Skip to main content

CI/CD

Tracera uses GitHub Actions for continuous integration with automated quality gates.

Pipeline Overview

Push/PR ──▶ CI Workflow ──▶ make ci ──▶ ✅ Merge

                              ┌──────────┘

Schedule ──▶ Nightly ──▶ make nightly ──▶ Report

CI Workflow

Trigger: Every push and pull request File: .github/workflows/ci.yml Steps:
  1. Checkout code
  2. Set up Go 1.24
  3. Cache Go modules and build cache
  4. Run make ci (format, vet, lint, test, race detector)
All checks must pass before a PR can be merged.

Nightly Workflow

Trigger: Scheduled (nightly) File: .github/workflows/nightly.yml Steps:
  1. Everything in CI, plus:
  2. govulncheck — scans for known vulnerabilities in dependencies
  3. Coverage gate — ensures test coverage meets threshold
  4. Benchmarks — tracks performance regressions
  5. Release check — verifies the production binary builds correctly
  6. Docker-based checks — migration validation when available

Dependabot

File: .github/dependabot.yml Automatically creates pull requests for:
EcosystemFrequencyPurpose
Go modulesWeeklyKeep Go dependencies up to date
GitHub ActionsWeeklyKeep CI/CD actions current

Makefile Targets

The CI/CD pipelines are thin wrappers around Makefile targets, ensuring local and CI behavior are identical: 
# What CI runs
make ci

# What nightly runs
make nightly

# What the pre-commit hook runs
make precommit
This “single source of truth” approach means you can reproduce any CI failure locally by running the same Make target.