diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..8452c5e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,17 @@ +# See GitHub's docs for more information on this file: +# https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" + + # Maintain dependencies for Go modules + - package-ecosystem: "gomod" + directory: "/" + schedule: + # Check for updates to Go modules every week + interval: "weekly" \ No newline at end of file diff --git a/.github/workflows/code-check-and-tests.yaml b/.github/workflows/code-check-and-tests.yaml new file mode 100644 index 0000000..e30713e --- /dev/null +++ b/.github/workflows/code-check-and-tests.yaml @@ -0,0 +1,98 @@ +name: Code Check and Acceptance Tests + +on: + push: + branches: [ "main", "go-cli" ] + pull_request: + paths: + - '.github/workflows/code-check-and-tests.yaml' + - '**.go' + - 'go.mod' + - 'go.sum' + - '.golangci.yml' + schedule: + - cron: '44 8 * * 6' + +permissions: + contents: read + +jobs: +# Ensure the project can build first + build: + name: Build + runs-on: ubuntu-latest + timeout-minutes: 10 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - name: Get dependencies + run: | + go mod tidy + git diff --compact-summary --exit-code || \ + (echo; echo "Unexpected difference after 'go mod tidy'. Run 'go mod tidy' command and commit."; exit 1) + - name: Build + run: | + make install + fmt: + name: go fmt + needs: [build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - run: | + if [ "$(go fmt ./... | wc -l)" -gt 0 ]; then + echo "::error::'go fmt' found required formatting changes. Run 'make fmt' on your branch." + exit 1; + fi + vet: + name: go vet + needs: [build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - run: make vet + lint: + name: golangcli-lint + needs: [build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - run: make golangcilint + importfmt: + name: importfmt + needs: [build] + runs-on:ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - run: make importfmtlint + acceptance: + name: Tests + needs: [build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + - run: + make test \ No newline at end of file diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 0000000..f2a69f5 --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,83 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ "main", "go-cli" ] + pull_request: + paths: + - '.github/workflows/codeql.yaml' + - '**.go' + - 'go.mod' + - 'go.sum' + schedule: + - cron: '44 8 * * 6' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-20.04 + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Use only 'java' to analyze code written in Java, Kotlin or both + # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + cache: true + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml deleted file mode 100644 index 7636851..0000000 --- a/.github/workflows/golangci-lint.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: golangci-lint -on: - push: - branches: - - go-cli - - main - pull_request: - -permissions: - contents: read - # Optional: allow read access to pull request. Use with `only-new-issues` option. - pull-requests: read - -jobs: - golangci: - name: lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v4 - with: - go-version: '1.21' - cache: false - - name: golangci-lint - uses: golangci/golangci-lint-action@v3 - with: - # Require: The version of golangci-lint to use. - # When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version. - # When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit. - version: latest - - # Optional: working directory, useful for monorepos - # working-directory: somedir - - # Optional: golangci-lint command line arguments. - # - # Note: By default, the `.golangci.yml` file should be at the root of the repository. - # The location of the configuration file can be changed by using `--config=` - # args: --timeout=30m --config=/my/path/.golangci.yml --issues-exit-code=0 - - # Optional: show only new issues if it's a pull request. The default value is `false`. - # only-new-issues: true - - # Optional: if set to true, then all caching functionality will be completely disabled, - # takes precedence over all other caching options. - # Skipping cache... See https://github.com/golangci/golangci-lint-action/issues/244 - skip-cache: true - - # Optional: if set to true, then the action won't cache or restore ~/go/pkg. - # skip-pkg-cache: true - - # Optional: if set to true, then the action won't cache or restore ~/.cache/go-build. - # skip-build-cache: true - - # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'. - # install-mode: "goinstall" \ No newline at end of file diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml new file mode 100644 index 0000000..f286517 --- /dev/null +++ b/.github/workflows/gosec.yaml @@ -0,0 +1,24 @@ +name: Run Gosec +on: + push: + branches: [ "main", "go-cli" ] + pull_request: + paths: + - '.github/workflows/codeql.yaml' + - '**.go' + - 'go.mod' + - 'go.sum' + schedule: + - cron: '44 8 * * 6' +jobs: + tests: + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v3 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..c1f2ff1 --- /dev/null +++ b/Makefile @@ -0,0 +1,28 @@ +SHELL := /bin/bash + +.PHONY: install fmt vet test devchecknotest devcheck golangcilint importfmtlint + +default: install + +install: + go mod tidy + go install . + +fmt: + go fmt ./... + +vet: + go vet ./... + +test: + go test -parallel=4 ./... + +devchecknotest: install golangcilint importfmtlint + +devcheck: devchecknotest test + +golangcilint: + go run github.com/golangci/golangci-lint/cmd/golangci-lint run --timeout 10m ./... + +importfmtlint: + go run github.com/pavius/impi/cmd/impi --local . --scheme stdThirdPartyLocal ./... \ No newline at end of file