pool: vmImage: 'ubuntu-24.04' variables: - name: bufVersion # go install github.com/bufbuild/buf/cmd/buf@ value: v1.63.0 - name: golangCiLintVersion # github.com/golangci/golangci-lint value: v2.8.0 - name: goVersion # github.com/golang/go value: 1.24.0 - name: protobufValidateVersion # go install github.com/envoyproxy/protoc-gen-validate@ value: v1.3.0 - name: protobufVersion # go install google.golang.org/protobuf/cmd/protoc-gen-go@ value: v1.36.11 - name: GOPATH value: '$(system.defaultWorkingDirectory)/gopath' stages: - stage: Build jobs: - job: GoBuildTest displayName: Run build and tests variables: - group: artifactory-xx-sit-odj-sec-ident - name: isCiBuild value: $[eq(variables['Build.SourceBranch'], 'refs/heads/main')] steps: - task: GoTool@0 displayName: Install Go $(goVersion) inputs: version: $(goVersion) - bash: | set -e go env -w GOMODCACHE="$(pwd)/.gomodcache" displayName: Configure GOMODCACHE - bash: | set -e go install google.golang.org/protobuf/cmd/protoc-gen-go@$(protobufVersion) go install github.com/envoyproxy/protoc-gen-validate@$(protobufValidateVersion) go install github.com/bufbuild/buf/cmd/buf@$(bufVersion) curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin $(golangCiLintVersion) condition: succeeded() displayName: Install build dependencies - bash: | set -e echo on go mod download go mod tidy go get ./... condition: succeeded() displayName: Download dependencies - bash: | set -e echo on rm -rf gen/ export PATH="$PATH:$GOPATH/bin" buf format proto -w cd proto buf lint buf generate cd - condition: succeeded() displayName: Regenerate code from schema - bash: | set -e echo on export PATH="$PATH:$GOPATH/bin" go fmt ./... && go vet ./... && golangci-lint run condition: succeeded() displayName: Format and lint - bash: | set -e echo on git diff HEAD --name-only --exit-code condition: succeeded() displayName: Check local changes after code generation and formatting - script: echo "$(ARTIFACTORY_PASSWORD)" | docker login schwarzit-docker.jfrog.io --username $(ARTIFACTORY_USER) --password-stdin displayName: 'Docker login' condition: succeeded() - bash: go build ./... condition: succeeded() displayName: Build - bash: go test ./... condition: succeeded() displayName: Run tests - task: SnykSecurityScan@1 condition: and(succeeded(), eq(variables.isCiBuild, true)) displayName: Snyk check (main branch) inputs: additionalArguments: "--remote-repo-url=$(Build.Repository.Uri)" failOnIssues: false monitorWhen: 'always' organization: 'xx-sit-odj-stackit-public' projectName: $(Build.Repository.Name) serviceConnectionEndpoint: 'xx-sit-odj-stackit-public-snyk' testType: 'app' - task: SnykSecurityScan@1 condition: and(succeeded(), eq(variables.isCiBuild, false)) displayName: Snyk check inputs: additionalArguments: "--remote-repo-url=$(Build.Repository.Uri)" failOnIssues: false monitorWhen: 'never' organization: 'xx-sit-odj-stackit-public' projectName: $(Build.Repository.Name) serviceConnectionEndpoint: 'xx-sit-odj-stackit-public-snyk' testType: 'app' - bash: sudo rm -rf .gomodcache condition: always() displayName: Clean up the local cache (.gomodcache)