coverage

JamesWoolfenden · Sep 21, 2023 · 8bdd5a9 · 8bdd5a9
1 parent 70afa3a
commit 8bdd5a9
Show file tree

Hide file tree

Showing 13 changed files with 197 additions and 64 deletions.
diff --git a/.checkov.yaml b/.checkov.yaml
@@ -0,0 +1,24 @@
+block-list-secret-scan: []
+branch: master
+directory:
+- .
+download-external-modules: false
+evaluate-variables: true
+external-modules-download-path: .external_modules
+framework:
+- secrets
+- dockerfile
+- github_configuration
+- github_actions
+- json
+- yaml
+- sca_package
+- sca_image
+mask: []
+secrets-history-timeout: 12h
+secrets-scan-file-type: []
+skip-path:
+- terraform
+- venv
+- examples
+summary-position: top
diff --git a/.depguard.yml b/.depguard.yml
@@ -6,29 +6,32 @@
     ],
     "allow": [
       "$gostd",
-      "github.com/gobeam/stringy",
-      "github.com/awslabs/goformation/v7/cloudformation/tags",
       "github.com/awslabs/goformation/v7/cloudformation",
-      "github.com/rs/zerolog/log",
-      "sato/src/arm",
-      "sato/src/cf",
-      "sato/src/see",
-      "sato/tests/utils",
-      "github.com/rs/zerolog",
-      "github.com/rs/zerolog/log",
-      "github.com/urfave/cli/v2",
+      "github.com/awslabs/goformation/v7/cloudformation/tags",
       "github.com/go-git/go-git/v5",
       "github.com/go-git/go-git/v5/plumbing",
+      "github.com/gobeam/stringy",
       "github.com/hashicorp/hc-install/product",
       "github.com/hashicorp/hc-install/releases",
       "github.com/hashicorp/terraform-exec/tfexec",
+      "github.com/rs/zerolog",
       "github.com/rs/zerolog/log",
+      "github.com/stretchr/testify/assert",
+      "github.com/urfave/cli/v2",
+      "sato/src/arm",
+      "sato/src/cf",
+      "sato/src/see",
+      "sato/tests/utils",
     ],
   },
   "tests": {
     "files": [
       "$test",
     ],
+    "allow":[
+      "sato/src/cf",
+      "sato/src/arm",
+    ],
     "deny": {
     }
   }

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -13,7 +13,7 @@ jobs:
       ## this will contain a matrix of all the combinations
       ## we wish to test again:
       matrix:
-        go-version: [1.20.x]
+        go-version: [1.21.x]
         platform: [ubuntu-latest, macos-latest, windows-latest]
 
     ## Defines the platform for each test run
@@ -30,7 +30,7 @@ jobs:
 
     ## checks out our code locally, so we can work with the files
     - name: Checkout code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
     ## runs go test ./...
     - name: Build

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -39,11 +39,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@f9a7c6738f28efb36e31d49c53a201a9c5d6a476 # codeql-bundle-v2.14.2
+      uses: github/codeql-action/init@e4262713b504983e61c7728f5452be240d9385a7 # codeql-bundle-v2.14.3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -57,7 +57,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@f9a7c6738f28efb36e31d49c53a201a9c5d6a476 # codeql-bundle-v2.14.2
+      uses: github/codeql-action/autobuild@e4262713b504983e61c7728f5452be240d9385a7 # codeql-bundle-v2.14.3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -70,4 +70,4 @@ jobs:
     #   ./location_of_script_within_repo/buildscript.sh
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@f9a7c6738f28efb36e31d49c53a201a9c5d6a476 # codeql-bundle-v2.14.2
+      uses: github/codeql-action/analyze@e4262713b504983e61c7728f5452be240d9385a7 # codeql-bundle-v2.14.3
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -6,11 +6,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
-        go-version: 1.20.x
+        go-version: 1.21.x
     - name: Restore cache
       uses: actions/cache@f5ce41475b483ad7581884324a6eca9f48f8dcc7 # v1.2.1
       with:
@@ -23,12 +23,12 @@ jobs:
   test:
     strategy:
       matrix:
-        go-version: [1.20.x]
+        go-version: [1.21.x]
         platform: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.platform }}
     steps:
     - name: Checkout code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
@@ -46,8 +46,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
-        go-version: 1.20.x
+        go-version: 1.21.x
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -11,21 +11,21 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
       - name: Unshallow
         run: git fetch --prune --unshallow
       - name: Set up Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
-          go-version: 1.19
+          go-version: 1.21
       - name: Import GPG key
         id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@72b6676b71ab476b77e676928516f6982eef7a41 # v5.3.0
+        uses: crazy-max/ghaction-import-gpg@d6f3f49f3345e29369fe57596a3ca8f94c4d2ca7 # v5.4.0
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.PASSPHRASE }}
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@3fa32b8bb5620a2c1afe798654bbad59f9da4906 # v4.4.0
+        uses: goreleaser/goreleaser-action@5fdedb94abba051217030cc86d4523cf3f02243d # v4.6.0
         with:
           version: latest
           args: release --clean
@@ -41,7 +41,7 @@ jobs:
     needs:
       - goreleaser
     steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
       - name: Publish to Registry
         uses: elgohr/Publish-Docker-Github-Action@219613003b08f4d049f34cb56c92e84345e1bb3f # v5
         with:
@@ -64,7 +64,7 @@ jobs:
       - goreleaser
     steps:
       - name: Repository Dispatch
-        uses: peter-evans/repository-dispatch@26b39ed245ab8f31526069329e112ab2fb224588 # v2.1.1
+        uses: peter-evans/repository-dispatch@bf47d102fdb849e755b0b0023ea3e81a44b6f570 # v2.1.2
         with:
           token: ${{ secrets.PAT }}
           repository: jameswoolfenden/scoop

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -30,7 +30,7 @@ repos:
     hooks:
       - id: shell-lint
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.35.0
+    rev: v0.36.0
     hooks:
       - # noinspection SpellCheckingInspection
         id: markdownlint
@@ -58,13 +58,13 @@ repos:
     hooks:
       - id: golangci-lint
   - repo: https://github.com/bridgecrewio/checkov
-    rev: 2.4.18
+    rev: 2.4.47
     hooks:
       - id: checkov
         language_version: python3.11
         args: ["-d", "."]
   - repo: https://github.com/jameswoolfenden/ghat
-    rev: v0.0.24
+    rev: v0.1.0
     hooks:
       - id: ghat-go
         name: ghat

diff --git a/go.mod b/go.mod
@@ -1,17 +1,17 @@
 module sato
 
-go 1.20
+go 1.21
 
 require (
-	github.com/awslabs/goformation/v7 v7.7.10
+	github.com/awslabs/goformation/v7 v7.12.3
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/gobeam/stringy v0.0.6
 	github.com/hashicorp/hc-install v0.4.0
 	github.com/hashicorp/terraform-exec v0.17.3
-	github.com/rs/zerolog v1.29.1
+	github.com/rs/zerolog v1.30.0
 	github.com/stretchr/testify v1.7.0
-	github.com/urfave/cli/v2 v2.25.5
-	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1
+	github.com/urfave/cli/v2 v2.25.7
+	golang.org/x/exp v0.0.0-20230905200255-921286631fa9
 )
 
 require (
@@ -38,10 +38,10 @@ require (
 	github.com/xanzy/ssh-agent v0.3.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	github.com/zclconf/go-cty v1.11.0 // indirect
-	golang.org/x/crypto v0.1.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.9.0 // indirect
+	golang.org/x/crypto v0.12.0 // indirect
+	golang.org/x/net v0.14.0 // indirect
+	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/text v0.12.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )