From f1c1994d4954543aed8ddbbd1ba7274ec90b85d6 Mon Sep 17 00:00:00 2001 From: Thomas Gorham Date: Tue, 28 Sep 2021 14:22:48 -0700 Subject: [PATCH 01/14] Pull up Go to v1.17 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 155be22..a80b076 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.15.2 +FROM golang:1.17 ENV GO111MODULE=on From bae6cb40c2be367c9f6b5545b653807062615486 Mon Sep 17 00:00:00 2001 From: Thomas Gorham Date: Tue, 28 Sep 2021 14:56:20 -0700 Subject: [PATCH 02/14] Do not simplify when listing files --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index e3d2256..dafd4bf 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -61,7 +61,7 @@ ${OUTPUT} # check_fmt is excute "go fmt" and generate ${COMMENT} and ${SUCCESS} check_fmt() { set +e - UNFMT_FILES=$(sh -c "gofmt -l -s . $*" 2>&1) + UNFMT_FILES=$(sh -c "gofmt -l . $*" 2>&1) test -z "${UNFMT_FILES}" SUCCESS=$? From 326ba2c3da0020245d861b8e5e39ebdf8e1d706a Mon Sep 17 00:00:00 2001 From: Thomas Gorham Date: Wed, 29 Sep 2021 09:51:14 -0700 Subject: [PATCH 03/14] Test PR rules --- LICENSE | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/LICENSE b/LICENSE index 905a972..c6359bb 100644 --- a/LICENSE +++ b/LICENSE @@ -1,14 +1,21 @@ - DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE - Version 2, December 2004 +MIT License -Copyright (C) 2019 grandcolline +Copyright (c) 2021 Convictional, Inc. -Everyone is permitted to copy and distribute verbatim or modified -copies of this license document, and changing it is allowed as long -as the name is changed. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: - DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. You just DO WHAT THE FUCK YOU WANT TO. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. From 8a43c7abb611fd0bee1394c17fad72947935940b Mon Sep 17 00:00:00 2001 From: Thomas Gorham Date: Wed, 29 Sep 2021 09:56:30 -0700 Subject: [PATCH 04/14] Revert "Test PR rules" This reverts commit 326ba2c3da0020245d861b8e5e39ebdf8e1d706a. --- LICENSE | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/LICENSE b/LICENSE index c6359bb..905a972 100644 --- a/LICENSE +++ b/LICENSE @@ -1,21 +1,14 @@ -MIT License + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 -Copyright (c) 2021 Convictional, Inc. +Copyright (C) 2019 grandcolline -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: +Everyone is permitted to copy and distribute verbatim or modified +copies of this license document, and changing it is allowed as long +as the name is changed. -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. You just DO WHAT THE FUCK YOU WANT TO. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. From 11637323bf9e03a01247d3ddc6ca152b012a54cc Mon Sep 17 00:00:00 2001 From: Thomas Gorham <83597118+tgorham4@users.noreply.github.com> Date: Wed, 29 Sep 2021 16:08:06 -0700 Subject: [PATCH 05/14] Add PR template (#1) --- .github/pull_request_template.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..e89d601 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,27 @@ +## Related issues + +Closes: # + +## Description + +Please include a summary of the change. Please also include relevant motivation and context. + +## Checklist +Before requesting reviews, check all boxes below. + +- [ ] I have left self-review comments to help other reviewers. +- [ ] My PR is as small as possible and focused on a single task.md#api-checklist). +- [ ] I have considered and implemented security best practices +- [ ] If tagging multiple reviewers, I have made specific asks. + +## Manual testing +Before marking as "ready for production", check all boxes below. + +- [ ] List all the verification steps you'll perform here (at least one) + +## Production readiness +Before merging, "ready" should be checked. + +- [ ] WIP: it's not ready for review +- [ ] Pending: it's not ready for production +- [ ] Ready: it's ready for production From 2b80cc3ff229b6dfe94d14c6ab2f9f30891dcca5 Mon Sep 17 00:00:00 2001 From: Thomas Gorham <83597118+tgorham4@users.noreply.github.com> Date: Wed, 30 Mar 2022 09:14:03 -0700 Subject: [PATCH 06/14] Update to go1.18 (#2) --- Dockerfile | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index a80b076..f24ad7a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,15 @@ -FROM golang:1.17 +FROM golang:1.18 ENV GO111MODULE=on RUN apt-get update && \ apt-get -y install jq && \ - go get -u \ - github.com/kisielk/errcheck \ - golang.org/x/tools/cmd/goimports \ - golang.org/x/lint/golint \ - github.com/securego/gosec/cmd/gosec \ - golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow \ - honnef.co/go/tools/cmd/staticcheck + go install github.com/kisielk/errcheck@latest && \ + go install golang.org/x/tools/cmd/goimports@latest && \ + go install golang.org/x/lint/golint@latest && \ + go install github.com/securego/gosec/cmd/gosec@latest && \ + go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@latest && \ + go install honnef.co/go/tools/cmd/staticcheck@latest COPY entrypoint.sh /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] From e16d0ae827018c3477cc3552cff5198b2cfda675 Mon Sep 17 00:00:00 2001 From: Thomas Gorham <83597118+tgorham4@users.noreply.github.com> Date: Wed, 30 Mar 2022 10:07:09 -0700 Subject: [PATCH 07/14] Bump gosec version (#3) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f24ad7a..3dde4d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,7 @@ RUN apt-get update && \ go install github.com/kisielk/errcheck@latest && \ go install golang.org/x/tools/cmd/goimports@latest && \ go install golang.org/x/lint/golint@latest && \ - go install github.com/securego/gosec/cmd/gosec@latest && \ + go install github.com/securego/gosec/v2/cmd/gosec@latest && \ go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@latest && \ go install honnef.co/go/tools/cmd/staticcheck@latest From 8701ff3d30bfa7f03cc6f8fe98b81896673aeb61 Mon Sep 17 00:00:00 2001 From: Thomas Gorham <83597118+tgorham4@users.noreply.github.com> Date: Tue, 24 May 2022 11:51:56 -0700 Subject: [PATCH 08/14] Temp: Use local version of gosec (#4) --- Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3dde4d6..408a7c7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,9 +7,11 @@ RUN apt-get update && \ go install github.com/kisielk/errcheck@latest && \ go install golang.org/x/tools/cmd/goimports@latest && \ go install golang.org/x/lint/golint@latest && \ - go install github.com/securego/gosec/v2/cmd/gosec@latest && \ go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@latest && \ go install honnef.co/go/tools/cmd/staticcheck@latest +# Manually install a patched version of gosec +RUN git clone https://github.com/convictional/gosec && cd gosec && go install . && cd .. + COPY entrypoint.sh /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] From bbd9ad8171bc51b670c57e565aa5c3fe502adafc Mon Sep 17 00:00:00 2001 From: Thomas Gorham <83597118+tgorham4@users.noreply.github.com> Date: Tue, 24 May 2022 13:33:05 -0700 Subject: [PATCH 09/14] Fix docker build (#5) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 408a7c7..f2bbbec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && \ go install honnef.co/go/tools/cmd/staticcheck@latest # Manually install a patched version of gosec -RUN git clone https://github.com/convictional/gosec && cd gosec && go install . && cd .. +RUN git clone https://github.com/convictional/gosec && cd gosec && go install ./cmd/gosec/ && cd .. COPY entrypoint.sh /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] From 14a133678b35c1e6eaf7c85723ca4d5764bb9a3e Mon Sep 17 00:00:00 2001 From: genecvtl <105661282+genecvtl@users.noreply.github.com> Date: Wed, 25 May 2022 16:10:01 -0400 Subject: [PATCH 10/14] fixed spelling (#6) it's petty i know --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index f982a3b..bca7d74 100644 --- a/action.yml +++ b/action.yml @@ -6,7 +6,7 @@ inputs: description: "excute command. [errcheck/fmt/imports/lint/sec/shadow/staticcheck/vet]" required: true directory: - description: "action wroking directory." + description: "action working directory." default: "." required: false comment: From 3605f4f79e111d4f1e558d919f3a50d4fb5d81de Mon Sep 17 00:00:00 2001 From: genecvtl <105661282+genecvtl@users.noreply.github.com> Date: Thu, 9 Jun 2022 18:26:06 -0400 Subject: [PATCH 11/14] build and push on tag test (#7) * build and push on tag test * Delete golang-github-actions.iml * Delete modules.xml * Delete vcs.xml * Delete .gitignore --- .github/tag.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .github/tag.yaml diff --git a/.github/tag.yaml b/.github/tag.yaml new file mode 100644 index 0000000..380fd9a --- /dev/null +++ b/.github/tag.yaml @@ -0,0 +1,21 @@ +name: Push to GCR GitHub Action +on: + push: + tags: + - '*' +jobs: + build-and-push-to-gcr: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: google-github-actions/setup-gcloud@master + - name: Get the version + id: get_tag_name + run: echo ::set-output name=GIT_TAG_NAME::${GITHUB_REF/refs\/tags\//} + - uses: RafikFarhad/push-to-gcr-github-action@v4 + with: + gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }} + registry: gcr.io + project_id: convictional-global + image_name: golang-github-actions-test + image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME}} \ No newline at end of file From 4d2d41cd53cf27b4bfa54460f6e678367b69ef98 Mon Sep 17 00:00:00 2001 From: genecvtl <105661282+genecvtl@users.noreply.github.com> Date: Thu, 9 Jun 2022 18:34:34 -0400 Subject: [PATCH 12/14] Update tag.yaml (#8) --- .github/{ => workflows}/tag.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{ => workflows}/tag.yaml (100%) diff --git a/.github/tag.yaml b/.github/workflows/tag.yaml similarity index 100% rename from .github/tag.yaml rename to .github/workflows/tag.yaml From f15c129a0e55641df1f950b8769daf4e62ffc5df Mon Sep 17 00:00:00 2001 From: genecvtl <105661282+genecvtl@users.noreply.github.com> Date: Thu, 9 Jun 2022 18:49:18 -0400 Subject: [PATCH 13/14] Update tag.yaml (#9) --- .github/workflows/tag.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml index 380fd9a..063c9b1 100644 --- a/.github/workflows/tag.yaml +++ b/.github/workflows/tag.yaml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - uses: google-github-actions/setup-gcloud@master + - uses: google-github-actions/setup-gcloud@main - name: Get the version id: get_tag_name run: echo ::set-output name=GIT_TAG_NAME::${GITHUB_REF/refs\/tags\//} @@ -18,4 +18,4 @@ jobs: registry: gcr.io project_id: convictional-global image_name: golang-github-actions-test - image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME}} \ No newline at end of file + image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME}} From 6b2c01c471d834f31013d46e9d1e033d16718a21 Mon Sep 17 00:00:00 2001 From: samuelbeyeler <68240518+samuelbeyeler@users.noreply.github.com> Date: Tue, 28 Feb 2023 19:38:15 -0700 Subject: [PATCH 14/14] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f2bbbec..f72fb70 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.18 +FROM golang:1.19 ENV GO111MODULE=on