Merge pull request #213 from taliesins/update_dependencies_2

fix: Change semgrep to not use wrapper

.chglog/CHANGELOG.tpl.md

@@ -0,0 +1,34 @@
+{{ if .Versions -}}
+{{ if .Unreleased.CommitGroups }}
+<a name="unreleased"></a>
+## [Unreleased]({{ .Info.RepositoryURL }}/compare/{{ $latest := index .Versions 0 }}{{ $latest.Tag.Name }}...HEAD)
+{{ range .Unreleased.CommitGroups -}}
+### {{ .Title }}
+{{ range .Commits -}}
+- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }}
+{{ end }}
+{{ end -}}
+{{ range .Unreleased.NoteGroups -}}
+### {{ .Title }}
+{{ range .Notes }}
+{{ .Body }}
+{{ end }}
+{{ end -}}
+{{ end -}}
+{{ range .Versions }}
+<a name="{{ .Tag.Name }}"></a>
+## {{ if .Tag.Previous }}[{{ .Tag.Name }}]({{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }}){{ else }}{{ .Tag.Name }}{{ end }} ({{ datetime "2006-01-02" .Tag.Date }})
+{{ range .CommitGroups -}}
+### {{ .Title }}
+{{ range .Commits -}}
+- {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }}
+{{ end }}
+{{ end -}}
+{{ range .NoteGroups -}}
+### {{ .Title }}
+{{ range .Notes }}
+{{ .Body }}
+{{ end }}
+{{ end -}}
+{{ end -}}
+{{ end -}}

.chglog/config.yml

@@ -0,0 +1,28 @@
+style: github
+template: CHANGELOG.tpl.md
+info:
+  title: CHANGELOG
+  repository_url: https://github.com/taliesins/terraform-provider-hyperv
+options:
+  commits:
+    # filters:
+    #   Type:
+    #     - feat
+    #     - fix
+    #     - perf
+    #     - refactor
+  commit_groups:
+    # title_maps:
+    #   feat: Features
+    #   fix: Bug Fixes
+    #   perf: Performance Improvements
+    #   refactor: Code Refactoring
+  header:
+    pattern: "^(\\w*)(?:\\(([\\w\\$\\.\\-\\*\\s]*)\\))?\\:\\s(.*)$"
+    pattern_maps:
+      - Type
+      - Scope
+      - Subject
+  notes:
+    keywords:
+      - BREAKING CHANGE

.github/workflows/create-release.yml

@@ -3,6 +3,10 @@ name: Create tag
 on: 
   workflow_dispatch:
 
+env:
+  GIT_CHGLOG_VERSION: "0.15.4"
+  SVU_VERSION: "1.12.0"
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -12,35 +16,34 @@ jobs:
           # Fetches entire history, so we can analyze commits since last tag
           fetch-depth: 0
           persist-credentials: false
-
-      - name: Create Changelog
-        id: release_number_and_changelog
-        uses: taliesins/conventional-changelog-action@releases/v3
+      - uses: actions/setup-git-chglog@v1
         with:
-          github-token: ${{ secrets.CREATE_TAG_GITHUB_TOKEN }}
-          skip-version-file: 'true'
-          skip-on-empty: 'false'
-          skip-commit: 'true'
-          skip-tag: 'true'
-          dry-run: 'true'
-          tag-prefix: 'v'
-          output-file: 'false'
-
-      - name: Create clean changelog
-        uses: "finnp/create-file-action@master"
-        env:
-          FILE_NAME: ".github/CLEANCHANGELOG.md"
-          FILE_DATA: ${{ steps.release_number_and_changelog.outputs.clean_changelog }}
-
-      - name: Create Changelog and commit
-        uses: taliesins/conventional-changelog-action@releases/v3
+          git-chglog-version: ${{ env.GIT_CHGLOG_VERSION}}
+      - uses: obfu5c8/action-svu
+        id: install_svu
+        with:
+          type: none
+          svu-version: ${{ env.SVU_VERSION}}
+      - name: get version
+        id: get_version
+        run: |
+          current_version="$(svu current --tag-mode current-branch --strip-prefix)"
+          prerelease_version="$(svu prerelease --tag-mode all-branches --strip-prefix --pre-release prerelease)"
+          release_version="$(svu next --tag-mode all-branches --strip-prefix)"
+          
+          echo ::set-output name=CURRENT_VERSION::${current_version}
+          echo ::set-output name=PRERELEASE_VERSION::${prerelease_version}
+          echo ::set-output name=RELEASE_VERSION::${release_version}
+          
+          echo "current version: ${current_version}"
+          echo "prerelease version: ${prerelease_version}"
+          echo "release version: ${release_version}"
+      - name: generate change log for release
+        run: |
+          git-chglog --next-tag "v${{ steps.get_version.outputs.RELEASE_VERSION }}" > CHANGELOG.md
+      - name: Add updated changelog
+        uses: EndBug/add-and-commit@v9
         with:
-          github-token: ${{ secrets.CREATE_TAG_GITHUB_TOKEN }}
-          skip-version-file: 'true'
-          skip-on-empty: 'false'
-          skip-commit: 'false'
-          skip-tag: 'false'
-          dry-run: 'false'
-          force-push: 'true'
-          tag-prefix: 'v'
-          output-file: 'CHANGELOG.md'
+          default_author: github_actions
+          message: "chore(release): v${{ steps.get_version.outputs.RELEASE_VERSION }}"
+          add: "CHANGELOG.md"

.github/workflows/release.yml

@@ -18,7 +18,6 @@ on:
       - 'v*'
     paths-ignore:
       - 'CHANGELOG.md'
-      - '.github/CLEANCHANGELOG.md'
   pull_request:
     paths:
       - .github/workflows/release.yml
@@ -37,9 +36,11 @@ on:
       - website/**
 
 env:
-  GO_VERSION: "1.19.4"
+  GO_VERSION: "1.21.5"
   GO111MODULE: on
-  TERRAFORM_VERSION: "1.3.6"
+  TERRAFORM_VERSION: "1.5.5"
+  GIT_CHGLOG_VERSION: "0.15.4"
+  SVU_VERSION: "1.12.0"
   TEST_TIME_OUT: "120s"
   RELEASE_TIME_OUT: "30m"
 
@@ -222,21 +223,60 @@ jobs:
     - run: golangci-lint run
 
   semgrep:
+    # User definable name of this GitHub Actions job.
+    name: semgrep/ci 
+    # If you are self-hosting, change the following `runs-on` value: 
     runs-on: ubuntu-latest
+
+    container:
+      # A Docker image with Semgrep installed. Do not change this.
+      image: returntocorp/semgrep
+
+    # Skip any PR created by dependabot to avoid permission issues:
+    if: (github.actor != 'dependabot[bot]')
+
     steps:
-    - uses: actions/checkout@v3
-      with:
-       fetch-depth: 0
-    - name: semgrep
-      uses: returntocorp/semgrep-action@v1
+      # Fetch project source with GitHub Actions Checkout.
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      # Run the "semgrep ci" command on the command line of the docker image.
+      - run: semgrep ci --no-suppress-errors
+        env:
+          # Connect to Semgrep Cloud Platform through your SEMGREP_APP_TOKEN.
+          # Generate a token from Semgrep Cloud Platform > Settings
+          # and add it to your GitHub secrets.
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
 
   goreleaser:
     needs: [go_mod_download]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
+      - uses: actions/setup-git-chglog@v1
+        with:
+          git-chglog-version: ${{ env.GIT_CHGLOG_VERSION}}
+      - uses: obfu5c8/action-svu
+        id: install_svu
+        with:
+          type: none
+          svu-version: ${{ env.SVU_VERSION}}
+      - name: get version
+        id: get_version
+        run: |
+          current_version="$(svu current --tag-mode current-branch --strip-prefix)"
+          prerelease_version="$(svu prerelease --tag-mode all-branches --strip-prefix --pre-release prerelease)"
+          release_version="$(svu next --tag-mode all-branches --strip-prefix)"
+          
+          echo ::set-output name=CURRENT_VERSION::${current_version}
+          echo ::set-output name=PRERELEASE_VERSION::${prerelease_version}
+          echo ::set-output name=RELEASE_VERSION::${release_version}
+          
+          echo "current version: ${current_version}"
+          echo "prerelease version: ${prerelease_version}"
+          echo "release version: ${release_version}"
       - uses: actions/setup-go@v4
         with:
           go-version: ${{ env.GO_VERSION }}
@@ -248,7 +288,7 @@ jobs:
           key: ${{ hashFiles('.github/workflows/release.yml') }}-${{ runner.os }}-go-pkg-mod-${{ hashFiles('go.sum') }}
       - name: goreleaser check
         continue-on-error: true
-        uses: goreleaser/goreleaser-action@v4.2.0
+        uses: goreleaser/goreleaser-action@v5
         with:
           args: check
       - name: Import GPG key
@@ -257,66 +297,30 @@ jobs:
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
-          #passphrase: ${{ secrets.PASSPHRASE }}
-      - name: Get tag_name
-        id: tag_name
-        if: startsWith(github.ref, 'refs/tags/v')
-        run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
+          #passphrase: ${{ secrets.PASSPHRASE }}  
       - name: goreleaser release
-        uses: goreleaser/goreleaser-action@v4.2.0
+        uses: goreleaser/goreleaser-action@v5
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           version: latest
-          args: release --rm-dist --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=.github/CLEANCHANGELOG.md
+          args: release --rm-dist --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=CHANGELOG.md
         env:
           GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GORELEASER_CURRENT_TAG: ${{ steps.tag_name.outputs.VERSION }}
-      - name: Create Changelog
-        id: release_number_and_changelog
-        uses: taliesins/conventional-changelog-action@releases/v3
-        if: "!(startsWith(github.ref, 'refs/tags/v'))"
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          skip-version-file: 'true'
-          skip-on-empty: 'false'
-          skip-commit: 'true'
-          skip-tag: 'true'
-          dry-run: 'true'
-          tag-prefix: 'v'
-          output-file: 'CHANGELOG.md'
-      - name: Create clean changelog
-        uses: "finnp/create-file-action@master"
-        if: "!(startsWith(github.ref, 'refs/tags/v'))"
-        env:
-          FILE_NAME: ".github/CLEANCHANGELOG.md"
-          FILE_DATA: ${{ steps.release_number_and_changelog.outputs.clean_changelog }}
-
-      - name: Get release information
+          GORELEASER_CURRENT_TAG: ${{ steps.get_version.outputs.RELEASE_VERSION }}
+          GORELEASER_PREVIOUS_TAG: ${{ steps.get_version.outputs.CURRENT_VERSION }}
+      - name: generate change log for prerelease
         if: "!(startsWith(github.ref, 'refs/tags/v'))"
-        env:
-          CLEAN_CHANGELOG: ${{ steps.release_number_and_changelog.outputs.clean_changelog }}
-          CHANGELOG: ${{ steps.release_number_and_changelog.outputs.changelog }}
-          VERSION: ${{ steps.release_number_and_changelog.outputs.version }}
-          OLDVERSION: ${{ steps.release_number_and_changelog.outputs.old_version }}
-          TAG: ${{ steps.release_number_and_changelog.outputs.tag }}
-          SKIPPED: ${{ steps.release_number_and_changelog.outputs.skipped }}
         run: |
-          echo "clean_changelog: $CLEAN_CHANGELOG"
-          echo "changelog: $CHANGELOG"
-          echo "version: $VERSION"
-          echo "old_version: $OLDVERSION"
-          echo "tag: $TAG"
-          echo "skipped: $SKIPPED"
-
+          git-chglog --next-tag "v${{ steps.get_version.outputs.PRERELEASE_VERSION }}" > CHANGELOG.md
       - name: goreleaser snapshot
-        uses: goreleaser/goreleaser-action@v4.2.0
+        uses: goreleaser/goreleaser-action@v5
         if: "!(startsWith(github.ref, 'refs/tags/v'))"
         with:
-          args: release --rm-dist --skip-sign --snapshot --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=.github/CLEANCHANGELOG.md
+          args: release --rm-dist --skip-sign --snapshot --timeout ${{ env.RELEASE_TIME_OUT }} --release-notes=CHANGELOG.md
         env:
-          GORELEASER_CURRENT_TAG: v0.0.0
-          GORELEASER_PREVIOUS_TAG: v0.0.0
+          GORELEASER_CURRENT_TAG: ${{ steps.get_version.outputs.RELEASE_VERSION }}
+          GORELEASER_PREVIOUS_TAG: ${{ steps.get_version.outputs.CURRENT_VERSION }}
       - name: snapshot artifact naming
         id: naming
         if: "!(startsWith(github.ref, 'refs/tags/v'))"
@@ -330,10 +334,18 @@ jobs:
           *)
             ARTIFACT="${GITHUB_REF}";;
           esac
-          echo "::set-output name=artifact::$ARTIFACT-$(date -u +'%Y-%m-%dT%H-%M')"
+          echo "::set-output name=ARTIFACT::$ARTIFACT-$(date -u +'%Y-%m-%dT%H-%M')"
       - name: upload snapshot artifact
         uses: actions/upload-artifact@v3
         if: "!(startsWith(github.ref, 'refs/tags/v'))"
         with:
-          name: ${{steps.naming.outputs.artifact}}
-          path: dist/*.zip
+          name: ${{steps.naming.outputs.ARTIFACT}}
+          path: dist/*.zip
+      - name: Add updated changelog, and create new branch
+        uses: EndBug/add-and-commit@v9
+        if: "!(startsWith(github.ref, 'refs/tags/v'))"
+        with:
+          default_author: github_actions
+          message: "chore(release): v${{ steps.get_version.outputs.PRERELEASE_VERSION }}"
+          add: "CHANGELOG.md"
+          new_branch: "v${{ steps.get_version.outputs.PRERELEASE_VERSION }}"

.gitignore

@@ -35,3 +35,9 @@ website/vendor
 *.winfile eol=crlf
 /vendor
 /act
+/node_modules
+/package-lock.json
+/package.json
+/.vs
+/.idea
+/.terraform

.golangci.yml

@@ -28,7 +28,7 @@ linters:
     #- funlen
     #- gochecknoinits #needed for document generation
     - goconst
-    #- gocritic
+    - gocritic
     #- gocyclo
     - gofmt
     - goimports
@@ -54,6 +54,14 @@ linters:
 linters-settings:
   errcheck:
     ignore: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema:ForceNew|Set,fmt:.*,io:Close
+  depguard:
+    rules:
+      logger:
+        deny:
+          # logging is allowed only by logutils.Log,
+          # logrus is allowed to use only in logutils package.
+          - pkg: "github.com/sirupsen/logrus"
+            desc: logging is allowed only by logutils.Log
 
 run:
   modules-download-mode: mod