tmpl-pipeline-build-go.yml

# build-go-app-template.yml

# Template Parameters
parameters:
  - name: repoUrl
    type: string
    default: 'https://github.com/your/default/repo.git'
    displayName: 'Repository URL'

  - name: goVersion
    type: string
    default: '1.17'  # Specify the desired Go version
    displayName: 'Go Version'

  - name: gitServiceConnection  # Optional for private repositories
    type: string
    default: ''
    displayName: 'Git Service Connection Name'

  - name: tag
    type: string
    default: ''
    displayName: 'Git Tag to Checkout'

# Variables
variables:
  repoUrlVar: ${{ parameters.repoUrl }}
  goVersionVar: ${{ parameters.goVersion }}
  gitServiceConnectionVar: ${{ parameters.gitServiceConnection }}
  gitTagVar: ${{ parameters.tag }}

# Resources
resources:
  repositories:
    - repository: goRepo
      type: git
      name: goRepo
      url: $(repoUrlVar)
      # For private repositories, uncomment and set the endpoint
      # endpoint: $(gitServiceConnectionVar)

# Steps
steps:
  - checkout: goRepo
    clean: true
    fetchTags: true  # Ensure that tags are fetched
    persistCredentials: true  # Necessary for private repositories
    displayName: 'Checkout Repository'
    ${{ if ne(variables.gitTagVar, '') }}:
      ref: 'refs/tags/$(gitTagVar)'  # Checkout the specified tag

  - task: GoTool@0
    inputs:
      version: $(goVersionVar)
    displayName: 'Set Go Version'

  - task: Cache@2
    inputs:
      key: 'go | "$(Agent.OS)" | go.sum'
      restoreKeys: |
        go | "$(Agent.OS)"
      path: $(GOPATH)/pkg/mod
    displayName: 'Cache Go Modules'

  - script: |
      echo "Downloading dependencies..."
      go mod download
    displayName: 'Download Dependencies'

  - script: |
      echo "Running go fmt..."
      go fmt ./...
    displayName: 'Code Formatting'

  - script: |
      echo "Running go vet..."
      go vet ./...
    displayName: 'Static Analysis'

  - script: |
      echo "Running tests..."
      go test ./...
    displayName: 'Run Tests'

  - script: |
      echo "Building static Linux AMD64 binary..."
      CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o myapp
    displayName: 'Build Static Application'

  - script: |
      echo "Running security scan with gosec..."
      go install github.com/securego/gosec/v2/cmd/gosec@latest
      gosec ./...
    displayName: 'Security Scan'

  - task: PublishPipelineArtifact@1
    inputs:
      targetPath: '$(System.DefaultWorkingDirectory)/myapp'
      artifact: 'myapp'
    displayName: 'Publish Binary Artifact'

use-template.yml

# azure-pipelines.yml

# Pipeline Parameters
parameters:
  - name: repoUrl
    displayName: 'Repository URL'
    type: string
    default: 'https://github.com/your/default/repo.git'

  - name: goVersion
    displayName: 'Go Version'
    type: string
    default: '1.17'

  - name: gitServiceConnection  # Optional for private repositories
    displayName: 'Git Service Connection Name'
    type: string
    default: ''

  - name: tag
    displayName: 'Git Tag to Checkout'
    type: string
    default: ''

# Variables
variables:
  repoUrlVar: ${{ parameters.repoUrl }}
  goVersionVar: ${{ parameters.goVersion }}
  gitServiceConnectionVar: ${{ parameters.gitServiceConnection }}
  gitTagVar: ${{ parameters.tag }}

# Disable automatic triggers
trigger: none

# Specify the build agent
pool:
  vmImage: 'ubuntu-latest'

# Include the template
steps:
  - template: build-go-app-template.yml
    parameters:
      repoUrl: ${{ parameters.repoUrl }}
      goVersion: ${{ parameters.goVersion }}
      gitServiceConnection: ${{ parameters.gitServiceConnection }}
      tag: ${{ parameters.tag }}