diff --git a/.chainguard/source.yaml b/.chainguard/source.yaml new file mode 100644 index 0000000..824a2b1 --- /dev/null +++ b/.chainguard/source.yaml @@ -0,0 +1,15 @@ +# Copyright 2023 Chainguard, Inc +# SPDX-License-Identifier: Apache-2.0 + +spec: + authorities: + - keyless: + url: https://fulcio.sigstore.dev + identities: + - subjectRegExp: .+@chainguard.dev$ + issuer: https://accounts.google.com + ctlog: + url: https://rekor.sigstore.dev + - key: + # Allow commits signed by Github (merge commits) + kms: https://github.com/web-flow.gpg diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..02da161 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,33 @@ +# Copyright 2023 Chainguard, Inc. +# SPDX-License-Identifier: Apache-2.0 + +name: ci + +on: + push: + branches: + - main + pull_request: + + +jobs: + ci: + runs-on: ubuntu-latest + + strategy: + matrix: + go_version: + - '1.19' + - '1.20' + - '1.21' + + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + with: + go-version: ${{ matrix.go_version }} + check-latest: true + + - run: | + make test diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 0000000..89e68ca --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,26 @@ +# Copyright 2023 Chainguard, Inc. +# SPDX-License-Identifier: Apache-2.0 + +name: lint + +on: + push: + branches: + - 'main' + pull_request: + +jobs: + golangci: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + with: + go-version: '1.21' + check-latest: true + + - name: golangci-lint + uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + with: + version: v1.55 + args: --timeout=5m --verbose diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..fb3a7f2 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,18 @@ +# Copyright 2023 Chainguard, Inc. +# SPDX-License-Identifier: Apache-2.0 + +linters: + enable: + - errcheck + - gofmt + - goimports + - gosec + - gocritic + - misspell + - revive + - unused +output: + uniq-by-line: false +run: + issues-exit-code: 1 + timeout: 10m diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..3f6bee5 --- /dev/null +++ b/Makefile @@ -0,0 +1,17 @@ +SHELL=/bin/bash -o pipefail + +# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) +ifeq (,$(shell go env GOBIN)) +GOBIN=$(shell go env GOPATH)/bin +else +GOBIN=$(shell go env GOBIN) +endif + + +GO ?= go +TEST_FLAGS ?= -v -cover + +.PHONY: test +test: + $(GO) vet ./... + $(GO) test ${TEST_FLAGS} ./... diff --git a/main.go b/main.go index f3b6081..1d2d6e9 100644 --- a/main.go +++ b/main.go @@ -113,14 +113,14 @@ func updatePackage(modFile *modfile.File, name, version, modroot string) error { // Check if the package is replaced first for _, replace := range modFile.Replace { if replace.Old.Path == name { - cmd := exec.Command("go", "mod", "edit", "-replace", fmt.Sprintf("%s=%s@%s", replace.Old.Path, name, version)) + cmd := exec.Command("go", "mod", "edit", "-replace", fmt.Sprintf("%s=%s@%s", replace.Old.Path, name, version)) //nolint:gosec cmd.Dir = modroot return cmd.Run() } } // No replace, just update! - cmd := exec.Command("go", "get", fmt.Sprintf("%s@%s", name, version)) + cmd := exec.Command("go", "get", fmt.Sprintf("%s@%s", name, version)) //nolint:gosec cmd.Dir = modroot if err := cmd.Run(); err != nil { return err