name: Test on: push: branches: - main pull_request: branches: - main release: types: - published jobs: test-go: name: Test Go code runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 with: go-version: 1.25.7 cache: false - name: Restore cache id: cache-go-modules if: github.event_name == 'pull_request' uses: actions/cache/restore@v5 with: path: ~/go/pkg/mod key: ${{ runner.os }}-${{ github.ref_name }}-go-modules-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-main-go-modules- - name: Fetch all Go modules if: steps.cache-go-modules.outputs.cache-hit != 'true' run: make download-deps-go - name: Mock web assets run: make mock-assets - name: Test Go code run: make test-go - name: Report code coverage uses: codecov/codecov-action@v5.5.2 with: flags: backend files: ./coverage.txt token: c77c73a6-81e1-4fa1-8372-9170d7953d41 lint-go: name: Lint Go code runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 with: go-version: 1.25.7 cache: false - name: Restore cache id: cache-go-modules if: github.event_name == 'pull_request' uses: actions/cache/restore@v5 with: path: ~/go/pkg/mod key: ${{ runner.os }}-${{ github.ref_name }}-go-modules-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-main-go-modules- - name: Fetch all Go modules if: steps.cache-go-modules.outputs.cache-hit != 'true' run: make download-deps-go - name: Mock web assets run: make mock-assets - name: Lint Go code run: make make lint-go test-js: name: Test JS code runs-on: ubuntu-latest strategy: matrix: env: - "" - "env TZ=Pacific/Easter" steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Node JS uses: actions/setup-node@v6 with: node-version: 25.6.0 cache: "npm" cache-dependency-path: "ui/package-lock.json" - name: Test Node JS code run: ${{ matrix.env }} make -C ui test-js env: NODE_ENV: test - name: Report code coverage uses: codecov/codecov-action@v5.5.2 with: flags: ui directory: ./ui/coverage token: c77c73a6-81e1-4fa1-8372-9170d7953d41 lint-js: name: Lint JS code runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Node JS uses: actions/setup-node@v6 with: node-version: 25.6.0 cache: "npm" cache-dependency-path: "ui/package-lock.json" - name: Lint Node JS code run: make -C ui lint-js format-go: name: Check Go code formatting runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 with: go-version: 1.25.7 cache: false - name: Format Go code run: make format-go - name: Check for local changes run: git diff --exit-code format-js: name: Check JS code formatting runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Node JS uses: actions/setup-node@v6 with: node-version: 25.6.0 cache: "npm" cache-dependency-path: "ui/package-lock.json" - name: Lint Node JS code run: make -C ui format - name: Check for local changes run: git diff --exit-code deps-js: name: Check JS dependencies runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: depcheck uses: prymitive/depcheck-action@v1.4.3 with: workdir: "./ui" config: "./ui/.depcheckrc.yaml" package-lock: name: Check package-lock.json runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Set up Node JS uses: actions/setup-node@v6 with: node-version: 25.6.0 cache: "npm" cache-dependency-path: "ui/package-lock.json" - name: Run npm install run: cd ui && npm i - name: Check for local changes run: git diff --exit-code lint-versions: name: Lint Versions runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Lint Bootstrap Version run: make lint-bootstrap-version typescript: name: Check for non-typescript components runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Check for non-typescript UI components run: make -C ui lint-typescript git-commit: name: Lint git commit runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 with: fetch-depth: 0 - name: Lint git commit uses: wagoid/commitlint-github-action@v6.2.1 with: configFile: .commitlintrc.cjs docs: name: Lint documentation runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 - name: Run markdown-lint uses: avto-dev/markdown-lint@v1.5.0 with: config: .markdownlint.yml args: "*.md docs" stage-test-and-lint: name: "=== Test and lint stage ===" needs: - test-go - test-js - lint-go - lint-js - format-go - format-js - deps-js - package-lock - lint-versions - typescript - git-commit - docs runs-on: ubuntu-latest steps: - name: All linters passed run: "true" benchmark-go: name: Benchmark Go code compare if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name needs: stage-test-and-lint runs-on: ubuntu-latest permissions: issues: write pull-requests: write steps: - name: Check out code uses: actions/checkout@v6 - name: Get modified files uses: dorny/paths-filter@v3.0.2 id: filter with: list-files: "shell" filters: | backend: - 'cmd/**/*' - 'internal/**/*' - 'go.mod' - 'go.sum' - name: Set up Go uses: actions/setup-go@v6 with: go-version: 1.25.7 cache: false - name: Restore cache uses: actions/cache/restore@v5 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-benchmark-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go-benchmark- - name: Fetch all Go modules if: steps.cache-go-modules.outputs.cache-hit != 'true' run: make download-deps-go - name: Mock web assets if: steps.filter.outputs.backend == 'true' run: make mock-assets - name: Run benchmark if: steps.filter.outputs.backend == 'true' run: ./scripts/ci-diff-benchmark-go.sh env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PULL_REQUEST_NUMBER: ${{ github.event.number }} cross-compile: name: Cross compile binaries needs: stage-test-and-lint runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 with: fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v6 with: go-version: 1.25.7 cache: false - name: Cache Go if: github.event_name != 'pull_request' uses: actions/cache@v5 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Restore cache if: github.event_name == 'pull_request' uses: actions/cache/restore@v5 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Set up Node JS uses: actions/setup-node@v6 with: node-version: 25.6.0 cache: "npm" cache-dependency-path: "ui/package-lock.json" - name: Cross compile binaries if: github.event_name != 'pull_request' run: make -j2 crosscompile - name: Cross compile binaries (PR) if: github.event_name == 'pull_request' run: make -j2 cc-linux-386 cc-linux-amd64 cc-linux-arm64 cc-windows-amd64 - name: Compress binaries shell: bash run: | mkdir -p artifacts export SOURCE_DATE_EPOCH=$(git show -s --format=%ci ${GITHUB_SHA}) for i in karma-*; do tar --mtime="${SOURCE_DATE_EPOCH}" --owner=0 --group=0 --numeric-owner -c $i | gzip -n - > artifacts/$i.tar.gz; done (cd artifacts && shasum -a 512 karma-*.tar.gz | tee sha512sum.txt) - name: Get release if: github.event_name == 'release' id: get_release uses: bruceadams/get-release@v1.3.2 env: GITHUB_TOKEN: ${{ github.token }} - name: Upload binaries to GitHub release if: github.event_name == 'release' uses: AButler/upload-release-assets@v3.0 with: files: "artifacts/*" repo-token: ${{ secrets.GITHUB_TOKEN }} docker: name: Build docker image needs: stage-test-and-lint runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v6 with: fetch-depth: 0 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to DockerHub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: lmierzwa password: ${{ secrets.DOCKER_HUB_PASSWORD }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GH_PKG_TOKEN }} - name: "Setup docker tags (latest + vX.Y)" if: github.event_name == 'release' run: | echo 'DOCKER_TAGS<> $GITHUB_ENV echo 'lmierzwa/karma:${{ github.ref_name }}' >> $GITHUB_ENV echo 'lmierzwa/karma:latest' >> $GITHUB_ENV echo 'ghcr.io/prymitive/karma:${{ github.ref_name }}' >> $GITHUB_ENV echo 'ghcr.io/prymitive/karma:latest' >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV - name: "Setup docker tags (latest)" if: github.event_name != 'release' run: | echo 'DOCKER_TAGS<> $GITHUB_ENV echo 'lmierzwa/karma:latest' >> $GITHUB_ENV echo 'ghcr.io/prymitive/karma:latest' >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV - name: "Setup docker plaforms (merge/release)" if: github.event_name != 'pull_request' run: | echo "DOCKER_PATFORMS=linux/amd64,linux/arm64" >> $GITHUB_ENV - name: "Setup docker plaforms (PR)" if: github.event_name == 'pull_request' run: | echo "DOCKER_PATFORMS=linux/amd64" >> $GITHUB_ENV - name: "Setup image version" run: | echo "VERSION=$(make show-version)" >> $GITHUB_ENV - name: Build and push id: docker_build uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile platforms: ${{ env.DOCKER_PATFORMS }} push: ${{ github.event_name != 'pull_request' }} tags: ${{ env.DOCKER_TAGS }} build-args: | VERSION=${{ env.VERSION }}