first commit

.github/auto-merge.yml

@@ -0,0 +1,3 @@
+- match:
+    dependency_type: all
+    update_type: "semver:minor"

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "gomod" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "daily"

.github/workflows/after-merge-dependabot.yml

@@ -0,0 +1,57 @@
+name: after-merge-dependabot
+
+on:
+  pull_request_target:
+    types: [closed]
+
+jobs:
+  check:
+    if: github.event.pull_request.merged && github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    concurrency:
+      group: dependabot-after-merge
+      cancel-in-progress: true
+    steps:
+      - name: Fetch dependabot metadata
+        id: dependabot-metadata
+        uses: dependabot/fetch-metadata@v1.1.1
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - uses: oprypin/find-latest-tag@v1
+        id: octokit
+        with:
+          repository: ${{ github.repository }}
+          prefix: v
+
+      - name: Parse last release
+        id: semver_parser
+        uses: booxmedialtd/ws-action-parse-semver@v1
+        with:
+          input_string: '${{ steps.octokit.outputs.tag }}'
+          version_extractor_regex: 'v(.*)$'
+
+      - name: Compute tag
+        id: compte_tag
+        run: |
+          major=${{ steps.semver_parser.outputs.major }}
+          minor=${{ steps.semver_parser.outputs.minor }}
+          patch=${{ steps.semver_parser.outputs.patch }}
+          if [ "${{ steps.dependabot-metadata.outputs.update-type  }}" == "version-update:semver-minor" ]; then
+            minor=$((minor+1))
+            patch=0
+            echo "::warning::bumping minor version"
+          elif [ "${{ steps.dependabot-metadata.outputs.update-type  }}" == "version-update:semver-patch" ]; then
+            patch=$((patch+1))
+            echo "::warning::bumping patch version"
+          fi
+          tag="v${major}.${minor}.${patch}"
+          echo "::set-output name=tag::${tag}"
+          echo "::warning::tag == ${tag}"
+
+      - name: Create tag
+        uses: tvdias/github-tagger@v0.0.1
+        if: steps.compte_tag.outputs.tag != steps.semver_parser.outputs.fullversion
+        with:
+          repo-token: "${{ secrets.AUTO_MERGE_TOKEN }}"
+          tag: "${{ steps.compte_tag.outputs.tag }}"

.github/workflows/auto-accept-dependabot.yml

@@ -0,0 +1,20 @@
+name: auto-accept-dependabot
+
+on:
+  pull_request_target:
+
+jobs:
+  auto-merge:
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          config: .github/auto-merge.yml
+          command: "squash and merge"
+          github-token: ${{ secrets.AUTO_MERGE_TOKEN }}

.github/workflows/goreleaser.yml

@@ -0,0 +1,61 @@
+name: goreleaser
+
+on:
+  push:
+    # not not consider simplec commit
+    branches:
+      - '!*'
+    # consider only release and pre-release tags
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+      - 'v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: set up go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+
+      - name: cache go modules
+        uses: actions/cache@v1
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: tests modules
+        run: |
+          go mod vendor
+          if [ ! -z "$(git status --porcelain)" ]; then
+            echo "::error::vendor directory if not synched with go.mod, please run go mod vendor"
+            exit 1
+          fi
+
+          go mod tidy
+          if [ ! -z "$(git status --porcelain)" ]; then
+            echo "::error::modules are not tidy, please run go mod tidy"
+            exit 1
+          fi
+
+      - name: tests
+        run: |
+          go test -v ./...
+
+      - name: run goreleaser
+        uses: goreleaser/goreleaser-action@v2
+        if: success() && startsWith(github.ref, 'refs/tags/')
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          USER: github-actions

.github/workflows/unit-tests.yml

@@ -0,0 +1,35 @@
+name: unit-tests
+
+on:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: set up go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+
+      - name: cache go modules
+        uses: actions/cache@v1
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: tests
+        run: |
+          go test -v ./...
+
+      - name: gitleaks
+        uses: zricethezav/gitleaks-action@master
+        with:
+          config-path: /github/workspace/.gitleaks.toml

.gitignore

@@ -0,0 +1 @@
+/varsgen