Add go lint and renovate.

project-ncl · Dec 23, 2024 · 8e8ee9d · 8e8ee9d
1 parent 7accbd6
commit 8e8ee9d
Show file tree

Hide file tree

Showing 105 changed files with 110,658 additions and 39 deletions.
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -0,0 +1,7 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [ "github>konflux-ci/mintmaker//config/renovate/renovate.json" ],
+  "pinDigests": true,
+  "postUpdateOptions": ["gomodTidy"],
+  "addLabels": ["ok-to-test"]
+}
diff --git a/.github/workflows/go-ci.yaml b/.github/workflows/go-ci.yaml
@@ -0,0 +1,99 @@
+name: GoLang CI
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5
+        with:
+          go-version-file: './go.mod'
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6
+        with:
+          args: "--timeout=10m --build-tags='normal periodic minikube'"
+  go:
+    name: Check sources
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - name: Check out code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - name: Install Go
+        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5
+        with:
+          go-version-file: './go.mod'
+      - name: Check go mod status
+        run: |
+          go mod tidy
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "Go mod state is not clean:"
+            git --no-pager diff
+            exit 1
+          fi
+      - name: Check format
+        run: |
+          make fmt
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "not all golang files properly gofmt'ed:"
+            git --no-pager diff
+            exit 1
+          fi
+      - name: Check generated
+        run: |
+          make generate
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "generated sources are not up to date:"
+            git --no-pager diff
+            exit 1
+          fi
+  unit:
+    name: Golang Unit tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - name: Install Go
+        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5
+        with:
+          go-version-file: './go.mod'
+      - name: Build Domain Proxy Server
+        run: go build -v -o bin/domainproxyserver cmd/server/main.go
+      - name: Build Domain Proxy Client
+        run: go build -v -o bin/domainproxyclient cmd/client/main.go
+      - name: Test
+        run: go test -v ./test
+      - name: Codecov
+        uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          verbose: true
+  security_scan:
+    name: Security scan
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5
+        with:
+          go-version-file: './go.mod'
+      # https://github.com/securego/gosec/blob/12be14859bc7d4b956b71bef0b443694aa519d8a/README.md#integrating-with-code-scanning
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@master
+        with:
+          # we let the report trigger content trigger a failure using the GitHub Security features.
+          args: '-tags normal,periodic -no-fail -fmt sarif -out results.sarif ./...'
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: results.sarif
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
diff --git a/.gitignore b/.gitignore
@@ -11,9 +11,6 @@
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
 
-# Dependency directories (remove the comment below to include it)
-/vendor/
-
 # Go workspace file
 go.work
 go.work.sum

diff --git a/deploy/Dockerfile.all-in-one b/deploy/Dockerfile.all-in-one
@@ -6,8 +6,7 @@ COPY ./ .
 ENV GOTOOLCHAIN=auto \
     GOSUMDB=sum.golang.org
 
-RUN go mod tidy && \
-    go build -o domainproxyserver cmd/server/main.go && \
+RUN go build -o domainproxyserver cmd/server/main.go && \
     go build -o domainproxyclient cmd/client/main.go
 
 FROM quay.io/konflux-ci/buildah-task:latest@sha256:5cbd487022fb7ac476cbfdea25513b810f7e343ec48f89dc6a4e8c3c39fa37a2

diff --git a/vendor/github.com/elazarl/goproxy/.gitignore b/vendor/github.com/elazarl/goproxy/.gitignore
diff --git a/vendor/github.com/elazarl/goproxy/LICENSE b/vendor/github.com/elazarl/goproxy/LICENSE
diff --git a/vendor/github.com/elazarl/goproxy/README.md b/vendor/github.com/elazarl/goproxy/README.md