diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..fcca882 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# These owners will be the default owners for everything in +# the repo. Unless a later match takes precedence, +* @cloudoperators/Administrators diff --git a/.github/ISSUE_TEMPLATE/bug-report.yaml b/.github/ISSUE_TEMPLATE/bug-report.yaml new file mode 100644 index 0000000..3526f39 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug-report.yaml @@ -0,0 +1,66 @@ +name: "🐛 Bug Report" +description: Create a new ticket for a bug experienced in Greenhouse. +title: "🐛 [BUG] - " +labels: [ + "bug", +] +body: + - type: markdown + attributes: + value: | + Thanks for reporting an issue you experienced with the Greenhouse platform. + + Please complete the below form to ensure we have the necessary details to assist you. + - type: dropdown + id: priority + attributes: + label: Priority + description: Let us know how this issue is affecting you + options: + - (Low) Something is a little off + - (Medium) I'm annoyed but I'll live + - (Urgent) I can't use Greenhouse + - type: textarea + id: description + attributes: + label: "Description" + description: Please enter an explicit description of your issue + placeholder: Short and explicit description of your incident... + validations: + required: true + - type: textarea + id: reprod + attributes: + label: "Reproduction steps" + description: Please enter an explicit description of your issue + value: | + 1. Go to '...' + 2. Click on '....' + 3. Scroll down to '....' + 4. See error + render: bash + validations: + required: true + - type: textarea + id: manifests + attributes: + label: "Manifests" + description: If applicable, add manifests to help reproduce your problem. + value: | + ```yaml + apiVersion: greenhouse.sap/v1alpha1 + kind: ... + ``` + render: yaml + validations: + required: false + - type: textarea + id: screenshot + attributes: + label: "Screenshots" + description: If applicable, add screenshots to help explain your problem. + value: | + ![DESCRIPTION](LINK.png) + render: bash + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/config.yaml b/.github/ISSUE_TEMPLATE/config.yaml new file mode 100644 index 0000000..0086358 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yaml @@ -0,0 +1 @@ +blank_issues_enabled: true diff --git a/.github/ISSUE_TEMPLATE/feature-request.yaml b/.github/ISSUE_TEMPLATE/feature-request.yaml new file mode 100644 index 0000000..06d8baa --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request.yaml @@ -0,0 +1,38 @@ +name: "💡 Feature Request" +description: Create a ticket requesting a new feature +title: "[FEAT] - <title>" +labels: [ + "feature" +] +body: + - type: markdown + attributes: + value: | + Thanks for requesting an awesome new feature! + + Your input means a lot to us, and we're excited to explore the possibilities and see how we can make it happen. + - type: dropdown + id: priority + attributes: + label: Priority + description: Let us know how the lack of this feature is affecting you + options: + - (Low) Something is a little off + - (Medium) I'm annoyed but I'll live + - (Urgent) I can't use the Greenhouse without + - type: textarea + id: description + attributes: + label: "Description" + description: Provide a clear and concise description of the feature you're requesting + placeholder: Short and explicit description of your feature. + validations: + required: true + - type: textarea + id: reference_issues + attributes: + label: "Reference Issues" + description: Common issues + placeholder: "#Issues IDs" + validations: + required: false diff --git a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md new file mode 100644 index 0000000..cff99e6 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md @@ -0,0 +1,59 @@ +## Description +<!-- +Please do not leave this blank +This PR [adds/removes/fixes/replaces] the [feature/bug/etc]. +--> + +Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change. + +## What type of PR is this? (check all applicable) + +- [ ] 🍕 Feature +- [ ] 🐛 Bug Fix +- [ ] 📝 Documentation Update +- [ ] 🎨 Style +- [ ] 🧑‍đŸ’ģ Code Refactor +- [ ] đŸ”Ĩ Performance Improvements +- [ ] ✅ Test +- [ ] 🤖 Build +- [ ] 🔁 CI +- [ ] đŸ“Ļ Chore (Release) +- [ ] ⏊ Revert + +## Related Tickets & Documents + +<!-- +Please use this format link issue numbers: Fixes #123 +https://docs.github.com/en/free-pro-team@latest/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword +--> +- Related Issue # (issue) +- Closes # (issue) +- Fixes # (issue) + +> Remove if not applicable + +## Added tests? + +- [ ] 👍 yes +- [ ] 🙅 no, because they aren't needed +- [ ] 🙋 no, because I need help +- [ ] Separate ticket for tests # (issue/pr) + +Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration + +## Added to documentation? + +- [ ] 📜 README.md +- [ ] 🤝 Documentation pages updated +- [ ] 🙅 no documentation needed +- [ ] (if applicable) generated OpenAPI docs for CRD changes + +## Checklist + +- [ ] My code follows the style guidelines of this project +- [ ] I have performed a self-review of my code +- [ ] I have commented my code, particularly in hard-to-understand areas +- [ ] I have made corresponding changes to the documentation +- [ ] My changes generate no new warnings +- [ ] I have added tests that prove my fix is effective or that my feature works +- [ ] New and existing unit tests pass locally with my changes diff --git a/.github/licenserc.yaml b/.github/licenserc.yaml new file mode 100644 index 0000000..2d24f56 --- /dev/null +++ b/.github/licenserc.yaml @@ -0,0 +1,54 @@ +header: + license: + spdx-id: Apache-2.0 + content: | + SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors + SPDX-License-Identifier: Apache-2.0 + + paths: # `paths` are the path list that will be checked (and fixed) by license-eye, default is ['**']. + - '**' + + paths-ignore: + - '.github/**' + - '.reuse/dep5' + - 'LICENSES/*.txt' + - 'grafana/*.json' + - 'website/scripts/**' + - 'hack/**' + - 'hack/openapi-generator/openapi-info.yaml' + - 'hack/boilerplate.go.txt' + - 'docs/**' + - '**/*.md' + - 'LICENSE' + - 'NOTICE' + - 'PROJECT' + - '**/*.gitignore' + - '**/*.helmignore' + - '**/*.tpl' + - '**/go.mod' + - '**/go.sum' + - '**/*.lock' + - '**/*.json' + - '**/.gitkeep' + - '**/*.txt' + - '*Dockerfile*' + - 'Makefile' + - 'pkg/idproxy/web/**' + - 'pkg/apis/scheme_builder.go' # Belongs to the Kubernetes authors + - 'cmd/tcp-proxy/main.go' # MIT License + - 'pkg/tcp-proxy/proxy/*.go' # MIT License + - '**/zz_generated.deepcopy.go' # Generated by Kubebuilder + - 'charts/**/templates/*.yaml' # license headers on helm templates are causing issues + + + comment: on-failure + + # license-location-threshold specifies the index threshold where the license header can be located, + # after all, a "header" cannot be TOO far from the file start. + license-location-threshold: 80 + + language: + JSX: + extensions: + - ".jsx" + comment_style_id: SlashAsterisk diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..1a60123 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,86 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "assigneesFromCodeOwners": true, + "extends": [ + "config:recommended" + ], + "constraints": { + "go": "1.21" + }, + "packageRules": [ + { + "groupName": "github actions", + "matchManagers": ["github-actions"], + "matchUpdateTypes": ["major", "minor"], + "extends": [ + "helpers:pinGitHubActionDigests" + ], + "minimumReleaseAge": "14 days" + }, + { + "groupName": "npm dependencies", + "matchDatasources": [ + "npm" + ], + "minimumReleaseAge": "14 days" + }, + { + "groupName": "golang", + "matchDatasources": ["docker", "go-version"], + "matchPackagePatterns": ["golang"], + "minimumReleaseAge": "14 days" + }, + { + "groupName": "kubernetes packages", + "groupSlug": "kubernetes-go", + "matchDatasources": [ + "go" + ], + "matchUpdateTypes": ["major", "minor"], + "matchPackagePrefixes": [ + "k8s.io/api", + "k8s.io/apiextensions-apiserver", + "k8s.io/apimachinery", + "k8s.io/apiserver", + "k8s.io/cli-runtime", + "k8s.io/client-go", + "k8s.io/cloud-provider", + "k8s.io/cluster-bootstrap", + "k8s.io/code-generator", + "k8s.io/component-base", + "k8s.io/controller-manager", + "k8s.io/cri-api", + "k8s.io/csi-translation-lib", + "k8s.io/kube-aggregator", + "k8s.io/kube-controller-manager", + "k8s.io/kube-proxy", + "k8s.io/kube-scheduler", + "k8s.io/kubectl", + "k8s.io/kubelet", + "k8s.io/legacy-cloud-providers", + "k8s.io/metrics", + "k8s.io/mount-utils", + "k8s.io/pod-security-admission", + "k8s.io/sample-apiserver", + "k8s.io/sample-cli-plugin", + "k8s.io/sample-controller", + "sigs.k8s.io/controller-runtime" + ], + "minimumReleaseAge": "14 days" + } + ], + "postUpdateOptions": [ + "gomodTidy", + "gomodUpdateImportPaths" + ], + "separateMinorPatch": true, + "customManagers": [ + { + "customType": "regex", + "fileMatch": ["Makefile$", "\\.sh$"], + "matchStrings": [ + "# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[^\\s]+?))?(?: extractVersion=(?<extractVersion>[^\\s]+?))?(?: registryUrl=(?<registryUrl>[^\\s]+?))?\\s.+?_(VERSION|version) *[?:]?= *\"?(?<currentValue>.+?)\"?\\s" + ] + } + ] +} diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 0000000..b25e5fc --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,79 @@ +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + types: [ opened, synchronize, reopened ] + schedule: + - cron: '20 08 * * 1' + +jobs: + analyze: + name: Analyze + runs-on: [ default ] + timeout-minutes: 360 + permissions: + # required for all workflows + security-events: write + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ] + # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both + # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + # node-version: [ node ] + go-version: [ '1.21' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: ${{ matrix.go-version }} + + # - name: Use Node.js ${{ matrix.node-version }} + # uses: actions/setup-node@v4 + # with: + # node-version: ${{ matrix.node-version }} + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/license.yaml b/.github/workflows/license.yaml new file mode 100644 index 0000000..9b8baf9 --- /dev/null +++ b/.github/workflows/license.yaml @@ -0,0 +1,32 @@ +name: Check & Fix License Header +on: + pull_request: + types: [opened, synchronize, reopened] + +jobs: + build-license-eye: + name: Build LicenseEye + runs-on: [ default ] + permissions: + contents: write + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Check License Header + uses: apache/skywalking-eyes/header@v0.6.0 + with: + config: .github/licenserc.yaml + mode: fix + + - name: Apply Changes + uses: EndBug/add-and-commit@v9 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + author_name: License Bot + author_email: license_bot@github.com + message: 'Automatic application of license header' diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml new file mode 100644 index 0000000..3fc4437 --- /dev/null +++ b/.github/workflows/stale.yaml @@ -0,0 +1,28 @@ +name: Close inactive issues +on: + schedule: + - cron: "35 1 * * *" + +jobs: + close-issues: + runs-on: [ default ] + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/stale@v9 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + days-before-issue-stale: 90 + days-before-issue-close: 14 + days-before-pr-stale: 45 + days-before-pr-close: 14 + stale-issue-label: "stale" + stale-issue-message: "This issue is stale because it has been open for 90 days with no activity." + close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale." + stale-pr-label: 'stale' + stale-pr-message: "This PR is stale because it has been open for 45 days with no activity." + close-pr-message: "This PR was closed because it has been inactive for 14 days since being marked as stale." + exempt-issue-labels: "pinned,security,backlog,bug" + exempt-pr-labels: "pinned,security,backlog,bug" + exempt-draft-pr: true \ No newline at end of file