From 061101c96e5716ae23a5ab898f6c484fbaaf4b21 Mon Sep 17 00:00:00 2001 From: Shiwei Zhang Date: Thu, 26 Dec 2024 16:57:37 +0800 Subject: [PATCH] ci: set up basic workflows (#3) Signed-off-by: Shiwei Zhang --- .github/.codecov.yml | 23 ++++++++++++ .github/dependabot.yml | 23 ++++++++++++ .github/licenserc.yml | 44 ++++++++++++++++++++++ .github/workflows/build.yml | 50 +++++++++++++++++++++++++ .github/workflows/codeql.yml | 54 +++++++++++++++++++++++++++ .github/workflows/license-checker.yml | 42 +++++++++++++++++++++ .gitignore | 36 ++++++++++++++++++ LICENSE | 2 +- Makefile | 32 ++++++++++++++++ doc.go | 15 ++++++++ go.mod | 3 ++ 11 files changed, 323 insertions(+), 1 deletion(-) create mode 100644 .github/.codecov.yml create mode 100644 .github/dependabot.yml create mode 100644 .github/licenserc.yml create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/license-checker.yml create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 doc.go create mode 100644 go.mod diff --git a/.github/.codecov.yml b/.github/.codecov.yml new file mode 100644 index 0000000..a718e58 --- /dev/null +++ b/.github/.codecov.yml @@ -0,0 +1,23 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +coverage: + status: + project: + default: + target: 80% + if_ci_failed: error + patch: + default: + target: 80% + if_ci_failed: error diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a0101e0 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,23 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +version: 2 +updates: + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "weekly" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/licenserc.yml b/.github/licenserc.yml new file mode 100644 index 0000000..805a433 --- /dev/null +++ b/.github/licenserc.yml @@ -0,0 +1,44 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +header: + license: + spdx-id: Apache-2.0 + content: | + Copyright The Ratify Authors. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + paths-ignore: + - '**/*.md' + - 'CODEOWNERS' + - 'LICENSE' + - 'MAINTAINERS' + - 'go.mod' + - 'go.sum' + - '**/testdata/**' + + comment: on-failure + +dependency: + files: + - go.mod diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..fe471a5 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,50 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: build + +on: + push: + branches: + - main + - release-* + pull_request: + branches: + - main + - release-* + +jobs: + build: + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + checks: write + strategy: + matrix: + go-version: ['1.22', '1.23'] + fail-fast: true + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Go ${{ matrix.go-version }} environment + uses: actions/setup-go@v5 + with: + go-version: ${{ matrix.go-version }} + check-latest: true + - name: Run unit tests + run: make test + - name: Upload coverage to codecov.io + uses: codecov/codecov-action@v5 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..4e55d61 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,54 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: CodeQL + +on: + push: + branches: + - main + - release-* + pull_request: + branches: + - main + - release-* + schedule: + - cron: '19 7 * * 1' + workflow_dispatch: + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + matrix: + go-version: ['1.22', '1.23'] + fail-fast: false + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Set up Go ${{ matrix.go-version }} environment + uses: actions/setup-go@v5 + with: + go-version: ${{ matrix.go-version }} + check-latest: true + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: go + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/license-checker.yml b/.github/workflows/license-checker.yml new file mode 100644 index 0000000..6ed38f5 --- /dev/null +++ b/.github/workflows/license-checker.yml @@ -0,0 +1,42 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: License Checker + +on: + push: + branches: + - main + - release-* + pull_request: + branches: + - main + - release-* + +jobs: + check-license: + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Check license header + uses: apache/skywalking-eyes/header@v0.6.0 + with: + mode: check + config: .github/licenserc.yml + - name: Check dependencies license + uses: apache/skywalking-eyes/dependency@v0.6.0 + with: + config: .github/licenserc.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5d90f1e --- /dev/null +++ b/.gitignore @@ -0,0 +1,36 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, build with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# VS Code +.vscode +debug + +# Jetbrains +.idea + +# Custom +coverage.txt +vendor/ diff --git a/LICENSE b/LICENSE index 261eeb9..ea79125 100644 --- a/LICENSE +++ b/LICENSE @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright 2021 Ratify Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..56de7b3 --- /dev/null +++ b/Makefile @@ -0,0 +1,32 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +.PHONY: all +all: test + +.PHONY: test +test: check-line-endings ## run unit tests + go test -race -v -coverprofile=coverage.txt -covermode=atomic ./... + +.PHONY: clean +clean: + git status --ignored --short | grep '^!! ' | sed 's/!! //' | xargs rm -rf + +.PHONY: check-line-endings +check-line-endings: ## check line endings + ! find . -name "*.go" -type f -exec file "{}" ";" | grep CRLF + ! find -name "*.sh" -type f -exec file "{}" ";" | grep CRLF + +.PHONY: fix-line-endings +fix-line-endings: ## fix line endings + find . -type f -name "*.go" -exec sed -i -e "s/\r//g" {} + diff --git a/doc.go b/doc.go new file mode 100644 index 0000000..a064350 --- /dev/null +++ b/doc.go @@ -0,0 +1,15 @@ +// Copyright The Ratify Authors. +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package ratify provides core functionality for the ratify library. +package ratify diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..61145e6 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module github.com/ratify-project/ratify-go + +go 1.22.0