Bugfix/infra 2359 fix filename

.github/workflows/actions.yml

@@ -11,16 +11,16 @@ jobs:
 
     steps:
     - name: Set up Go
-      uses: actions/setup-go@v3
+      uses: actions/setup-go@v4
       with:
-        go-version: 1.21
+        go-version: 'stable'
 
     - name: checkout repo
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: read version file
       id: getversion
-      run: echo "::set-output name=version::$(make version)"
+      run: echo "version=$(make version)" >> $GITHUB_OUTPUT
 
     - name: Build tar files
       run: make dist

.github/workflows/auto-update.yml

@@ -0,0 +1,42 @@
+name: Security Updates Workflow
+
+on:
+  schedule:
+    - cron: '0 12 1-7 1,4,7,10 1' # first monday every January, April, July and October
+
+jobs:
+  security_updates:
+    name: Run dependency updates and create PR
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Determine current year and quarter
+        id: vars
+        run: |
+          YEAR=$(date +%Y)
+          QUARTER=$(( ($(date +%-m)-1)/3+1 ))
+
+          echo "year=$YEAR" >> $GITHUB_OUTPUT
+          echo "quarter=$QUARTER" >> $GITHUB_OUTPUT
+          echo "year_quarter=${YEAR}Q${QUARTER}" >> $GITHUB_OUTPUT
+
+      - name: Execute make update
+        run: make update
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v5
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          commit-message: "Update dependencies for ${{ steps.vars.outputs.year_quarter }}"
+          title: "Security Updates ${{ steps.vars.outputs.year_quarter }}"
+          body: "Automated pull request created by GitHub Actions."
+          branch: "feature/security-updates-${{ steps.vars.outputs.year_quarter }}"
+          delete-branch: true
+          reviewers: |
+            rtuk
+            TheM1984
+            Lveltmaat
+          draft: false

CHANGELOG.md

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) with the minor change that we use a prefix instead of grouping.
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.10.0] - 2024-01-10
+- Security: updated the dependencies in Github actions
+- Added: Github action to have an automatically dependency check
+- Fixed: make dist-check was skipped because of missing branch variable
+- Fixed: added filename with the build folder
+- Changed: moved away from deprecated Github actions
+
 ## [1.9.0] - 2024-01-09
 - Changed: updated makefile to a more generic one
 - Fixed: minor issues stated from the new make update, eg replaced deprecated ioutils

Makefile

@@ -64,16 +64,16 @@ build:
 		for target in $(TARGETS); do \
 			os=$$(echo $$target | cut -d/ -f1); \
 			arch=$$(echo $$target | cut -d/ -f2); \
-			GOOS=$$os GOARCH=$$arch $(GO) build $(GO_LDFLAGS) -o $(BUILD_DIR)/$(VERSION)-$$os-$$arch/ $(PACKAGES); \
+			GOOS=$$os GOARCH=$$arch $(GO) build $(GO_LDFLAGS) -o $(BUILD_DIR)/$(APPNAME)-$(VERSION)-$$os-$$arch/ $(PACKAGES); \
 		done; \
 	else \
 		echo "No building required, module does not contain the 'main' package."; \
     fi
 
 .PHONY: dist-check
 dist-check:
-ifneq (,$(filter $(bamboo_planRepository_branchName),release/acceptance master))
-	@echo "Performing dist check for: $(bamboo_planRepository_branchName)"
+ifneq (,$(filter ${GITHUB_REF\#refs/heads/},release/acceptance master))
+	@echo "Performing dist check for: ${GITHUB_REF\#refs/heads/}"
 
 	@if ! test -z "$$(sed -E -n '/(upcoming|unreleased)/I,/##/p' changelog.md | sed '1d;$$d' | sed 's/[[:space:]-]//g')"; then \
 		echo "Error: cannot generate dist, changelog.md must not contain unreleased lines."; \
@@ -104,7 +104,7 @@ dist-create:
 		for target in $(TARGETS); do \
 			os=$$(echo $$target | cut -d/ -f1); \
 			arch=$$(echo $$target | cut -d/ -f2); \
-			tar -C $(BUILD_DIR) -cvzf $(DIST_DIR)/$(APPNAME)-$(VERSION)-$$os-$$arch.tar.gz $(VERSION)-$$os-$$arch; \
+			tar -C $(BUILD_DIR) -cvzf $(DIST_DIR)/$(APPNAME)-$(VERSION)-$$os-$$arch.tar.gz $(APPNAME)-$(VERSION)-$$os-$$arch; \
 		done; \
 	fi
 

README.md

@@ -272,7 +272,8 @@ If you want to contribute to this project please follow these guidelines:
 - Changes should be reflected into the [CHANGELOG.md](CHANGELOG.md)
 
 The maintainers
-- Bump the [VERSION](VERSION) file if a release is needed
+- Version is derived from the [CHANGELOG.md](CHANGELOG.md) using the last non-upcoming header (##)
+- Use `make update` to automatically update dependencies and add a line in the [CHANGELOG.md](CHANGELOG.md)
 
 ### Building
 
@@ -286,16 +287,29 @@ make
 
 This creates a binary in the `./build` folder. Look at the [Build options section](#Build%20options) for more build options.
 
-#### Build options
-
-target  | description
---------|------------
-all     | execute `test` and `build` target
-build   | use `go build` to create binary for current GOARCH and GOOS in `./build`
-test    | use `go test` to execute the unit test and create a coverage report `./build/test-coverage.out`
-clean   | clean the build directory
-compile | build the script for FreeBDS, Linux, MacOS, and Windows in `./build`
-dist    | execute `clean` and `compile` targets, and create tar.gz files in `./dist`
+#### Make options
+
+The targets used by default are:
+- freebsd/amd64
+- darwin/amd64
+- darwin/arm64
+- linux/amd64
+- linux/arm64
+- windows/amd64
+
+Use `make <command> TARGETS=<os>/<arch>` to execute make with your own OS and Architecture, e.g. `make build TARGETS=freebsd/arm64`.
+
+target      | description
+------------|------------
+version     | retrieve and display the version from the [CHANGELOG.md](CHANGELOG.md)
+test        | use `go test` to execute the unit test and create a coverage report `./build/test-coverage.out`
+build       | build the binary for every OS and Arch stated
+dist-check  | validations performed to see if the codebase is ready for a release, on default this will skipped unless performed on the acceptance or master branch
+dist-create | create tar.gz files in `./dist` for all targets using the binaries from `./build`
+dist        | perform a clean, dist-check build and dist-create
+update-dependencies | update go version and update dependencies, makes sure everything is tiday, and add a line to the changelog
+update      | perform a clean, update-dependencies and a test
+clean       | clean the build and dist directories
 
 ### TODO