From c233cc1d27554c5ab1a86ddf61f4d79f55cffb0f Mon Sep 17 00:00:00 2001 From: Kristina Spring Date: Fri, 11 Dec 2020 17:09:06 -0800 Subject: [PATCH] updated automation, readme --- .codeclimate.yml | 31 ------------- .codecov.yml | 11 +++++ .github/workflows/push.yml | 84 +++++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 34 ++++++++++++++ .github/workflows/tag.yml | 28 ++++++++++++ .golangci.yaml | 19 ++++++++ .sonar-project.properties | 3 +- .travis.yml | 66 --------------------------- .whitesource | 12 +++++ README.md | 6 +-- 10 files changed, 192 insertions(+), 102 deletions(-) delete mode 100644 .codeclimate.yml create mode 100644 .codecov.yml create mode 100644 .github/workflows/push.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/tag.yml create mode 100644 .golangci.yaml delete mode 100644 .travis.yml create mode 100644 .whitesource diff --git a/.codeclimate.yml b/.codeclimate.yml deleted file mode 100644 index efd9ecc..0000000 --- a/.codeclimate.yml +++ /dev/null @@ -1,31 +0,0 @@ -version: "2" # required to adjust maintainability checks -checks: - argument-count: - config: - threshold: 4 - complex-logic: - config: - threshold: 4 - file-lines: - config: - threshold: 250 - method-complexity: - enabled: false - method-count: - config: - threshold: 20 - method-lines: - config: - threshold: 70 - nested-control-flow: - config: - threshold: 4 - return-statements: - config: - threshold: 10 - similar-code: - config: - threshold: 200 - identical-code: - config: - threshold: 200 diff --git a/.codecov.yml b/.codecov.yml new file mode 100644 index 0000000..9842d39 --- /dev/null +++ b/.codecov.yml @@ -0,0 +1,11 @@ +coverage: + range: 50..80 + round: down + precision: 2 + +ignore: + - "*_test.go" + - "vendor" + +fixes: + - "github.com/xmidt-org/bascule/::" \ No newline at end of file diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..6b2edef --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,84 @@ +name: CI + +on: + create: + pull_request: + push: + branches: + - main + +jobs: + test: + name: Unit Tests + runs-on: [ ubuntu-latest ] + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + # Setup Go + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.15.x' # The Go version to download (if necessary) and use. + + # Run build of the application + - name: Run build + run: go build ./... + + # Run gofmt on the code + - name: Run gofmt + run: gofmt -d + + # Run testing on the code + - name: Run testing + run: | + go test -v -race -coverprofile=coverage.txt ./... + go test -race -json ./... > report.json + curl -s https://codecov.io/bash | bash + echo "codecov done" + + lint: + strategy: + matrix: + go-version: [ 1.15.x ] + os: [ ubuntu-latest ] + name: Lint + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v2 + - name: golangci-lint + uses: golangci/golangci-lint-action@v2 + with: + # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. + version: v1.33 + # Optional: working directory, useful for monorepos + # working-directory: somedir + + # Optional: golangci-lint command line arguments. + # args: -v + + # Optional: show only new issues if it's a pull request. The default value is `false`. + only-new-issues: true + + goreportcard: + runs-on: ubuntu-latest + if: github.event_name == 'push' + steps: + - name: Go report card + uses: creekorful/goreportcard-action@v1.0 + + sonarcloud: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + with: + args: > + -Dproject.settings=./.sonar-project.properties + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..5cba792 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,34 @@ +name: release + +on: + push: + tags: + # Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta + - 'v[0-9]+.[0-9]+.[0-9]+*' + +jobs: + release: + runs-on: [ ubuntu-latest ] + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Prepare Release Body + id: prep + run: | + export VERSION=${GITHUB_REF#refs/tags/} + export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1\n" if /.*## \[${VERSION}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') + export TODAY=`date +'%m/%d/%Y'` + echo ::set-output name=rname::$(echo ${VERSION} ${TODAY}) + echo ::set-output name=body::${NOTES} + - name: create release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + with: + tag_name: ${{ github.ref }} + draft: false + prerelease: false + release_name: ${{ steps.prep.outputs.rname }} + body: ${{ steps.prep.outputs.body }} diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000..641cfcc --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,28 @@ +name: tag + +on: + push: + paths: + - "CHANGELOG.md" # only try to tag if the CHANGELOG has been updated. + branches: + - main + +jobs: + build: + runs-on: [ ubuntu-latest ] + steps: + - uses: actions/checkout@v2 + with: + token: '${{ secrets.PERSONAL_ACCESS_TOKEN }}' + fetch-depth: 0 + - name: set up bot + run: | + git config --global user.name "xmidt-bot" + git config --global user.email "$BOT_EMAIL" + - name: export variables and tag commit + run: | + export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1) + export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') + export TODAY=`date +'%m/%d/%Y'` + export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') + if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi diff --git a/.golangci.yaml b/.golangci.yaml new file mode 100644 index 0000000..425fa96 --- /dev/null +++ b/.golangci.yaml @@ -0,0 +1,19 @@ +--- +linters-settings: + misspell: + locale: US + +linters: + enable: + - bodyclose + - dupl + - errorlint + - funlen + - goconst + - gosec + - misspell + - unconvert + - prealloc + disable: + - errcheck + - ineffassign \ No newline at end of file diff --git a/.sonar-project.properties b/.sonar-project.properties index 1d6a7be..02d8924 100644 --- a/.sonar-project.properties +++ b/.sonar-project.properties @@ -6,6 +6,7 @@ # Standard properties # ===================================================== +sonar.organization=xmidt-org sonar.projectKey=xmidt-org_bascule sonar.projectName=bascule @@ -21,7 +22,7 @@ sonar.test.exclusions=**/vendor/** # ===================================================== sonar.links.homepage=https://github.com/xmidt-org/bascule -sonar.links.ci=https://travis-ci.org/xmidt-org/bascule +sonar.links.ci=https://github.com/xmidt-org/bascule/actions sonar.links.scm=https://github.com/xmidt-org/bascule sonar.links.issue=https://github.com/xmidt-org/bascule/issues diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index db4fef2..0000000 --- a/.travis.yml +++ /dev/null @@ -1,66 +0,0 @@ -language: go - -go: - - 1.13.x - - tip - -os: - - linux - -branches: - only: - - main - - /^v[0-9]+\.[0-9]+\.[0-9]+$/ - -addons: - sonarcloud: - organization: "xmidt-org" - token: - secure: "0am7scbUL7n2K/grA8cCN+c/s8H/oUhGsoiAepq6//dAJ7j5QjTspvzmVniZ6i+gtjzPdm4ccr8JslibqAksfAwSGYy2hZHtbibPtL2D2nBGaYg9RQTQD1TTPIdOLcrnyCdaE+Ueu2cbB0RmXK/fL+DAPS/NfOsrbWY7NJcu9298iEHZnrlYN7U1P9ENRkxIloLpeJEgkxbGn7T7rEnwbW1I2YE4UXJhGN6UzSXvyex/W4Gto3gDmTFarbLUopA6iZRAOJ6bgpGHNeb87X3AE0MnXBjiKfWUQKZrKBQeCWYkLjqYrsC5hTunL7daJcds4yELqbHIlAYilqr6WxDbu3FmEoH2Iw5bSpEFxuX/vB+GW4ESNEvRmc2xRsxx+FkNFRKRj34rd4lvNpN753po3eavUvPEb1Ze4qcIuABB5jSaBf7bjHou3TC8Per1wfXcBLC00bJUpWTaKUAdDuu5ESJIZoO3hwAYZtt6vBSdajfMgXEQZoUm1YHEuYYY4/Vbs10m3fX6YFPcOhaFHWB6MlwQEiOsLsxnmCDtfRhZplP02xgX5evdSzIvaHCRRlMdEQEPV0VBt0JKiUUtSzKDfxU0tgnE/AtCVAQMDQEOey1Iddyf7fYwUAfgbUtRHrie1gaPd4jAAdwiKumt9RrLgab9vt6ncH2i+eea5stT3O0=" - -install: - - GO111MODULE=on go mod vendor - -# default name is 'test' - -script: - - if [ -n "$(gofmt -s -l . | grep -v "vendor")" ]; then diff -u <(echo -n) <(gofmt -d $(gofmt -s -l . | grep -v "vendor")); fi - - GO111MODULE=on go test -v -race -coverprofile=coverage.txt ./... - - GO111MODULE=on go test -race -json ./... > report.json - -after_success: - - sonar-scanner -Dproject.settings=./.sonar-project.properties - - bash <(curl -s https://codecov.io/bash) - -stages: - - test - - tag - - release - -jobs: - include: - - stage: tag - name: "Tag For Release" - if: branch = main && type = push - before_script: - - echo -e "machine github.com\n login $GH_TOKEN" > ~/.netrc - script: - - export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1 | sed 's/v\(.*\)/\1/') - - git config --global user.name "xmidt-bot" - - git config --global user.email "$BOT_EMAIL" - - export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') - - export TODAY=`date +'%m/%d/%Y'` - - export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') - - if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi - after_success: skip - - - stage: release - name: "Make a Release" - if: branch != main - script: skip - deploy: - on: - all_branches: true - tags: true - provider: releases - api_key: "$GH_TOKEN" diff --git a/.whitesource b/.whitesource new file mode 100644 index 0000000..55b922e --- /dev/null +++ b/.whitesource @@ -0,0 +1,12 @@ +{ + "scanSettings": { + "baseBranches": [] + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure", + "displayMode": "diff" + }, + "issueSettings": { + "minSeverityLevel": "LOW" + } +} \ No newline at end of file diff --git a/README.md b/README.md index 40e484c..f7212f2 100644 --- a/README.md +++ b/README.md @@ -2,14 +2,12 @@ The library for authorization: both acquiring and validating. -[![Build Status](https://travis-ci.com/xmidt-org/bascule.svg?branch=main)](https://travis-ci.com/xmidt-org/bascule) +[![Build Status](https://github.com/xmidt-org/bascule/workflows/CI/badge.svg)](https://github.com/xmidt-org/bascule/actions) [![codecov.io](http://codecov.io/github/xmidt-org/bascule/coverage.svg?branch=main)](http://codecov.io/github/xmidt-org/bascule?branch=main) -[![Code Climate](https://codeclimate.com/github/xmidt-org/bascule/badges/gpa.svg)](https://codeclimate.com/github/xmidt-org/bascule) -[![Issue Count](https://codeclimate.com/github/xmidt-org/bascule/badges/issue_count.svg)](https://codeclimate.com/github/xmidt-org/bascule) [![Go Report Card](https://goreportcard.com/badge/github.com/xmidt-org/bascule)](https://goreportcard.com/report/github.com/xmidt-org/bascule) [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/xmidt-org/bascule/blob/main/LICENSE) [![GitHub release](https://img.shields.io/github/release/xmidt-org/bascule.svg)](CHANGELOG.md) -[![GoDoc](https://godoc.org/github.com/xmidt-org/bascule?status.svg)](https://godoc.org/github.com/xmidt-org/bascule) +[![PkgGoDev](https://pkg.go.dev/badge/github.com/xmidt-org/bascule)](https://pkg.go.dev/github.com/xmidt-org/bascule) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=xmidt-org_arrange&metric=alert_status)](https://sonarcloud.io/dashboard?id=xmidt-org_bascule) ## Summary