include:
- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
- project: unboundsoftware/ci-templates
  file: Release.gitlab-ci.yml

image: golang:1.23.3@sha256:8956c08c8129598db36e92680d6afda0079b6b32b93c2c08260bf6fa75524e07

stages:
- deps
- test

run-pre-commit:
  stage: .pre
  image: unbound/pre-commit@sha256:596abf501d5ac878534b76f19d19ec5c952f1f362ad92d611172072ef5d483d5
  variables:
    PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
  cache:
  - key:
      files:
      - .pre-commit-config.yaml
    paths:
    - ${PRE_COMMIT_HOME}
  script:
  - pre-commit run --all-files

deps:
  stage: deps
  script:
  - go mod download

test:
  stage: test
  dependencies:
  - deps
  script:
  - CGO_ENABLED=1 go test -mod=readonly -race -coverprofile=coverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
  - go tool cover -html=coverage.txt -o coverage.html
  - go tool cover -func=coverage.txt
  - curl -Os https://uploader.codecov.io/latest/linux/codecov
  - chmod +x codecov
  - ./codecov -t ${CODECOV_TOKEN} -R $CI_PROJECT_DIR -C $CI_COMMIT_SHA -r $CI_PROJECT_PATH

vulnerabilities:
  stage: test
  image: golang:1.23.3@sha256:8956c08c8129598db36e92680d6afda0079b6b32b93c2c08260bf6fa75524e07
  script:
  - go install golang.org/x/vuln/cmd/govulncheck@latest
  - govulncheck ./...