Skip to content

[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade clamav to 1.0.7 CVE-2024-20505, CVE-2024-20506 - branch main #34953

[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade clamav to 1.0.7 CVE-2024-20505, CVE-2024-20506 - branch main

[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade clamav to 1.0.7 CVE-2024-20505, CVE-2024-20506 - branch main #34953

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
name: Go Test Coverage
on:
push:
branches: [main, dev, 1.0*, 2.0*, fasttrack/*]
pull_request:
branches: [main, dev, 1.0*, 2.0*, fasttrack/*]
permissions: read-all
env:
EXPECTED_GO_VERSION: "1.21"
jobs:
build:
name: Go Test Coverage
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: '${{ env.EXPECTED_GO_VERSION }}'
id: go
- name: Check active go version
run: |
go version && which go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Check go.mod
run: |
if grep -q "go $EXPECTED_GO_VERSION" ./toolkit/tools/go.mod; then
echo "go.mod has correct version ($EXPECTED_GO_VERSION)"
else
actual_version="$(grep -E '^go [0-9]+\.[0-9]+' ./toolkit/tools/go.mod)"
echo "go.mod has bad version expected:$EXPECTED_GO_VERSION, found: $actual_version"
echo "UPDATE ./github/workflows/go-test-coverage.yml AND prerequisite documentation if minimum go version changed"
exit 1
fi
- name: Install prerequisites
run: |
sudo apt-get update
sudo apt -y install qemu-utils
- name: Check for bad go formatting
run: |
pushd toolkit
sudo env "PATH=$PATH" make go-fmt-all
changes=$(git diff *.go)
if [ -n "$changes" ]; then
echo Unformatted go files!
git diff *.go
exit 1
fi
- name: Check for out of date go modules
run: |
pushd toolkit
sudo env "PATH=$PATH" make go-mod-tidy
modchanges=$(git diff tools/go.mod)
sumchanges=$(git diff tools/go.sum)
if [ -n "$modchanges$sumchanges" ]; then
echo Module files out of date!
git diff tools/go.mod
git diff tools/go.sum
exit 1
fi
- name: Check for missing tests
run: |
pushd toolkit
noTestCount=$(sudo make go-test-coverage | grep "no test files" | wc -l)
if [ "$noTestCount" -ne "0" ]; then
sudo env "PATH=$PATH" make go-test-coverage | grep "no test files"
echo Missing $noTestCount Go Tests!
fi
- name: Evaluate test coverage
run: |
pushd toolkit
sudo env "PATH=$PATH" make go-test-coverage
- name: Upload test coverage
uses: actions/upload-artifact@v4
with:
name: TestCoverage
path: toolkit/out/tools/test_coverage_report.html
- name: Ensure all tools build
run: |
pushd toolkit
sudo env "PATH=$PATH" make go-tools REBUILD_TOOLS=y