Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

clean CI jobs, Makefile and go.mod/Dockerfile #350

Merged
merged 4 commits into from
Jul 21, 2023
Merged

clean CI jobs, Makefile and go.mod/Dockerfile #350

merged 4 commits into from
Jul 21, 2023

Commits on Jul 21, 2023

  1. remove old hack/check-format.sh and doc.go content

    The hack/check-format.sh script is not used anywhere (and there is a
    `make fmtcheck` target that accomplishes the same thing). So, removing
    that.
    
    Also remove all the duplicative (and out-of-date) documentation from the
    `doc.go` file for two reasons:
    
    1) pkg.go.dev now includes the README in its entirety and therefore
       there is not a need to duplicate the information from the README into
       a `doc.go` file.
    2) Having two places for examples and docs just meant the information in
       `doc.go` quickly got out of date.
    
    Signed-off-by: Jay Pipes <jaypipes@gmail.com>
    jaypipes committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    01428a7 View commit details
    Browse the repository at this point in the history
  2. cleanup Makefile, Dockerfile, go.mod

    Updates to Go 1.19 in go.mod to get us to a more modern Go release.
    Similarly changes the Dockerfile that builds the `ghwc` binary to use Go
    1.19 and use a hashed version of the Alpine base image to address
    security best practices.
    
    Finally, removes the outdated and unnecessary Make targets and
    unnecessarily complicated calls to find Go packages. These targets and
    fancy code was left over from before Go modules and when we were using
    `dep` and vendoring things.
    
    Adds a `.github/workflows/fmtcheck.yml` that follows GH actions security
    best practices and separates the fmtcheck stuff from the other tests in
    the main `.github.com/workflows/go.yml`.
    
    Signed-off-by: Jay Pipes <jaypipes@gmail.com>
    jaypipes committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    d855436 View commit details
    Browse the repository at this point in the history
  3. separate linter job in Github Actions

    pulls out the golangci-lint job from the main go.yml Github Action and
    into its own workflow that follows security best practices like ensuring
    read-only permissions and using SHA-specific Action releases.
    
    Signed-off-by: Jay Pipes <jaypipes@gmail.com>
    jaypipes committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    4186cf1 View commit details
    Browse the repository at this point in the history
  4. harden and refactor GH action for unit tests

    Updates the GH Action workflow for unit testing with security best
    practices, including reduce permissions, the step security action
    hardener, and using SHA-specific Action releases.
    
    Signed-off-by: Jay Pipes <jaypipes@gmail.com>
    jaypipes committed Jul 21, 2023
    Configuration menu
    Copy the full SHA
    98dc049 View commit details
    Browse the repository at this point in the history