From 20e60349c2a58c0f0d16dc48a83b0ed569432415 Mon Sep 17 00:00:00 2001
From: Dmitry Verkhoturov <paskal.07@gmail.com>
Date: Thu, 9 May 2024 01:56:40 +0200
Subject: [PATCH] add dependabot updates for GitHub Actions and Go modules

---
 .github/dependabot.yml   | 22 ++++++++++++++++++++++
 .github/workflows/ci.yml | 12 +++++-------
 Dockerfile               |  5 +++--
 3 files changed, 30 insertions(+), 9 deletions(-)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..33bc481
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,22 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      "GitHub Actions updates":
+        patterns:
+          - "*"
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      "Go modules updates":
+        dependency-type: "production"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2735aa2..85a54a4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,11 +22,11 @@ jobs:
 
       - name: build and test
         run: |
-          go test -timeout=60s -v -covermode=count -coverprofile=$GITHUB_WORKSPACE/profile.cov_tmp ./...
+          go test -race -timeout=60s -v -covermode=atomic -coverprofile=$GITHUB_WORKSPACE/profile.cov_tmp ./...
+          go build -race ./...
           cat $GITHUB_WORKSPACE/profile.cov_tmp | grep -v "_mock.go" > $GITHUB_WORKSPACE/profile.cov
         working-directory: app
         env:
-          GOFLAGS: "-mod=vendor"
           TZ: "America/Chicago"
           MONGO_TEST: mongodb://127.0.0.1:27017
 
@@ -37,12 +37,10 @@ jobs:
         env:
           TZ: "America/Chicago"
 
-      - name: install goveralls
-        run: |
-          GO111MODULE=off go get -u github.com/mattn/goveralls
-
       - name: submit coverage
-        run: $(go env GOPATH)/bin/goveralls -service="github" -coverprofile=$GITHUB_WORKSPACE/profile.cov
+        run: |
+          go install github.com/mattn/goveralls@latest
+          goveralls -service="github" -coverprofile=$GITHUB_WORKSPACE/profile.cov
         env:
           COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
diff --git a/Dockerfile b/Dockerfile
index fd59953..262f5ec 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,7 +4,6 @@ ARG GIT_BRANCH
 ARG GITHUB_SHA
 ARG CI
 
-ENV GOFLAGS="-mod=vendor"
 ENV CGO_ENABLED=0
 
 ADD . /build
@@ -18,9 +17,11 @@ RUN \
     cd app && go build -o /build/docker-logger -ldflags "-X main.revision=${version} -s -w"
 
 
-
 FROM umputun/baseimage:app-latest
 
+# enables automatic changelog generation by tools like Dependabot
+LABEL org.opencontainers.image.source="https://github.com/umputun/docker-logger"
+
 COPY --from=build /build/docker-logger /srv/docker-logger
 RUN \
     chown -R app:app /srv && \