTOM_"))) | sort_by(.key) | .[] | "| \(.key) | `\(.value)` |"' >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "
" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY fi - echo "" >> $GITHUB_STEP_SUMMARY - echo "

" >> $GITHUB_STEP_SUMMARY - # All Environment Variables (moved to end as reference) - echo "## ๐Ÿ” All Environment Variables" >> $GITHUB_STEP_SUMMARY + # All Environment Variables (collapsed) echo "
" >> $GITHUB_STEP_SUMMARY - echo "Click to expand all $ENV_COUNT environment variables" >> $GITHUB_STEP_SUMMARY + echo "๐Ÿ” All $ENV_COUNT Environment Variables" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "| Variable | Value |" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY - - # Sort and display all env vars - echo "$ENV_JSON" | jq -r 'to_entries | sort_by(.key) | .[] | "| **\(.key)** | `\(.value)` |"' >> $GITHUB_STEP_SUMMARY - + echo "$ENV_JSON" | jq -r 'to_entries | sort_by(.key) | .[] | "| \(.key) | `\(.value)` |"' >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "
" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - # Footer + # Footer (always visible) echo "---" >> $GITHUB_STEP_SUMMARY - echo "๐ŸŽฏ **Configuration completed successfully** at $(date -u +"%H:%M:%S UTC")" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "_GoFortress CI/CD Pipeline - Built Strong. Tested Harder._" >> $GITHUB_STEP_SUMMARY + echo "_๐ŸŽฏ Configuration complete at $(date -u +"%H:%M:%S UTC") โ€” GoFortress CI/CD Pipeline_" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/fortress-test-matrix.yml b/.github/workflows/fortress-test-matrix.yml index 01f9d13..31ee38c 100644 --- a/.github/workflows/fortress-test-matrix.yml +++ b/.github/workflows/fortress-test-matrix.yml @@ -280,6 +280,11 @@ jobs: echo "test-exit-code=$TEST_EXIT_CODE" >> $GITHUB_OUTPUT echo "๐Ÿ Test execution completed with exit code: $TEST_EXIT_CODE" + # Emit GitHub annotation for test failures (surfaces at top of Actions UI) + if [[ "$TEST_EXIT_CODE" != "0" ]]; then + echo "::error title=Test Suite Failed (${{ matrix.name }})::Tests failed on ${{ matrix.os }} with Go ${{ matrix.go-version }} - see job summary for details" + fi + # Calculate duration TEST_END=$(date +%s) TEST_DURATION=$((TEST_END - ${{ steps.test-timer.outputs.test-start }})) diff --git a/.github/workflows/fortress.yml b/.github/workflows/fortress.yml index 7bd5b8a..7d536cc 100644 --- a/.github/workflows/fortress.yml +++ b/.github/workflows/fortress.yml @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------------ # ๐Ÿฐ GoFortress - Enterprise-grade CI/CD fortress for Go applications # -# Version: 1.5.0 | Released: 2026-01-27 +# Version: 1.6.0 | Released: 2026-01-29 # # Built Strong. Tested Harder. #