openclarity · Mar 10, 2023 · Mar 8, 2023 · Mar 7, 2023 · Mar 8, 2023
@@ -0,0 +1,36 @@
+---
+name: Bug Report
+about: Report a bug to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+## Description
+
+Please provide a description of the problem.
+
+## Expected Behavior
+
+Please describe what you expected would happen.
+
+## Actual Behavior
+
+Please describe what happened instead.
+
+## Affected Version
+
+Please provide the version number where this issue was encountered.
+
+## Steps to Reproduce
+
+1. First step
+1. Second step
+1. etc.
+
+## Checklist
+
+<!-- TODO: Update the link below to point to your project's contributing guidelines -->
+- [ ] I have read the [contributing guidelines](/CONTRIBUTING.md)
+- [ ] I have verified this does not duplicate an existing issue
@@ -1,20 +1,25 @@
 ---
-name: Feature request
-about: Suggest an idea for this project
+name: Feature Request
+about: Suggest a feature for this project
 title: ''
 labels: ''
 assignees: ''
 
 ---
 
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+## Problem Statement
 
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
+Please describe the problem to be addressed by the proposed feature.
 
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
+## Proposed Solution
 
-**Additional context**
-Add any other context or screenshots about the feature request here.
+Please describe what you envision the solution to this problem would look like.
+
+## Alternatives Considered
+
+Please briefly describe which alternatives, if any, have been considered, including merits of alternate approaches and
+tradeoffs being made.
+
+## Additional Context
+
+Please provide any other information that may be relevant.
@@ -0,0 +1,26 @@
+## Description
+
+Please provide a meaningful description of what this change will do, or is for. Bonus points for including links to
+related issues, other PRs, or technical references.
+
+Note that by _not_ including a description, you are asking reviewers to do extra work to understand the context of this
+change, which may lead to your PR taking much longer to review, or result in it not being reviewed at all.
+
+## Type of Change
+
+- [ ] Bug Fix
+- [ ] New Feature
+- [ ] Breaking Change
+- [ ] Refactor
+- [ ] Documentation
+- [ ] Other (please describe)
+
+## Checklist
+
+- [ ] I have read the [contributing guidelines](/CONTRIBUTING.md)
+- [ ] Existing issues have been referenced (where applicable)
+- [ ] I have verified this change is not present in other open pull requests
+- [ ] Functionality is documented
+- [ ] All code style checks pass
+- [ ] New code contribution is covered by automated tests
+- [ ] All new and existing tests pass
@@ -8,7 +8,7 @@ repository:
   description: VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
 
   # A URL with more information about the repository
-#  homepage: 
+  homepage: openclarity.io
 
   # Updates the default branch for this repository.
   default_branch: main
@@ -21,6 +21,21 @@ repository:
   # vulnerability alerts.
   enable_vulnerability_alerts: true
 
+  # Either `true` to allow squash-merging pull requests, or `false` to prevent
+  # squash-merging.
+  allow_squash_merge: true
+
+  # Either `true` to allow merging pull requests with a merge commit, or `false`
+  # to prevent merging pull requests with merge commits.
+  allow_merge_commit: false
+
+  # Either `true` to allow rebase-merging pull requests, or `false` to prevent
+  # rebase-merging.
+  allow_rebase_merge: true
+
+  # Either `true` to enable automatic deletion of branches on merge, or `false` to disable
+  delete_branch_on_merge: false
+
 # See https://docs.github.com/en/rest/reference/teams#add-or-update-team-repository-permissions for available options
 teams:
   - name: vmclarity-admins

@@ -0,0 +1,58 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 60
+
+# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
+# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
+daysUntilClose: 14
+
+# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled)
+onlyLabels: []
+
+# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
+exemptLabels: []
+
+# Set to true to ignore issues in a project (defaults to false)
+exemptProjects: false
+
+# Set to true to ignore issues in a milestone (defaults to false)
+exemptMilestones: false
+
+# Set to true to ignore issues with an assignee (defaults to false)
+exemptAssignees: false
+
+# Label to use when marking as stale
+staleLabel: stale
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+
+# Comment to post when removing the stale label.
+# unmarkComment: >
+#   Your comment here.
+
+# Comment to post when closing a stale Issue or Pull Request.
+# closeComment: >
+#   Your comment here.
+
+# Limit the number of actions per hour, from 1-30. Default is 30
+limitPerRun: 30
+
+# Limit to only `issues` or `pulls`
+# only: issues
+
+# Optionally, specify configuration settings that are specific to just 'issues' or 'pulls':
+# pulls:
+#   daysUntilStale: 30
+#   markComment: >
+#     This pull request has been automatically marked as stale because it has not had
+#     recent activity. It will be closed if no further activity occurs. Thank you
+#     for your contributions.
+
+# issues:
+#   exemptLabels:
+#     - confirmed
@@ -33,4 +33,4 @@ jobs:
     with:
       image_tag: ${{ github.sha }}
       push: false
-      upload: false
+      upload: false
@@ -0,0 +1,13 @@
+name: Main merge
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build_and_push:
+    uses: ./.github/workflows/reusable-build-and-push.yml
+    with:
+      image_tag: latest
+      push: true
+      upload: false
@@ -0,0 +1,89 @@
+name: Release
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"
+
+env:
+  GO_VERSION: 1.20
+
+jobs:
+  verification:
+    name: Verification
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Check licenses
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: make license-check
+
+      - name: Run verification
+        run: make check
+
+  build_and_push:
+    needs: verification
+    name: Build & Push
+    uses: ./.github/workflows/reusable-build-and-push.yml
+    with:
+      image_tag: ${{ github.ref_name }}
+      push: true
+      upload: false
+
+  main_release:
+    needs: build_and_push
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Render cloudformation
+        id: render_cloudformation
+        run: |
+          sed -i 's/ghcr.io\/openclarity\/vmclarity-backend:latest/ghcr.io\/openclarity\/vmclarity-backend:${{ github.ref_name }}/g' installation/aws/VmClarity.cfn
+          sed -i 's/ghcr.io\/openclarity\/vmclarity-cli:latest/ghcr.io\/openclarity\/vmclarity-cli:${{ github.ref_name }}/g' installation/aws/VmClarity.cfn
+
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          version: v1.16.0
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  # TODO(sambetts) We need to publish a tag in the format "api/<version>" tag
+  # so that go mod is able to import the api module without overriding. We need
+  # to work out how to do this cleanly from github actions on release so that
+  # we don't need to manage it manually. We could do something this which will
+  # create another release:
+  #
+  # api_release:
+  #   needs: release
+  #   name: Release API Module
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Checkout
+  #       uses: actions/checkout@v3
+  #       with:
+  #         fetch-depth: 0
+  #     - name: Release API
+  #       uses: softprops/action-gh-release@v1
+  #       with:
+  #         name: VMClarity {{ github.ref }} API
+  #         body: See main {{ github.ref }} release for release notes.
+  #         tag_name: api/{{ github.ref }}
@@ -28,7 +28,7 @@ jobs:
         id: timestamp
         run: echo "::set-output name=timestamp::$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
 
-  vmclarity:
+  vmclarity-backend:
     needs: timestamp
     runs-on: ubuntu-latest
     steps:
@@ -62,7 +62,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          tags: ghcr.io/openclarity/vmclarity:${{ inputs.image_tag }}
+          tags: ghcr.io/openclarity/vmclarity-backend:${{ inputs.image_tag }}
           file: Dockerfile.backend
           push: ${{ inputs.push }}
           outputs: "${{ env.OUTPUTS }}"

@@ -0,0 +1,48 @@
+builds:
+  -
+    id: "cli"
+    dir: cli
+    binary: vmclarity-cli
+    env:
+      - CGO_ENABLED=0
+    ldflags: "-s -w -X github.com/openclarity/vmclarity/cli/pkg.GitRevision={{ .Version }}"
+    goos:
+      - linux
+      - darwin
+    goarch:
+      - amd64
+      - arm64
+
+archives:
+  -
+    id: "cli"
+    name_template: "{{ .Binary }}-{{ .Version }}-{{ .Os }}-{{ .Arch }}"
+
+    # Additional files/template/globs we want to add to the archive.
+    files:
+      - LICENSE
+      - README.md
+
+checksum:
+  name_template: 'checksums.txt'
+
+# Change the default artifacts folder
+dist: goreleaser_artifacts
+
+snapshot:
+  name_template: "{{ incpatch .Version }}-next"
+
+changelog:
+  sort: asc
+  use: github-native
+  filters:
+    exclude:
+      - '^docs:'
+      - '^test:'
+      - '^workflow:'
+      - Merge pull request
+      - Merge remote-tracking branch
+
+release:
+  extra_files:
+    - glob: ./installation/aws/VmClarity.cfn