From e3c126df28e7c3f1748e4d014fc9aa967b3abded Mon Sep 17 00:00:00 2001 From: Honest Bot Date: Wed, 6 Dec 2023 06:35:58 +0000 Subject: [PATCH] chore: synced file(s) with honestbank/.github --- .github/workflows/build.yaml | 66 ++++++++++++++----- .../repository-experiment-verification.yaml | 17 +++++ .github/workflows/semantic-pr.yaml | 22 ++++--- .gitignore | 4 ++ .golangci.json | 32 +++++---- .pre-commit-config.yaml | 14 +++- docker-compose.integration.yaml | 63 ++++++++++++++++++ docker-compose.yaml | 63 ++++++++++++++++++ release.config.js | 28 ++++---- 9 files changed, 256 insertions(+), 53 deletions(-) create mode 100644 .github/workflows/repository-experiment-verification.yaml create mode 100644 docker-compose.integration.yaml create mode 100644 docker-compose.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 1b44e42..9f94ad1 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -17,19 +17,24 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - go: ["1.16"] + go: ["1.20"] steps: - name: Set up Golang - uses: actions/setup-go@v2 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.go }} id: go - name: Check out code into the Go module directory - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 + - name: Configure ssh-key for private modules + env: + SSH_KEY: ${{ secrets.ENGINEERING_SSH_KEY }} + run: mkdir -p ~/.ssh; echo "$SSH_KEY" > ~/.ssh/id_rsa; chmod 600 ~/.ssh/id_rsa; git config --global url."git@github.com:".insteadOf "https://github.com/" + - name: Setup go modules run: go clean -modcache;go mod tidy; go mod download; go mod verify; @@ -41,43 +46,72 @@ jobs: skip-pkg-cache: true skip-build-cache: true - - name: Test and generate code coverage - run: go test -v -race --tags=integration_test -coverprofile=coverage.txt -covermode=atomic ./... - - name: sonarcloud-scan uses: sonarsource/sonarcloud-github-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} continue-on-error: true - trivy_scan: - name: trivy-scan + + integration-tests: + name: integration-tests runs-on: ubuntu-latest steps: - - run: echo "add trivy scan" # todo + - name: Check out code into the Go module directory + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Golang + uses: actions/setup-go@v4 + with: + go-version: "1.20" + id: go + + - name: Start docker containers for integration tests + run: docker-compose -f docker-compose.integration.yaml up -d + + - name: Configure ssh-key for private modules + env: + SSH_KEY: ${{ secrets.ENGINEERING_SSH_KEY }} + run: mkdir -p ~/.ssh; echo "$SSH_KEY" > ~/.ssh/id_rsa; chmod 600 ~/.ssh/id_rsa; git config --global url."git@github.com:".insteadOf "https://github.com/" + + - name: Setup go modules + run: go mod tidy + + - name: Test and generate code coverage + run: go test -tags=integration_test -coverprofile=coverage.txt -covermode=atomic ./... + + - name: sonarcloud-scan + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + continue-on-error: true + release: name: semantic-release runs-on: ubuntu-latest needs: [build] steps: - name: Set up Golang - uses: actions/setup-go@v2 + uses: actions/setup-go@v4 with: - go-version: "1.16" + go-version: "1.20" id: go - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: - node-version: '17' + node-version: '18' - name: Check out code into the Go module directory - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: release - uses: cycjimmy/semantic-release-action@v2 + uses: cycjimmy/semantic-release-action@v3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - semantic_version: 18 + semantic_version: 19 extra_plugins: | @semantic-release/git@10.0.1 @semantic-release/exec@6.0.2 diff --git a/.github/workflows/repository-experiment-verification.yaml b/.github/workflows/repository-experiment-verification.yaml new file mode 100644 index 0000000..c73e5cd --- /dev/null +++ b/.github/workflows/repository-experiment-verification.yaml @@ -0,0 +1,17 @@ +# yamllint disable rule:line-length +# Use template from https://github.com/honestbank/workflows/tree/main/examples/repository-workflows +--- +name: "repository-experiment-verification" +permissions: read-all + +on: # yamllint disable-line rule:truthy + pull_request: + branches: [main] + +jobs: + repository-experiment-verification: + name: repository-experiment-verification + uses: honestbank/workflows/.github/workflows/shared-experiment-verification.yaml@main + secrets: inherit + with: + experiment_required: false diff --git a/.github/workflows/semantic-pr.yaml b/.github/workflows/semantic-pr.yaml index cc51e5d..332f9bd 100644 --- a/.github/workflows/semantic-pr.yaml +++ b/.github/workflows/semantic-pr.yaml @@ -1,6 +1,13 @@ -name: "Semantic Pull Request" +# DO NOT CHANGE. This file is being managed from a central repository +# To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md -on: +# yamllint disable rule:line-length +# Use template from https://github.com/honestbank/workflows/tree/main/examples/repository-workflows +--- +name: "repository-semantic-pr" +permissions: read-all + +on: # yamllint disable-line rule:truthy pull_request: types: - opened @@ -8,10 +15,7 @@ on: - synchronize jobs: - main: - name: Validate PR title - runs-on: ubuntu-latest - steps: - - uses: amannn/action-semantic-pull-request@v4 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + repository-semantic-pr: + name: repository-semantic-pr + uses: honestbank/workflows/.github/workflows/shared-semantic-pr.yaml@main + secrets: inherit diff --git a/.gitignore b/.gitignore index 8c59369..2151e46 100644 --- a/.gitignore +++ b/.gitignore @@ -34,6 +34,7 @@ # NUCLEAR OPTION - EXCLUDES ALL JETBRAINS IDE FILES **/.idea/** +.idea/** # User-specific stuff .idea/**/workspace.xml @@ -458,3 +459,6 @@ mocks # test log file coverage.txt coverage.tmp + +# Grafana tempo files (https://grafana.com/oss/tempo/) +**/tempo-data/** diff --git a/.golangci.json b/.golangci.json index 19c0e41..8ab2faf 100644 --- a/.golangci.json +++ b/.golangci.json @@ -10,30 +10,26 @@ "skip-dirs-use-default": true, "tests": true }, + "issues": { + "exclude-rules": { + "path": "/", + "linters": ["errcheck"] + } + }, "linters": { "enable": [ - "deadcode", - "errcheck", - "gosimple", - "govet", - "ineffassign", - "staticcheck", - "structcheck", - "typecheck", - "unused", - "varcheck", - "gofmt", - "goimports", - "nestif", - "ifshort", "asciicheck", + "errcheck", "exhaustive", "exportloopref", "forbidigo", "gocyclo", "gofmt", "goimports", + "gosimple", + "govet", "ifshort", + "ineffassign", "makezero", "misspell", "nakedret", @@ -41,10 +37,18 @@ "nilerr", "nlreturn", "nolintlint", + "staticcheck", "testpackage", + "typecheck", "unconvert", + "unused", "wastedassign", "whitespace" ] + }, + "linters-settings": { + "errcheck": { + "check-blank": true + } } } diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 609c415..a5e8943 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,18 +3,26 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.4.0 + rev: v4.5.0 hooks: - id: end-of-file-fixer - id: trailing-whitespace - id: check-yaml + args: [ '--allow-multiple-documents' ] - id: detect-aws-credentials args: [ '--allow-missing-credentials' ] - repo: https://github.com/golangci/golangci-lint - rev: v1.39.0 + rev: v1.54.2 hooks: - id: golangci-lint - repo: https://github.com/TekWizely/pre-commit-golang - rev: v0.8.2 + rev: v1.0.0-rc.1 hooks: - id: go-imports + - repo: https://github.com/gitguardian/ggshield + rev: v1.19.1 + hooks: + - id: ggshield + language: python + stages: [commit] + args: [ 'secret', 'scan', 'pre-commit' ] diff --git a/docker-compose.integration.yaml b/docker-compose.integration.yaml new file mode 100644 index 0000000..ee55e66 --- /dev/null +++ b/docker-compose.integration.yaml @@ -0,0 +1,63 @@ +# DO NOT CHANGE. This file is being managed from a central repository +# To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md + +version: "3.0" +services: + db: + image: mysql:8 + ports: + - "3306:3306" + environment: + - MYSQL_USER=dbuser + - MYSQL_PASSWORD=dbpass + - MYSQL_DATABASE=my_db + - MYSQL_RANDOM_ROOT_PASSWORD=true + zookeeper: + image: confluentinc/cp-zookeeper:7.3.2 + hostname: zookeeper + container_name: zookeeper + restart: "always" + ports: + - "2181:2181" + environment: + ZOOKEEPER_CLIENT_PORT: 2181 + ZOOKEEPER_TICK_TIME: 2000 + kafka: + image: confluentinc/cp-kafka:7.3.2 + hostname: kafka + container_name: kafka + restart: "always" + ports: + - "9092:9092" + environment: + KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka:19092,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9092 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT + KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL + KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181" + KAFKA_SCHEMA_REGISTRY_URL: "http://schemaregistry:8082" + KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true" + KAFKA_BROKER_ID: 1 + KAFKA_LOG4J_LOGGERS: "kafka.controller=INFO,kafka.producer.async.DefaultEventHandler=INFO,state.change.logger=INFO" + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 + KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 + KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 + KAFKA_JMX_PORT: 9999 + KAFKA_JMX_HOSTNAME: ${DOCKER_HOST_IP:-127.0.0.1} + KAFKA_NUM_PARTITIONS: 1 + depends_on: + - zookeeper + schemaregistry: + image: confluentinc/cp-schema-registry:7.3.2 + restart: always + depends_on: + - kafka + environment: + SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: "kafka:19092" + SCHEMA_REGISTRY_HOST_NAME: schemaregistry + SCHEMA_REGISTRY_LISTENERS: "http://0.0.0.0:8082" + ports: + - 8082:8082 + gcs: + image: oittaa/gcp-storage-emulator:latest + ports: + - "8080:8080" diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..ee55e66 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,63 @@ +# DO NOT CHANGE. This file is being managed from a central repository +# To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md + +version: "3.0" +services: + db: + image: mysql:8 + ports: + - "3306:3306" + environment: + - MYSQL_USER=dbuser + - MYSQL_PASSWORD=dbpass + - MYSQL_DATABASE=my_db + - MYSQL_RANDOM_ROOT_PASSWORD=true + zookeeper: + image: confluentinc/cp-zookeeper:7.3.2 + hostname: zookeeper + container_name: zookeeper + restart: "always" + ports: + - "2181:2181" + environment: + ZOOKEEPER_CLIENT_PORT: 2181 + ZOOKEEPER_TICK_TIME: 2000 + kafka: + image: confluentinc/cp-kafka:7.3.2 + hostname: kafka + container_name: kafka + restart: "always" + ports: + - "9092:9092" + environment: + KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://kafka:19092,LISTENER_DOCKER_EXTERNAL://${DOCKER_HOST_IP:-127.0.0.1}:9092 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT + KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL + KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181" + KAFKA_SCHEMA_REGISTRY_URL: "http://schemaregistry:8082" + KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true" + KAFKA_BROKER_ID: 1 + KAFKA_LOG4J_LOGGERS: "kafka.controller=INFO,kafka.producer.async.DefaultEventHandler=INFO,state.change.logger=INFO" + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 + KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 + KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 + KAFKA_JMX_PORT: 9999 + KAFKA_JMX_HOSTNAME: ${DOCKER_HOST_IP:-127.0.0.1} + KAFKA_NUM_PARTITIONS: 1 + depends_on: + - zookeeper + schemaregistry: + image: confluentinc/cp-schema-registry:7.3.2 + restart: always + depends_on: + - kafka + environment: + SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: "kafka:19092" + SCHEMA_REGISTRY_HOST_NAME: schemaregistry + SCHEMA_REGISTRY_LISTENERS: "http://0.0.0.0:8082" + ports: + - 8082:8082 + gcs: + image: oittaa/gcp-storage-emulator:latest + ports: + - "8080:8080" diff --git a/release.config.js b/release.config.js index d674e7a..7f98515 100644 --- a/release.config.js +++ b/release.config.js @@ -3,19 +3,25 @@ * To know more simply visit https://github.com/honestbank/.github/blob/main/docs/about.md */ -class SemanticReleaseError extends Error { - constructor(message, code, details) { - super(); - Error.captureStackTrace(this, this.constructor); - this.name = "SemanticReleaseError" - this.details = details; - this.code = code; - this.semanticRelease = true; - } -} - module.exports = { branches: [{name: 'main'}], + plugins: [ + ["@semantic-release/commit-analyzer", { + "preset": "angular", + "releaseRules": [ + {type: 'feat', release: 'minor'}, + {type: 'fix', release: 'patch'}, + {type: 'perf', release: 'patch'}, + {type: 'docs', release: 'patch'}, + {type: 'refactor', release: 'patch'}, + {type: 'style', release: 'patch'}, + {type: 'ci', release: 'patch'}, + {type: 'chore', release: 'patch'} + ] + }], + "@semantic-release/release-notes-generator", + "@semantic-release/github" + ], verifyConditions: [ "@semantic-release/github" ],