include:
- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
- project: unboundsoftware/ci-templates
  file: Defaults.gitlab-ci.yml
- project: unboundsoftware/ci-templates
  file: Release.gitlab-ci.yml
- project: unboundsoftware/ci-templates
  file: Pre-Commit-Go.gitlab-ci.yml

image: amd64/golang:1.25.5@sha256:ff44d519dbd3f622224d3433f319ae0b046abe081dda5b3d3c3db04a712e1898

stages:
- deps
- test

deps:
  stage: deps
  script:
  - go mod download

test:
  stage: test
  dependencies:
  - deps
  script:
  - CGO_ENABLED=1 go test -mod=readonly -race -coverprofile=coverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
  - go tool cover -html=coverage.txt -o coverage.html
  - go tool cover -func=coverage.txt
  - curl -Os https://uploader.codecov.io/latest/linux/codecov
  - chmod +x codecov
  - ./codecov -t ${CODECOV_TOKEN} -R $CI_PROJECT_DIR -C $CI_COMMIT_SHA -r $CI_PROJECT_PATH

vulnerabilities:
  stage: test
  image: amd64/golang:1.25.5@sha256:ff44d519dbd3f622224d3433f319ae0b046abe081dda5b3d3c3db04a712e1898
  script:
  - go install golang.org/x/vuln/cmd/govulncheck@latest
  - govulncheck ./...