Go Static Analysis Workflow
Overview
The go_staticAnalysis.yml workflow performs static code analysis on Go projects using golangci-lint. It supports both standard Go projects and Go workspaces with
multiple modules, providing comprehensive code quality checks, linting, and best practice enforcement.
Language/Tool Support
- Go: All Go versions with golangci-lint compatibility
- Go Workspaces: Multi-module workspace support
- golangci-lint: Comprehensive Go linter with multiple analyzers
- Module Detection: Automatic Go module discovery
Features
- Workspace Support: Automatic detection and analysis of Go workspaces
- Multi-Module Analysis: Parallel analysis of multiple Go modules
- Configurable Timeout: Adjustable analysis timeout for large projects
- Selective Analysis: Option to analyze only new issues
- Flexible Configuration: Supports custom golangci-lint configurations
Usage
uses: ./.github/workflows/go_staticAnalysis.yml
with:
branch: "main"
goVersion: "1.24"
timeout: "5m"
onlyNew: false
workspace: true
Inputs
| Input | Type | Required | Default | Description |
|---|---|---|---|---|
branch | string | ❌ | main | Branch to analyze |
goVersion | string | ❌ | 1.24 | Go version to use for analysis |
timeout | string | ❌ | 1m | Timeout for golangci-lint execution |
onlyNew | boolean | ❌ | false | Analyze only new issues since last run |
workspace | boolean | ❌ | false | Enable Go workspace mode for multi-module analysis |
Workflow Jobs
Standard Analysis (workspace: false)
For single-module Go projects:
- name: Standard go Analysis
uses: golangci/golangci-lint-action@v8
with:
only-new-issues: false
args: --timeout=1m
Workspace Analysis (workspace: true)
For Go workspaces with multiple modules:
- Module Detection: Automatically discovers all Go modules
- Parallel Analysis: Runs golangci-lint on each module in parallel
- Matrix Strategy: Uses GitHub Actions matrix for efficient execution
Configuration Examples
Basic Go Project Analysis
uses: ./.github/workflows/go_staticAnalysis.yml
with:
goVersion: "1.24"
timeout: "2m"
Go Workspace Analysis
uses: ./.github/workflows/go_staticAnalysis.yml
with:
workspace: true
goVersion: "1.24"
timeout: "5m"
onlyNew: false
Pull Request Analysis
uses: ./.github/workflows/go_staticAnalysis.yml
with:
branch: ${{ github.head_ref }}
onlyNew: true
timeout: "3m"
Multi-Version Testing
name: Multi-Version Analysis
on:
pull_request:
jobs:
static-analysis:
strategy:
matrix:
go-version: ['1.22', '1.23', '1.24']
uses: ./.github/workflows/go_staticAnalysis.yml
with:
goVersion: ${{ matrix.go-version }}
Go Workspace Support
Workspace Structure
The workflow supports Go workspaces with this structure:
project/
├── go.work
├── go.work.sum
├── module1/
│ ├── go.mod
│ ├── go.sum
│ └── main.go
├── module2/
│ ├── go.mod
│ ├── go.sum
│ └── main.go
└── shared/
├── go.mod
├── go.sum
└── utils.go
Workspace Configuration (go.work)
go 1.24
use (
./module1
./module2
./shared
)
golangci-lint Configuration
Basic Configuration (.golangci.yml)
run:
timeout: 5m
tests: true
modules-download-mode: readonly
linters-settings:
govet:
check-shadowing: true
gocyclo:
min-complexity: 15
dupl:
threshold: 100
goconst:
min-len: 2
min-occurrences: 2
linters:
enable:
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- typecheck
- unused
- gocyclo
- dupl
- goconst
- gofmt
- goimports
Advanced Configuration
run:
timeout: 10m
issues-exit-code: 1
tests: true
skip-dirs:
- vendor
- third_party
skip-files:
- ".*\\.pb\\.go$"
- ".*_generated\\.go$"
linters-settings:
revive:
severity: warning
rules:
- name: exported
severity: error
- name: indent-error-flow
severity: warning
gosec:
excludes:
- G404 # Use of weak random number generator
- G501 # Import blacklist: crypto/md5
gocritic:
enabled-tags:
- performance
- style
- experimental
disabled-checks:
- wrapperFunc
- hugeParam
linters:
enable-all: true
disable:
- maligned
- prealloc
- gochecknoglobals
- gochecknoinits
issues:
exclude-rules:
- path: _test\.go
linters:
- gosec
- dupl
- path: internal/
text: "exported"
linters:
- revive
Integration Patterns
Pre-commit Analysis
name: Code Quality
on:
pull_request:
branches: [main, develop]
jobs:
static-analysis:
uses: ./.github/workflows/go_staticAnalysis.yml
with:
onlyNew: true
timeout: "3m"
tests:
needs: static-analysis
runs-on: ubuntu-latest
steps:
- name: Run Tests
run: go test ./...
Release Quality Gate
name: Release Pipeline
on:
push:
tags:
- 'v*'
jobs:
quality-gate:
uses: ./.github/workflows/go_staticAnalysis.yml
with:
timeout: "10m"
onlyNew: false
build-release:
needs: quality-gate
runs-on: ubuntu-latest
steps:
- name: Build Release
run: go build -o release/app
Scheduled Analysis
name: Weekly Code Analysis
on:
schedule:
- cron: '0 2 * * 1' # Every Monday at 2 AM
jobs:
comprehensive-analysis:
uses: ./.github/workflows/go_staticAnalysis.yml
with:
timeout: "15m"
onlyNew: false
workspace: true
Performance Optimization
Timeout Configuration
# For small projects
timeout: "1m"
# For medium projects
timeout: "5m"
# For large projects or workspaces
timeout: "15m"
Selective Analysis
# Analyze only new issues for faster feedback
onlyNew: true
# Full analysis for comprehensive checking
onlyNew: false
Module-Specific Configuration
For workspaces, create module-specific configurations:
module1/.golangci.yml # Configuration for module1
module2/.golangci.yml # Configuration for module2
.golangci.yml # Root configuration
Troubleshooting
Common Issues
Analysis Timeout
- Increase timeout value for large projects
- Consider using
onlyNew: truefor faster analysis - Optimize golangci-lint configuration
Module Detection Failures
- Verify
go.modfiles exist in all modules - Check Go workspace configuration (
go.work) - Ensure proper module structure
Memory Issues
- Reduce enabled linters for large codebases
- Use selective analysis with
onlyNew: true - Configure skip patterns for generated files
Configuration Debugging
Validate Configuration
# Test golangci-lint configuration locally
golangci-lint run --config .golangci.yml
Check Module Structure
# List workspace modules
go work use -r .
Performance Analysis
# Run with verbose output
golangci-lint run -v --config .golangci.yml
Best Practices
Configuration Management
- Consistent Standards: Use same linting rules across all modules
- Gradual Adoption: Enable linters incrementally for existing projects
- Team Alignment: Ensure team agrees on linting standards
- Documentation: Document custom linting rules and exceptions
Workflow Integration
- Early Feedback: Run analysis on pull requests
- Quality Gates: Block merges on analysis failures
- Regular Monitoring: Schedule comprehensive analysis
- Performance Balance: Balance thoroughness with execution time
Error Handling
- Issue Tracking: Track and resolve linting issues systematically
- Exclusion Rules: Use exclusions judiciously for special cases
- Technical Debt: Address linting debt in dedicated sprints
- Metrics: Monitor code quality metrics over time
Related Workflows
- Go testing workflows: For runtime testing after static analysis
- go_build.yml: For building Go applications
- Security scanning workflows: For vulnerability analysis
Migration Guide
From Manual Linting
- Install golangci-lint locally for development
- Create initial
.golangci.ymlconfiguration - Integrate workflow into CI/CD pipeline
- Gradually increase linting strictness
Workspace Migration
- Convert multi-repository setup to Go workspace
- Create
go.workfile with module references - Enable workspace mode in analysis workflow
- Consolidate module-specific configurations