diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..39ca41e --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,7 @@ +## Changes proposed in this pull request: +- +- +- + +## security considerations +[Note the any security considerations here, or make note of why there are none] diff --git a/.github/workflows/security-considerations.yml b/.github/workflows/security-considerations.yml new file mode 100644 index 0000000..daf10f9 --- /dev/null +++ b/.github/workflows/security-considerations.yml @@ -0,0 +1,12 @@ +name: Security Considerations + +on: + pull_request: + types: [opened, edited, reopened] + branches: [main, master, develop] + +jobs: + security-considerations: + runs-on: ubuntu-latest + steps: + - uses: cloud-gov/security-considerations-action@main diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 8201f3b..0000000 --- a/.travis.yml +++ /dev/null @@ -1,5 +0,0 @@ -language: go -go: - - 1.9.x - - tip -script: go test -race ./... diff --git a/Gopkg.lock b/Gopkg.lock deleted file mode 100644 index 0dc65f9..0000000 --- a/Gopkg.lock +++ /dev/null @@ -1,71 +0,0 @@ -# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. - - -[[projects]] - branch = "fixshutdown" - name = "github.com/bgentry/que-go" - packages = ["."] - revision = "9937fbb63d3e5c2cd14d30378eaee59641fc4fbe" - source = "github.com/govau/que-go" - -[[projects]] - name = "github.com/cloudfoundry-community/go-cfenv" - packages = ["."] - revision = "f920e9562d5f951cbf11785728f67258c38a10d0" - version = "v1.17.0" - -[[projects]] - name = "github.com/dgrijalva/jwt-go" - packages = ["."] - revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e" - version = "v3.2.0" - -[[projects]] - name = "github.com/gorilla/context" - packages = ["."] - revision = "1ea25387ff6f684839d82767c1733ff4d4d15d0a" - version = "v1.1" - -[[projects]] - name = "github.com/gorilla/securecookie" - packages = ["."] - revision = "e59506cc896acb7f7bf732d4fdf5e25f7ccd8983" - version = "v1.1.1" - -[[projects]] - name = "github.com/gorilla/sessions" - packages = ["."] - revision = "ca9ada44574153444b00d3fd9c8559e4cc95f896" - version = "v1.1" - -[[projects]] - name = "github.com/jackc/pgx" - packages = [ - ".", - "chunkreader", - "internal/sanitize", - "pgio", - "pgproto3", - "pgtype" - ] - revision = "da3231b0b66e2e74cdb779f1d46c5e958ba8be27" - version = "v3.1.0" - -[[projects]] - branch = "master" - name = "github.com/mitchellh/mapstructure" - packages = ["."] - revision = "00c29f56e2386353d58c599509e8dc3801b0d716" - -[[projects]] - name = "github.com/pkg/errors" - packages = ["."] - revision = "645ef00459ed84a119197bfb8d8205042c6df63d" - version = "v0.8.0" - -[solve-meta] - analyzer-name = "dep" - analyzer-version = 1 - inputs-digest = "a63ce1561e79c3760db40cce13c377870d92a06d415ff684eb87d9c3fd070b67" - solver-name = "gps-cdcl" - solver-version = 1 diff --git a/Gopkg.toml b/Gopkg.toml deleted file mode 100644 index 49a4017..0000000 --- a/Gopkg.toml +++ /dev/null @@ -1,28 +0,0 @@ -[[constraint]] - name = "github.com/bgentry/que-go" - source = "github.com/govau/que-go" - branch = "fixshutdown" - -[[constraint]] - name = "github.com/cloudfoundry-community/go-cfenv" - version = "1.17.0" - -[[constraint]] - name = "github.com/dgrijalva/jwt-go" - version = "3.2.0" - -[[constraint]] - name = "github.com/gorilla/securecookie" - version = "1.1.1" - -[[constraint]] - name = "github.com/gorilla/sessions" - version = "1.1.0" - -[[constraint]] - name = "github.com/jackc/pgx" - version = "3.1.0" - -[prune] - go-tests = true - unused-packages = true diff --git a/README.md b/README.md index fc5cb68..93ad9e4 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# cf-common · [![Travis-CI](https://travis-ci.org/govau/cf-common.svg)](https://travis-ci.org/govau/cf-common) [![GoDoc](https://godoc.org/github.com/govau/cf-common?status.svg)](http://godoc.org/github.com/govau/cf-common) [![Report card](https://goreportcard.com/badge/github.com/govau/cf-common)](https://goreportcard.com/report/github.com/govau/cf-common) +# cf-common Contains utility classes for interacting with our Cloud Foundry environments and related services. diff --git a/env/opts_example_test.go b/env/opts_example_test.go index c6f5466..8080e54 100644 --- a/env/opts_example_test.go +++ b/env/opts_example_test.go @@ -4,7 +4,7 @@ import ( "fmt" "os" - "github.com/govau/cf-common/env" + "github.com/cloud-gov/cf-common/env" ) func ExampleWithOSLookup() { diff --git a/env/ups.go b/env/ups.go index 453e6f9..c387490 100644 --- a/env/ups.go +++ b/env/ups.go @@ -3,7 +3,7 @@ package env import ( "fmt" - "github.com/cloudfoundry-community/go-cfenv" + "github.com/cloud-gov/go-cfenv" ) // WithUPSLookup configures the VarSet to use the CloudFoundry user-provided diff --git a/env/ups_example_test.go b/env/ups_example_test.go index 7c10ae9..ce0c76a 100644 --- a/env/ups_example_test.go +++ b/env/ups_example_test.go @@ -3,8 +3,8 @@ package env_test import ( "fmt" - "github.com/cloudfoundry-community/go-cfenv" - "github.com/govau/cf-common/env" + "github.com/cloud-gov/go-cfenv" + "github.com/cloud-gov/cf-common/env" ) func ExampleWithUPSLookup() { diff --git a/env/ups_test.go b/env/ups_test.go index ddb3e0f..ff9e387 100644 --- a/env/ups_test.go +++ b/env/ups_test.go @@ -3,7 +3,7 @@ package env import ( "testing" - "github.com/cloudfoundry-community/go-cfenv" + "github.com/cloud-gov/go-cfenv" ) func TestWithUPSLookup(t *testing.T) { diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..2d525a0 --- /dev/null +++ b/go.mod @@ -0,0 +1,26 @@ +module github.com/cloud-gov/cf-common + +go 1.22.4 + +require ( + github.com/bgentry/que-go v1.0.1 + github.com/cloud-gov/go-cfenv v1.19.0 + github.com/dgrijalva/jwt-go v3.2.0+incompatible + github.com/gorilla/securecookie v1.1.2 + github.com/gorilla/sessions v1.3.0 + github.com/jackc/pgx v3.6.2+incompatible +) + +require ( + github.com/cockroachdb/apd v1.1.0 // indirect + github.com/gofrs/uuid v4.4.0+incompatible // indirect + github.com/jackc/fake v0.0.0-20150926172116-812a484cc733 // indirect + github.com/lib/pq v1.10.9 // indirect + github.com/mitchellh/mapstructure v1.1.2 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/shopspring/decimal v1.4.0 // indirect + golang.org/x/crypto v0.24.0 // indirect + golang.org/x/net v0.26.0 // indirect + golang.org/x/text v0.16.0 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..5ddaa2d --- /dev/null +++ b/go.sum @@ -0,0 +1,43 @@ +github.com/bgentry/que-go v1.0.1 h1:M/cEPOU66X/YewE1rD1IdHjfM79jClXl0BHNWiF+l44= +github.com/bgentry/que-go v1.0.1/go.mod h1:brRADvWrR9WUT5E5NxTHwLhPmuhKHWbrRudSun7H6ZU= +github.com/cloud-gov/go-cfenv v1.19.0 h1:xWCb++6Bmu0pQ1nXMZf5vZtPPO2EibBPJDwtj7uUuQo= +github.com/cloud-gov/go-cfenv v1.19.0/go.mod h1:9PcXnKSlLSOuXht242uZbYVDed1Yg6lCaYCqaqlKHAA= +github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I= +github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA= +github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= +github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= +github.com/gorilla/sessions v1.3.0 h1:XYlkq7KcpOB2ZhHBPv5WpjMIxrQosiZanfoy1HLZFzg= +github.com/gorilla/sessions v1.3.0/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= +github.com/jackc/fake v0.0.0-20150926172116-812a484cc733 h1:vr3AYkKovP8uR8AvSGGUK1IDqRa5lAAvEkZG1LKaCRc= +github.com/jackc/fake v0.0.0-20150926172116-812a484cc733/go.mod h1:WrMFNQdiFJ80sQsxDoMokWK1W5TQtxBFNpzWTD84ibQ= +github.com/jackc/pgx v3.6.2+incompatible h1:2zP5OD7kiyR3xzRYMhOcXVvkDZsImVXfj+yIyTQf3/o= +github.com/jackc/pgx v3.6.2+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I= +github.com/joefitzgerald/rainbow-reporter v0.1.0 h1:AuMG652zjdzI0YCCnXAqATtRBpGXMcAnrajcaTrSeuo= +github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/onsi/gomega v1.5.0 h1:izbySO9zDPmjJ8rDjLvkA2zJHIo+HkYXHnf7eN7SSyo= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/sclevine/spec v1.2.0 h1:1Jwdf9jSfDl9NVmt8ndHqbTZ7XCCPbh1jI3hkDBHVYA= +github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= +github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= +github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= +golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= +golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= +golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= diff --git a/jobs/database.go b/jobs/database.go index 3a18b82..3132e97 100644 --- a/jobs/database.go +++ b/jobs/database.go @@ -9,7 +9,7 @@ import ( "sync" "syscall" - cfenv "github.com/cloudfoundry-community/go-cfenv" + cfenv "github.com/cloud-gov/go-cfenv" "github.com/bgentry/que-go" "github.com/jackc/pgx"