diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000..d032fdb --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,14 @@ +version: 2.1 + +orbs: + architect: giantswarm/architect@4.33.0 + +workflows: + test: + jobs: + - architect/go-test: + name: go-test + filters: + # Trigger job also on git tag. + tags: + only: /^v.*/ diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..39cced9 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,21 @@ +### What does this PR do? + +(Please set a descriptive PR title. Use this space for additional explanations.) + +### What is the effect of this change to users? + +### How does it look like? + +(Please add anything that represents the change visually. Screenshots, output, logs, ...) + +### Any background context you can provide? + +(Please link public issues or summarize if not public.) + +### What is needed from the reviewers? + +### Do the docs need to be updated? + +### Should this change be mentioned in the release notes? + +- [ ] CHANGELOG.md has been updated (if it exists) diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml new file mode 100644 index 0000000..4a2db90 --- /dev/null +++ b/.github/workflows/zz_generated.add-team-labels.yaml @@ -0,0 +1,53 @@ +name: Add appropriate labels to issue + +on: + issues: + types: [assigned] + +jobs: + build_user_list: + name: Get yaml config of GS users + runs-on: ubuntu-latest + steps: + - name: Get user-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/users.yaml \ + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: users + path: artifacts/users.yaml + retention-days: 1 + + add_label: + name: Add team label when assigned + runs-on: ubuntu-latest + needs: build_user_list + steps: + - uses: actions/download-artifact@v3 + id: download-users + with: + name: users + - name: Find team label based on user names + run: | + event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') + echo "Issue assigned to: ${event_assignee}" + + TEAMS=$(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.teams" -o csv | tr ',' ' ') + + echo "LABEL<> $GITHUB_ENV + for team in ${TEAMS}; do + echo "Team: ${team} | Label: team/${team}" + echo "team/${team}" >> $GITHUB_ENV + done + echo "EOF" >> $GITHUB_ENV + - name: Apply label to issue + if: ${{ env.LABEL != '' && env.LABEL != 'null' && env.LABEL != null }} + uses: actions-ecosystem/action-add-labels@v1 + with: + github_token: ${{ secrets.ISSUE_AUTOMATION }} + labels: | + ${{ env.LABEL }} diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml new file mode 100644 index 0000000..ae6b398 --- /dev/null +++ b/.github/workflows/zz_generated.add-to-project-board.yaml @@ -0,0 +1,89 @@ +name: Add Issue to Project when assigned + +on: + issues: + types: + - assigned + - labeled + +jobs: + build_user_list: + name: Get yaml config of GS users + runs-on: ubuntu-latest + steps: + - name: Get user-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/users.yaml \ + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: users + path: artifacts/users.yaml + retention-days: 1 + - name: Get label-mapping + run: | + mkdir -p artifacts + wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ + -O artifacts/labels.yaml \ + https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/label-mapping.yaml + - name: Upload Artifact + uses: actions/upload-artifact@v3 + with: + name: labels + path: artifacts/labels.yaml + retention-days: 1 + + add_to_personal_board: + name: Add issue to personal board + runs-on: ubuntu-latest + needs: build_user_list + if: github.event.action == 'assigned' + steps: + - uses: actions/download-artifact@v3 + id: download-users + with: + name: users + - name: Find personal board based on user names + run: | + event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') + echo "Issue assigned to: ${event_assignee}" + + BOARD=($(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.personalboard")) + echo "Personal board URL: ${BOARD}" + + echo "BOARD=${BOARD}" >> $GITHUB_ENV + - name: Add issue to personal board + if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} + uses: actions/add-to-project@main + with: + project-url: ${{ env.BOARD }} + github-token: ${{ secrets.ISSUE_AUTOMATION }} + + add_to_team_board: + name: Add issue to team board + runs-on: ubuntu-latest + needs: build_user_list + if: github.event.action == 'labeled' + steps: + - uses: actions/download-artifact@v3 + id: download-labels + with: + name: labels + - name: Find team board based on label + run: | + event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label.name | tr '[:upper:]' '[:lower:]') + echo "Issue labelled with: ${event_label}" + + BOARD=($(cat ${{steps.download-labels.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".[\"${event_label}\"].projectboard")) + echo "Team board URL: ${BOARD}" + + echo "BOARD=${BOARD}" >> $GITHUB_ENV + - name: Add issue to team board + if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} + uses: actions/add-to-project@main + with: + project-url: ${{ env.BOARD }} + github-token: ${{ secrets.ISSUE_AUTOMATION }} diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml new file mode 100644 index 0000000..2df0ad9 --- /dev/null +++ b/.github/workflows/zz_generated.create_release.yaml @@ -0,0 +1,253 @@ +# DO NOT EDIT. Generated with: +# +# devctl@6.14.0 +# +name: Create Release +on: + push: + branches: + - 'legacy' + - 'main' + - 'master' + - 'release-v*.*.x' + # "!" negates previous positive patterns so it has to be at the end. + - '!release-v*.x.x' +jobs: + debug_info: + name: Debug info + runs-on: ubuntu-22.04 + steps: + - name: Print github context JSON + run: | + cat <> $GITHUB_OUTPUT + - name: Checkout code + if: ${{ steps.get_version.outputs.version != '' }} + uses: actions/checkout@v4 + - name: Get project.go path + id: get_project_go_path + if: ${{ steps.get_version.outputs.version != '' }} + run: | + path='./pkg/project/project.go' + if [[ ! -f $path ]] ; then + path='' + fi + echo "path=\"$path\"" + echo "path=${path}" >> $GITHUB_OUTPUT + - name: Check if reference version + id: ref_version + run: | + title="$(cat <<- 'COMMIT_MESSAGE_END' | head -n 1 - + ${{ github.event.head_commit.message }} + COMMIT_MESSAGE_END + )" + if echo "${title}" | grep -qE '^release v[0-9]+\.[0-9]+\.[0-9]+([.-][^ .-][^ ]*)?( \(#[0-9]+\))?$' ; then + version=$(echo "${title}" | cut -d ' ' -f 2) + fi + version=$(echo "${title}" | cut -d ' ' -f 2) + version="${version#v}" # Strip "v" prefix. + refversion=false + if [[ "${version}" =~ ^[0-9]+.[0-9]+.[0-9]+-[0-9]+$ ]]; then + refversion=true + fi + echo "refversion =\"${refversion}\"" + echo "refversion=${refversion}" >> $GITHUB_OUTPUT + update_project_go: + name: Update project.go + runs-on: ubuntu-22.04 + if: ${{ needs.gather_facts.outputs.version != '' && needs.gather_facts.outputs.project_go_path != '' && needs.gather_facts.outputs.ref_version != 'true' }} + needs: + - gather_facts + steps: + - name: Install architect + uses: giantswarm/install-binary-action@v1.1.0 + with: + binary: "architect" + version: "6.11.0" + - name: Install semver + uses: giantswarm/install-binary-action@v1.1.0 + with: + binary: "semver" + version: "3.2.0" + download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz" + tarball_binary_path: "*/src/${binary}" + smoke_test: "${binary} --version" + - name: Checkout code + uses: actions/checkout@v4 + - name: Update project.go + id: update_project_go + env: + branch: "${{ github.ref }}-version-bump" + run: | + git checkout -b ${{ env.branch }} + file="${{ needs.gather_facts.outputs.project_go_path }}" + version="${{ needs.gather_facts.outputs.version }}" + new_version="$(semver bump patch $version)-dev" + echo "version=\"$version\" new_version=\"$new_version\"" + echo "new_version=${new_version}" >> $GITHUB_OUTPUT + sed -Ei "s/(version[[:space:]]*=[[:space:]]*)\"${version}\"/\1\"${new_version}\"/" $file + if git diff --exit-code $file ; then + echo "error: no changes in \"$file\"" >&2 + exit 1 + fi + - name: Set up git identity + run: | + git config --local user.email "dev@giantswarm.io" + git config --local user.name "taylorbot" + - name: Commit changes + run: | + file="${{ needs.gather_facts.outputs.project_go_path }}" + git add $file + git commit -m "Bump version to ${{ steps.update_project_go.outputs.new_version }}" + - name: Push changes + env: + REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" + branch: "${{ github.ref }}-version-bump" + run: | + git push "${REMOTE_REPO}" HEAD:${{ env.branch }} + - name: Create PR + env: + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" + base: "${{ github.ref }}" + branch: "${{ github.ref }}-version-bump" + version: "${{ needs.gather_facts.outputs.version }}" + title: "Bump version to ${{ steps.update_project_go.outputs.new_version }}" + run: | + gh pr create --title "${{ env.title }}" --body "" --base ${{ env.base }} --head ${{ env.branch }} --reviewer ${{ github.actor }} + create_release: + name: Create release + runs-on: ubuntu-22.04 + needs: + - gather_facts + if: ${{ needs.gather_facts.outputs.version }} + outputs: + upload_url: ${{ steps.create_gh_release.outputs.upload_url }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.sha }} + - name: Ensure correct version in project.go + if: ${{ needs.gather_facts.outputs.project_go_path != '' && needs.gather_facts.outputs.ref_version != 'true' }} + run: | + file="${{ needs.gather_facts.outputs.project_go_path }}" + version="${{ needs.gather_facts.outputs.version }}" + grep -qE "version[[:space:]]*=[[:space:]]*\"$version\"" $file + - name: Get Changelog Entry + id: changelog_reader + uses: mindsers/changelog-reader-action@v2 + with: + version: ${{ needs.gather_facts.outputs.version }} + path: ./CHANGELOG.md + - name: Set up git identity + run: | + git config --local user.email "dev@giantswarm.io" + git config --local user.name "taylorbot" + - name: Create tag + run: | + version="${{ needs.gather_facts.outputs.version }}" + git tag "v$version" ${{ github.sha }} + - name: Push tag + env: + REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" + run: | + git push "${REMOTE_REPO}" --tags + - name: Create release + id: create_gh_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" + with: + body: ${{ steps.changelog_reader.outputs.changes }} + tag_name: "v${{ needs.gather_facts.outputs.version }}" + release_name: "v${{ needs.gather_facts.outputs.version }}" + + create-release-branch: + name: Create release branch + runs-on: ubuntu-22.04 + needs: + - gather_facts + if: ${{ needs.gather_facts.outputs.version }} + steps: + - name: Install semver + uses: giantswarm/install-binary-action@v1.1.0 + with: + binary: "semver" + version: "3.0.0" + download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz" + tarball_binary_path: "*/src/${binary}" + smoke_test: "${binary} --version" + - name: Check out the repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Clone the whole history, not just the most recent commit. + - name: Fetch all tags and branches + run: "git fetch --all" + - name: Create long-lived release branch + run: | + current_version="${{ needs.gather_facts.outputs.version }}" + parent_version="$(git describe --tags --abbrev=0 HEAD^ || true)" + parent_version="${parent_version#v}" # Strip "v" prefix. + + if [[ -z "$parent_version" ]] ; then + echo "Unable to find a parent tag version. No branch to create." + exit 0 + fi + + echo "current_version=$current_version parent_version=$parent_version" + + current_major=$(semver get major $current_version) + current_minor=$(semver get minor $current_version) + parent_major=$(semver get major $parent_version) + parent_minor=$(semver get minor $parent_version) + echo "current_major=$current_major current_minor=$current_minor parent_major=$parent_major parent_minor=$parent_minor" + + if [[ $current_major -gt $parent_major ]] ; then + echo "Current tag is a new major version" + elif [[ $current_major -eq $parent_major ]] && [[ $current_minor -gt $parent_minor ]] ; then + echo "Current tag is a new minor version" + else + echo "Current tag is not a new major or minor version. Nothing to do here." + exit 0 + fi + + release_branch="release-v${parent_major}.${parent_minor}.x" + echo "release_branch=$release_branch" + + if git rev-parse --verify $release_branch ; then + echo "Release branch $release_branch already exists. Nothing to do here." + exit 0 + fi + + git branch $release_branch HEAD^ + git push origin $release_branch diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml new file mode 100644 index 0000000..40d9bb1 --- /dev/null +++ b/.github/workflows/zz_generated.create_release_pr.yaml @@ -0,0 +1,230 @@ +# DO NOT EDIT. Generated with: +# +# devctl@6.14.0 +# +name: Create Release PR +on: + push: + branches: + - 'legacy#release#v*.*.*' + - 'main#release#v*.*.*' + - 'main#release#major' + - 'main#release#minor' + - 'main#release#patch' + - 'master#release#v*.*.*' + - 'master#release#major' + - 'master#release#minor' + - 'master#release#patch' + - 'release#v*.*.*' + - 'release#major' + - 'release#minor' + - 'release#patch' + - 'release-v*.*.x#release#v*.*.*' + # "!" negates previous positive patterns so it has to be at the end. + - '!release-v*.x.x#release#v*.*.*' + workflow_call: + inputs: + branch: + required: true + type: string +jobs: + debug_info: + name: Debug info + runs-on: ubuntu-22.04 + steps: + - name: Print github context JSON + run: | + cat <> $GITHUB_OUTPUT + + head="${head#refs/heads/}" # Strip "refs/heads/" prefix. + if [[ $(echo "$head" | grep -o '#' | wc -l) -gt 1 ]]; then + base="$(echo $head | cut -d '#' -f 1)" + else + base="${{ github.event.base_ref }}" + fi + + base="${base#refs/heads/}" # Strip "refs/heads/" prefix. + + version="$(echo $head | awk -F# '{print $NF}')" + if [[ $version =~ ^major|minor|patch$ ]]; then + gh auth login --with-token <<<$(echo -n ${{ secrets.TAYLORBOT_GITHUB_ACTION }}) + gh_api_get_latest_release_version() + { + if ! version="$(gh api "repos/$1/releases/latest" --jq '.tag_name[1:] | split(".") | .[0], .[1], .[2]')" + then + case "$version" in + *Not\ Found*) echo Assuming v0.0.0, hooray first release! >&2 ; version="0 0 0" ;; + *) version="" ; return 1 ;; + esac + fi + echo "$version" + } + + version_parts=($(gh_api_get_latest_release_version "${{ github.repository }}")) + version_major=${version_parts[0]} + version_minor=${version_parts[1]} + version_patch=${version_parts[2]} + case ${version} in + patch) + version_patch=$((version_patch+1)) + ;; + minor) + version_minor=$((version_minor+1)) + version_patch=0 + ;; + major) + version_major=$((version_major+1)) + version_minor=0 + version_patch=0 + if [[ "${version_major}" != "1" ]]; then + echo "needs_major_bump=true" >> $GITHUB_OUTPUT + fi + ;; + *) + echo "Unknown Semver level provided" + exit 1 + ;; + esac + version="${version_major}.${version_minor}.${version_patch}" + else + version="${version#v}" # Strip "v" prefix. + version_major=$(echo "${version}" | cut -d "." -f 1) + version_minor=$(echo "${version}" | cut -d "." -f 2) + version_patch=$(echo "${version}" | cut -d "." -f 3) + # This will help us detect versions with suffixes as majors, i.e 3.0.0-alpha1. + # Even though it's a pre-release, it's still a major. + if [[ $version_minor = 0 && $version_patch =~ ^0.* && $version_major != 1 ]]; then + echo "needs_major_bump=true" >> $GITHUB_OUTPUT + fi + fi + repo_name="$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')" + echo "repo_name=\"$repo_name\" base=\"$base\" head=\"$head\" version=\"$version\"" + echo "repo_name=${repo_name}" >> $GITHUB_OUTPUT + echo "base=${base}" >> $GITHUB_OUTPUT + echo "head=${head}" >> $GITHUB_OUTPUT + echo "version=${version}" >> $GITHUB_OUTPUT + - name: Check if PR exists + id: pr_exists + env: + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" + run: | + head="${{ steps.gather_facts.outputs.branch }}" + branch="${head#refs/heads/}" # Strip "refs/heads/" prefix. + if gh pr view --repo "${{ github.repository }}" "${branch}" --json state --jq .state | grep -i 'open' > /dev/null; then + gh pr view --repo "${{ github.repository }}" "${branch}" + echo "skip=true" >> $GITHUB_OUTPUT + else + echo "skip=false" >> $GITHUB_OUTPUT + fi + create_release_pr: + name: Create release PR + runs-on: ubuntu-22.04 + needs: + - gather_facts + if: ${{ needs.gather_facts.outputs.skip != 'true' }} + env: + architect_flags: "--organisation ${{ github.repository_owner }} --project ${{ needs.gather_facts.outputs.repo_name }}" + steps: + - uses: actions/setup-go@v3 + with: + go-version: '=1.18.1' + - name: Install architect + uses: giantswarm/install-binary-action@v1.1.0 + with: + binary: "architect" + version: "6.11.0" + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ needs.gather_facts.outputs.branch }} + - name: Prepare release changes + run: | + architect prepare-release ${{ env.architect_flags }} --version "${{ needs.gather_facts.outputs.version }}" + - name: Update version field in Chart.yaml + run: | + # Define chart_dir + repository="${{ needs.gather_facts.outputs.repo_name }}" + chart="helm/${repository}" + + # Check chart directory. + if [ ! -d "${chart}" ] + then + echo "Could not find chart directory '${chart}', adding app suffix." + + # Add app suffix. + chart="helm/${repository}-app" + + # Check chart directory with app suffix. + if [ ! -d "${chart}" ] + then + echo "Could not find chart directory '${chart}', removing app suffix." + + # Remove app suffix. + chart="helm/${repository%-app}" + + if [ ! -d "${chart}" ] + then + # Print error. + echo "Could not find chart directory '${chart}', doing nothing." + fi + fi + fi + + # Define chart YAML. + chart_yaml="${chart}/Chart.yaml" + + # Check chart YAML. + if [ -f "${chart_yaml}" ] + then + # check if version in Chart.yaml is templated using architect + if [ $(grep -c "^version:.*\.Version.*$" "${chart_yaml}") = "0" ]; then + yq -i '.version = "${{ needs.gather_facts.outputs.version }}"' "${chart_yaml}" + fi + fi + + - name: Bump go module defined in go.mod if needed + run: | + if [ "${{ needs.gather_facts.outputs.needs_major_bump }}" = true ] && test -f "go.mod"; then + go install github.com/marwan-at-work/mod/cmd/mod@v0.5.0 + mod upgrade + fi + - name: Set up git identity + run: | + git config --local user.email "dev@giantswarm.io" + git config --local user.name "taylorbot" + - name: Create release commit + env: + version: "${{ needs.gather_facts.outputs.version }}" + run: | + git add -A + git commit -m "Release v${{ env.version }}" + - name: Push changes + env: + remote_repo: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git" + run: | + git push "${remote_repo}" HEAD:${{ needs.gather_facts.outputs.branch }} + - name: Create PR + env: + GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" + base: "${{ needs.gather_facts.outputs.base }}" + version: "${{ needs.gather_facts.outputs.version }}" + run: | + gh pr create --assignee ${{ github.actor }} --title "Release v${{ env.version }}" --body "" --base ${{ env.base }} --head "${{ needs.gather_facts.outputs.branch }}" diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml new file mode 100644 index 0000000..6efd628 --- /dev/null +++ b/.github/workflows/zz_generated.gitleaks.yaml @@ -0,0 +1,17 @@ +# DO NOT EDIT. Generated with: +# +# devctl@6.14.0 +# +name: gitleaks + +on: [pull_request] + +jobs: + gitleaks: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: '0' + - name: gitleaks-action + uses: giantswarm/gitleaks-action@main diff --git a/.nancy-ignore b/.nancy-ignore new file mode 100644 index 0000000..96282c9 --- /dev/null +++ b/.nancy-ignore @@ -0,0 +1,3 @@ +# Affects all versions of archiver which is required by vault. +# Taken from: https://github.com/giantswarm/opsctl/pull/1072/files#diff-bbe4a7fb12c43622bce7c6840c770e9995be614626a219942ca138403629cb69R1 +CVE-2019-10743 until=2021-10-17 diff --git a/.nancy-ignore.generated b/.nancy-ignore.generated new file mode 100644 index 0000000..b4df6fc --- /dev/null +++ b/.nancy-ignore.generated @@ -0,0 +1,2 @@ +# This file is generated by https://github.com/giantswarm/github +# Repository specific ignores should be added to .nancy-ignore diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..3e3d331 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,14 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + + + +## [Unreleased] + + + +[Unreleased]: https://github.com/giantswarm/REPOSITORY_NAME/tree/main diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..4642014 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,2 @@ +# generated by giantswarm/github actions - changes will be overwritten +* @giantswarm/team-honeybadger diff --git a/DCO b/DCO new file mode 100644 index 0000000..716561d --- /dev/null +++ b/DCO @@ -0,0 +1,36 @@ +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +660 York Street, Suite 102, +San Francisco, CA 94110 USA + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..b7a4d40 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2016 - 2023 Giant Swarm GmbH + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..0f7f27b --- /dev/null +++ b/Makefile @@ -0,0 +1,23 @@ +# DO NOT EDIT. Generated with: +# +# devctl@6.14.0 +# + +include Makefile.*.mk + +##@ General + +# The help target prints out all targets with their descriptions organized +# beneath their categories. The categories are represented by '##@' and the +# target descriptions by '##'. The awk commands is responsible for reading the +# entire set of makefiles included in this invocation, looking for lines of the +# file as xyz: ## something, and then pretty-format the target and help. Then, +# if there's a line with ##@ something, that gets pretty-printed as a category. +# More info on the usage of ANSI control characters for terminal formatting: +# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters +# More info on the awk command: +# http://linuxcommand.org/lc3_adv_awk.php + +.PHONY: help +help: ## Display this help. + @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z%\\\/_0-9-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) diff --git a/README.md b/README.md new file mode 100644 index 0000000..1a4d165 --- /dev/null +++ b/README.md @@ -0,0 +1,27 @@ +# General Go template repository + +This is a general template repository containing some basic files every GitHub repo owned by Giant Swarm should have. + +Note also these more specific repositories: + +- [template-app](https://github.com/giantswarm/template-app) +- [gitops-template](https://github.com/giantswarm/gitops-template) +- [python-app-template](https://github.com/giantswarm/python-app-template) + +## Creating a new repository + +Please do not use the `Use this template` function in the GitHub web UI. + +Check out the according [handbook article](https://handbook.giantswarm.io/docs/dev-and-releng/repository/go/) for better instructions. + +### Some suggestions for your README + +After you have created your new repository, you may want to add some of these badges to the top of your README. + +- **CircleCI:** After enabling builds for this repo via [this link](https://circleci.com/setup-project/gh/giantswarm/REPOSITORY_NAME), you can find badge code on [this page](https://app.circleci.com/settings/project/github/giantswarm/REPOSITORY_NAME/status-badges). + +- **Go reference:** use [this helper](https://pkg.go.dev/badge/) to create the markdown code. + +- **Go report card:** enter the module name on the [front page](https://goreportcard.com/) and hit "Generate report". Then use this markdown code for your badge: `[![Go report card](https://goreportcard.com/badge/github.com/giantswarm/REPOSITORY_NAME)](https://goreportcard.com/report/github.com/giantswarm/REPOSITORY_NAME)` + +- **Sourcegraph "used by N projects" badge**: for public Go repos only: `[![Sourcegraph](https://sourcegraph.com/github.com/giantswarm/REPOSITORY_NAME/-/badge.svg)](https://sourcegraph.com/github.com/giantswarm/REPOSITORY_NAME)` diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..060f6b5 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy + +## Reporting a Vulnerability + +Please visit https://www.giantswarm.io/responsible-disclosure for information on reporting security issues. diff --git a/docs/development.md b/docs/development.md new file mode 100644 index 0000000..c417a3a --- /dev/null +++ b/docs/development.md @@ -0,0 +1,3 @@ +# Developing on REPOSITORY_NAME + +This is a great place to explain how to get started developing on this project. diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..5db8c3e --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module github.com/giantswarm/REPOSITORY_NAME + +go 1.19 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..e69de29 diff --git a/main.go b/main.go new file mode 100644 index 0000000..38dd16d --- /dev/null +++ b/main.go @@ -0,0 +1,3 @@ +package main + +func main() {} diff --git a/renovate.json5 b/renovate.json5 new file mode 100644 index 0000000..e99cc4b --- /dev/null +++ b/renovate.json5 @@ -0,0 +1,6 @@ +{ + "extends": [ + // Base config - https://github.com/giantswarm/renovate-presets/blob/main/default.json5 + "github>giantswarm/renovate-presets:default.json5", + ], +}