Merge pull request #64 from RafalSalwa/feat/module-rename

renamed and updated packages used in repo

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "gomod" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

.github/workflows/codacy.yml

@@ -0,0 +1,46 @@
+name: Codacy Security Scan
+
+on:
+  push:
+  pull_request:
+    branches: [ "1.x" ]
+  schedule:
+    - cron: '19 16 * * 2'
+
+permissions:
+  contents: read
+
+jobs:
+  codacy-security-scan:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
+        with:
+          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
+          # You can also omit the token and run the tools that support default configurations
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: results.sarif
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will handover control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: results.sarif

.github/workflows/codeql.yml

@@ -1,8 +1,9 @@
-name: "Code scanning - action"
+name: "Code QL scanning"
 
 on:
   push:
   pull_request:
+    branches: [ "1.x" ]
   schedule:
     - cron: '0 10 * * 6'
 

.github/workflows/golangci-lint.yml

@@ -0,0 +1,22 @@
+name: golangci-lint
+on:
+  push:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v5
+        with:
+          version: v1.57

.github/workflows/gosec.yml

@@ -1,10 +1,8 @@
-name: Run Gosec
+name: "Gosec Scan"
 on:
   push:
-    branches:
   pull_request:
-    branches:
-      - master
+    branches: [ "1.x" ]
 jobs:
   gosec:
     name: "gosec"

.github/workflows/reviewdog.yml

@@ -1,8 +1,6 @@
-name: reviewdog
+name: "reviewdog Scan"
 on:
   push:
-    branches:
-      - master
   pull_request:
 
 jobs:
@@ -16,37 +14,24 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: actions/setup-go@v5
+      - uses: WillAbides/setup-go-faster@v1.14.0
         with:
           go-version-file: "go.mod"
 
       - name: Install linters
         run: go install golang.org/x/lint/golint@latest
 
       - name: Setup reviewdog
-        # uses: reviewdog/action-setup@v1
-        run: |
-          go install ./cmd/reviewdog
+        uses: reviewdog/action-setup@v1
+        with:
+          reviewdog_version: latest
 
       - name: Run reviewdog
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           golint ./... | reviewdog -f=golint -name=golint-github-check -reporter=github-check -level=warning
 
-      - name: Run reviewdog with sub-dir (github-check)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd ./_testdata/ && golint ./... | reviewdog -f=golint -name=golint-check-subdir -reporter=github-check -level=info -filter-mode=nofilter
-
-      - name: Custom rdjson test (github-check)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cat ./_testdata/custom_rdjson.json | \
-            reviewdog -name="custom-rdjson" -f=rdjson -reporter=github-check -level=info
-
   reviewdog-pr:
     permissions:
       checks: write
@@ -58,17 +43,17 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: actions/setup-go@v5
+      - uses: WillAbides/setup-go-faster@v1.14.0
         with:
           go-version-file: "go.mod"
 
       - name: Install linters
         run: go install golang.org/x/lint/golint@latest
 
       - name: Setup reviewdog
-        # uses: reviewdog/action-setup@v1
-        run: |
-          go install ./cmd/reviewdog
+        uses: reviewdog/action-setup@v1
+        with:
+          reviewdog_version: latest
 
       - name: Run reviewdog (github-pr-check)
         continue-on-error: true
@@ -81,32 +66,9 @@ jobs:
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          # Remove Go Problem Matchers [1] as it reports duplicate results with
-          # reviewdog.
-          # [1]: https://github.com/actions/toolkit/blob/master/docs/commands.md#problem-matchers
           echo "::remove-matcher owner=go::"
           golint ./... | reviewdog -f=golint -name=golint-pr-review -reporter=github-pr-review -tee
 
-      - name: Run reviewdog with sub-dir (github-pr-review)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd ./_testdata/ && golint ./... | reviewdog -f=golint -name=golint-pr-review-subdir -reporter=github-pr-review -tee
-
-      - name: Run reviewdog with sub-dir (local+fail-on-error)
-        run: |
-          echo 'var LocalTest = 14' >> ./_testdata/golint.go
-          cd ./_testdata/ && golint ./... | reviewdog -f=golint -diff="git diff" -fail-on-error || EXIT_CODE=$?
-          git reset --hard @
-          test "${EXIT_CODE}" = 1
-
-      - name: Run reviewdog (github-pr-check with fail-on-error)
-        continue-on-error: true
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd ./_testdata/ && golint ./... | reviewdog -f=golint -name=golint-pr-check-fail-on-error -reporter=github-pr-check -fail-on-error
-
       - name: Run reviewdog (github-pr-check with -filter-mode=file)
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -117,42 +79,9 @@ jobs:
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          cd ./_testdata/ && golint ./... | reviewdog -f=golint -name=golint-pr-review-nofilter -reporter=github-pr-review -filter-mode=nofilter -fail-on-error || EXIT_CODE=$?
+          reviewdog -f=golint -name=golint-pr-review-nofilter -reporter=github-pr-review -filter-mode=nofilter -fail-on-error || EXIT_CODE=$?
           test "${EXIT_CODE}" = 1
 
-      - name: Unexpected failure (github-pr-review)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd ./_testdata/ && reviewdog -conf=reviewdog_error.yml \
-            -reporter=github-pr-review || EXIT_CODE=$?
-          test "${EXIT_CODE}" = 1
-      - name: Unexpected failure (github-check)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd ./_testdata/ && reviewdog -conf=reviewdog_error.yml \
-            -reporter=github-check || EXIT_CODE=$?
-          test "${EXIT_CODE}" = 1
-      - name: Unexpected failure (local)
-        run: |
-          cd ./_testdata/ && reviewdog -conf=reviewdog_error.yml \
-            -reporter=local -diff='git diff master' || EXIT_CODE=$?
-          test "${EXIT_CODE}" = 1
-      - name: Suggestion (rdjsonl)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cat ./_testdata/suggestions.json | \
-            reviewdog -name="suggestion-test" -f=rdjsonl -reporter=github-pr-review
-
-      - name: Custom rdjsonl test (github-pr-review)
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cat ./_testdata/custom_rdjson.json | \
-            reviewdog -name="custom-rdjson" -f=rdjson -reporter=github-pr-review
-
       - name: gofmt -s with reviewdog
         env:
           REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -208,6 +137,10 @@ jobs:
           github_token: ${{ secrets.github_token }}
           locale: "US"
           reporter: github-check
+          path: |
+            cmd
+            pkg
+            templates
 
   languagetool:
     name: runner / languagetool
@@ -243,32 +176,4 @@ jobs:
         with:
           github_token: ${{ secrets.github_token }}
           reporter: github-check
-          level: info
-
-  textlint:
-    name: runner / textlint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: reviewdog/action-setup@v1
-      - run: npm install
-      - name: textlint
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          npx textlint -f checkstyle README.md | \
-            reviewdog -f=checkstyle -name="textlint" -reporter=github-check -level=info
-
-  sarif:
-    name: runner / textlint sarif
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: reviewdog/action-setup@v1
-      - run: npm install
-      - name: textlint sarif
-        env:
-          REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          npx textlint -f @microsoft/eslint-formatter-sarif README.md | \
-            reviewdog -f=sarif -name="textlint" -reporter=github-check -level=info
+          level: info

.github/workflows/sonarcloud.yml

@@ -0,0 +1,40 @@
+name: SonarCloud analysis
+
+on:
+  push:
+  pull_request:
+    branches: [ "1.x" ]
+  workflow_dispatch:
+
+permissions:
+  pull-requests: read # allows SonarCloud to decorate PRs with analysis results
+
+jobs:
+  Analysis:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: "Checkout"
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: WillAbides/setup-go-faster@v1.14.0
+        with:
+          go-version: "1.22.x"
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v5
+        with:
+          version: v1.57
+      - name: Prepare analysis
+        run: |
+          make test_unit
+          go vet -json ./... > go_vet.json
+      - name: Analyze with SonarCloud
+        uses: sonarsource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
+        with:
+          args:
+            -Dsonar.projectKey=RafalSalwa_auth-api
+            -Dsonar.organization=rafalsalwa