fix: update deps and add release process

.aws-cli-auth.ini

@@ -0,0 +1,4 @@
+[role]
+[role.arn_aws_iam__111122342343_role____DevAdmin]
+name = "arn:aws:iam::111122342343:role/DevAdmin"
+[role.role2]

.github/workflows/build.yml

@@ -0,0 +1,70 @@
+name: CI
+
+on:
+  push:
+    branches: [ master, main ]
+
+jobs:
+  set-version:
+    runs-on: ubuntu-latest
+    container:
+      image: mcr.microsoft.com/dotnet/sdk:6.0 
+    outputs:
+      semVer: ${{ steps.gitversion.outputs.semVer }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Install GitVersion
+        uses: gittools/actions/gitversion/setup@v0.9.15
+        with:
+          versionSpec: '5.x'
+      - name: Set SemVer Version
+        uses: gittools/actions/gitversion/execute@v0.9.15
+        id: gitversion
+
+      - name: echo VERSIONS
+        run: | 
+          echo "REVISION  -> $GITHUB_SHA"
+          echo "VERSION -> $GITVERSION_SEMVER"
+  test:
+    runs-on: ubuntu-latest
+    container:
+      image: golang:1.20-bullseye
+    needs: set-version
+    env:
+      SEMVER: ${{ needs.set-version.outputs.semVer }}
+      GIT_TAG: ${{ needs.set-version.outputs.semVer }}
+      GOVCS: false
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 1
+      - name: install deps
+        run: |
+          apt update && apt install -y jq git
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+          git config user.email ${{ github.actor }}-ci@gha.org
+          git config user.name ${{ github.actor }}
+      - name: make test 
+        run: |
+          make REVISION=$GITHUB_SHA test
+      - name: Publish Junit style Test Report
+        uses: mikepenz/action-junit-report@v3
+        if: always() # always run even if the previous step fails
+        with:
+          report_paths: '**/.coverage/report-junit.xml'
+      - name: Analyze with SonarCloud         
+        # You can pin the exact commit or the version.
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          SEMVER: $SEMVER
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
+        with:
+          # Additional arguments for the sonarcloud scanner
+          args:             
+            # mandatory
+            -Dsonar.projectVersion=${{ needs.set-version.outputs.semVer }}
+            -Dsonar.go.coverage.reportPaths=/github/workspace/.coverage/out
+            -Dsonar.go.tests.reportPaths=/github/workspace/.coverage/report-junit.xml

.github/workflows/pr.yml

@@ -0,0 +1,59 @@
+name: PR
+
+on:
+  pull_request:
+    branches: [ master, main ]
+
+jobs:
+  set-version:
+    runs-on: ubuntu-latest
+    container:
+      image: mcr.microsoft.com/dotnet/sdk:6.0 
+    outputs:
+      semVer: ${{ steps.gitversion.outputs.semVer }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Install GitVersion
+        uses: gittools/actions/gitversion/setup@v0.9.15
+        with:
+          versionSpec: '5.x'
+      - name: Set SemVer Version
+        uses: gittools/actions/gitversion/execute@v0.9.15
+        id: gitversion
+  pr:
+    runs-on: ubuntu-latest
+    container:
+      image: golang:1.20-bullseye
+    needs: set-version
+    env:
+      REVISION: $GITHUB_SHA
+      SEMVER: ${{ needs.set-version.outputs.semVer }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: install deps
+        run: |
+          apt-get update && apt-get install -y jq git
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+          git config user.email ${{ github.actor }}-ci@gha.org
+          git config user.name ${{ github.actor }}
+      - name: make test 
+        run: |
+          make REVISION=$GITHUB_SHA test
+      - name: Publish Junit style Test Report
+        uses: mikepenz/action-junit-report@v3
+        if: always() # always run even if the previous step fails
+        with:
+          report_paths: '**/report-junit.xml'
+      - name: Analyze with SonarCloud         
+        # You can pin the exact commit or the version.
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
+        with:
+          args:             
+            -Dsonar.projectVersion=${{ needs.set-version.outputs.semVer }}
+            -Dsonar.go.coverage.reportPaths=/github/workspace/.coverage/out
+            -Dsonar.go.tests.reportPaths=/github/workspace/.coverage/report-junit.xml

.github/workflows/release.yml

@@ -0,0 +1,58 @@
+name: release
+
+on:
+  workflow_run:
+    workflows: ['CI']
+    types:
+      - completed
+
+jobs:
+  set-version:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    container:
+      image: mcr.microsoft.com/dotnet/sdk:6.0 
+    outputs:
+      semVer: ${{ steps.gitversion.outputs.semVer }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Install GitVersion
+        uses: gittools/actions/gitversion/setup@v0.9.15
+        with:
+          versionSpec: '5.x'
+      - name: Set SemVer Version
+        uses: gittools/actions/gitversion/execute@v0.9.15
+        id: gitversion
+
+      - name: echo VERSIONS
+        run: | 
+          echo "REVISION  -> $GITHUB_SHA"
+          echo "VERSION -> $GITVERSION_SEMVER"
+  release:
+    runs-on: ubuntu-latest
+    container:
+      image: golang:1.20-bullseye
+      env:
+        FOO: Bar
+    needs: set-version
+    env:
+      SEMVER: ${{ needs.set-version.outputs.semVer }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 1
+      - name: install deps
+        run: |
+          apt-get update && apt-get install jq git -y
+          git config --global --add safe.directory "$GITHUB_WORKSPACE"
+          git config user.email ${{ github.actor }}-ci@gha.org
+          git config user.name ${{ github.actor }}
+      - name: release library
+        run: |
+          make GIT_TAG=${SEMVER} REVISION=$GITHUB_SHA tag
+      - name: release binary
+        run: |
+          make REVISION=$GITHUB_SHA GIT_TAG=${SEMVER} PAT=${{ secrets.GITHUB_TOKEN }} cross-build
+          make REVISION=$GITHUB_SHA GIT_TAG=${SEMVER} PAT=${{ secrets.GITHUB_TOKEN }} release

.gitignore

@@ -7,6 +7,7 @@
 
 # Test binary, build with `go test -c`
 *.test
+.coverage
 
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
@@ -24,4 +25,4 @@ vendor/
 # IDEs
 .vscode
 
-.ignore*
+.ignore*

Makefile

@@ -1,9 +1,10 @@
 OWNER := dnitsch
 NAME := aws-cli-auth
-VERSION := v0.10.1
-REVISION := $(shell git rev-parse --short HEAD)
+GIT_TAG := 0.11.11
+VERSION := v$(GIT_TAG)
+REVISION := aaaabbbbb1234
 
-LDFLAGS := -ldflags="-s -w -X \"github.com/dnitsch/aws-cli-auth/cmd.Version=$(VERSION)\" -X \"github.com/dnitsch/aws-cli-auth/cmd.Revision=$(REVISION)\" -extldflags -static"
+LDFLAGS := -ldflags="-s -w -X \"github.com/$(OWNER)/$(NAME)/cmd.Version=$(VERSION)\" -X \"github.com/$(OWNER)/$(NAME)/cmd.Revision=$(REVISION)\" -extldflags -static"
 
 .PHONY: test test_ci tidy install buildprep build buildmac buildwin
 
@@ -33,17 +34,24 @@ clean:
 	rm -rf vendor/*
 
 .PHONY: cross-build
+
 cross-build:
 	for os in darwin linux windows; do \
-	    [ $$os = "windows" ] && EXT=".exe"; \
-		GOOS=$$os CGO_ENABLED=0 go build -a -tags netgo -installsuffix netgo $(LDFLAGS) -o dist/$(NAME)-$$os$$EXT .; \
+		GOOS=$$os CGO_ENABLED=0 go build -mod=readonly -buildvcs=false $(LDFLAGS) -o dist/$(NAME)-$$os .; \
 	done
 
-release: cross-build
-	git tag $(VERSION)
-	git push origin $(VERSION)
+release:
 	OWNER=$(OWNER) NAME=$(NAME) PAT=$(PAT) VERSION=$(VERSION) . hack/release.sh 
 
+tag: 
+	git tag -a $(VERSION) -m "ci tag release" $(REVISION)
+	git push origin $(VERSION)
+
+tagbuildrelease: tag cross-build release
+
+show_coverage: test
+	go tool cover -html=.coverage/out
+
 .PHONY: deps
 deps:
 	GO111MODULE=on go mod vendor
@@ -56,5 +64,3 @@ dist:
 	$(DIST_DIRS) tar -zcf $(NAME)-$(VERSION)-{}.tar.gz {} \; && \
 	$(DIST_DIRS) zip -r $(NAME)-$(VERSION)-{}.zip {} \; && \
 	cd ..
-
-

README.md

@@ -1,6 +1,12 @@
+[![Go Report Card](https://goreportcard.com/badge/github.com/dnitsch/aws-cli-auth)](https://goreportcard.com/report/github.com/dnitsch/aws-cli-auth)
+[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dnitsch_aws-cli-auth&metric=bugs)](https://sonarcloud.io/summary/new_code?id=dnitsch_aws-cli-auth)
+[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=dnitsch_aws-cli-auth&metric=sqale_index)](https://sonarcloud.io/summary/new_code?id=dnitsch_aws-cli-auth)
+[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=dnitsch_aws-cli-auth&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=dnitsch_aws-cli-auth)
+[![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=dnitsch_aws-cli-auth&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=dnitsch_aws-cli-auth)
+[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=dnitsch_aws-cli-auth&metric=coverage)](https://sonarcloud.io/summary/new_code?id=dnitsch_aws-cli-auth)
+
 # aws-cli-auth
 
-[![Go Report Card](https://goreportcard.com/badge/github.com/dnitsch/aws-cli-auth)](https://goreportcard.com/report/github.com/dnitsch/aws-cli-auth)
 
 CLI tool for retrieving AWS temporary credentials using SAML providers.
 

cmd/root.go

@@ -9,6 +9,11 @@ import (
 	"github.com/spf13/cobra"
 )
 
+var (
+	Version  string = "0.0.1"
+	Revision string = "1111aaaa"
+)
+
 var (
 	cfgSectionName     string
 	storeInProfile     bool
@@ -20,6 +25,7 @@ var (
 		Long: `CLI tool for retrieving AWS temporary credentials using SAML providers, or specified method of retrieval - i.e. force AWS_WEB_IDENTITY.
 Useful in situations like CI jobs or containers where multiple env vars might be present.
 Stores them under the $HOME/.aws/credentials file under a specified path or returns the crednetial_process payload for use in config`,
+		Version: fmt.Sprintf("%s-%s", Version, Revision),
 	}
 )
 

go.mod

@@ -1,38 +1,40 @@
 module github.com/dnitsch/aws-cli-auth
 
-go 1.18
+go 1.20
 
 require (
-	github.com/aws/aws-sdk-go v1.44.62
+	github.com/aws/aws-sdk-go v1.46.3
 	github.com/mitchellh/go-ps v1.0.0
 	github.com/pkg/errors v0.9.1
-	github.com/spf13/cobra v1.5.0
+	github.com/spf13/cobra v1.7.0
 	// github.com/spf13/viper v1.10.1
-	github.com/zalando/go-keyring v0.2.1
+	github.com/zalando/go-keyring v0.2.3
 )
 
 require (
-	github.com/alessio/shellescape v1.4.1 // indirect
-	github.com/danieljoos/wincred v1.1.2 // indirect
+	github.com/alessio/shellescape v1.4.2 // indirect
+	github.com/danieljoos/wincred v1.2.0 // indirect
 	github.com/godbus/dbus/v5 v5.1.0 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
-	github.com/google/uuid v1.3.0 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/google/uuid v1.3.1 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	github.com/ysmood/fetchup v0.2.3 // indirect
 	github.com/ysmood/goob v0.4.0 // indirect
-	github.com/ysmood/gson v0.7.2 // indirect
+	github.com/ysmood/got v0.34.1 // indirect
+	github.com/ysmood/gson v0.7.3 // indirect
 	github.com/ysmood/leakless v0.8.0 // indirect
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect
+	golang.org/x/crypto v0.14.0 // indirect
 )
 
 require (
-	github.com/go-rod/rod v0.108.1
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/go-rod/rod v0.114.4
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
-	github.com/rs/zerolog v1.27.0
+	github.com/rs/zerolog v1.31.0
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/werf/lockgate v0.0.0-20211004100849-f85d5325b201
-	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
-	gopkg.in/ini.v1 v1.66.6
+	github.com/werf/lockgate v0.1.1
+	golang.org/x/sys v0.13.0 // indirect
+	gopkg.in/ini.v1 v1.67.0
 )