From 1a56ceff08dceb65d80f8fb357508bd395bb8d5c Mon Sep 17 00:00:00 2001 From: Ian Cardoso Date: Thu, 18 Nov 2021 12:57:42 -0300 Subject: [PATCH] release: chore - add new release process using magefiles Signed-off-by: Ian Cardoso --- .github/workflows/alpha.yml | 184 +++++++++-------------------- .github/workflows/release-beta.yml | 102 ++++++++++++++++ .github/workflows/release-new.yml | 104 ++++++++++++++++ .github/workflows/release-rc.yml | 103 ++++++++++++++++ .github/workflows/release-test.yml | 52 ++++++++ e2e/commands/start/start_test.go | 6 +- go.mod | 13 +- go.sum | 47 +++++--- goreleaser.yml | 80 ++++++++----- mage.go | 24 ++++ magefile.go | 42 +++++++ 11 files changed, 571 insertions(+), 186 deletions(-) create mode 100644 .github/workflows/release-beta.yml create mode 100644 .github/workflows/release-new.yml create mode 100644 .github/workflows/release-rc.yml create mode 100644 .github/workflows/release-test.yml create mode 100644 mage.go create mode 100644 magefile.go diff --git a/.github/workflows/alpha.yml b/.github/workflows/alpha.yml index bef1e3d38..e4a88e7c3 100644 --- a/.github/workflows/alpha.yml +++ b/.github/workflows/alpha.yml @@ -11,15 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -name: Alpha - +name: alpha on: push: branches: - main permissions: read-all - jobs: Alpha: permissions: @@ -28,38 +25,55 @@ jobs: runs-on: ubuntu-latest env: COSIGN_KEY_LOCATION: /tmp/cosign.key + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + steps: - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 - - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.17 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Docker Login uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 - name: Cosign Installer uses: sigstore/cosign-installer@main with: cosign-release: 'v1.2.0' + - name: Install Mage + run: go install github.com/magefile/mage@v1.11 + + - name: Get current date + id: date + run: mage -v getCurrentDate + + - name: Git config + run: mage -v defaultGitConfig + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + - name: Install cosign private key - run: 'echo "$COSIGN_KEY" > $COSIGN_KEY_LOCATION' - shell: bash + run: mage -v writeCosignKeyToFile env: COSIGN_KEY: ${{secrets.COSIGN_KEY}} @@ -69,18 +83,16 @@ jobs: push: true context: . file: ./deployments/Dockerfile - tags: horuszup/horusec-cli:alpha + tags: osodracnai/horusec-cli:alpha platforms: linux/amd64,linux/arm64 - name: Sign image run: | - cosign sign -key $COSIGN_KEY_LOCATION horuszup/horusec-cli:alpha + cosign sign -key $COSIGN_KEY_LOCATION osodracnai/horusec-cli:alpha env: COSIGN_PASSWORD: ${{ secrets.COSIGN_PWD }} - - - name: Get current date - id: date - run: echo "::set-output name=date::$(date "+%a %b %d %H:%M:%S %Y")" + - name: Create local tag + run: mage -v createAlphaTag - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2 @@ -89,103 +101,11 @@ jobs: version: latest args: release --snapshot --skip-publish env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} COSIGN_PWD: ${{ secrets.COSIGN_PWD }} GORELEASER_CURRENT_TAG: v0.0.0-alpha CURRENT_DATE: ${{ steps.date.outputs.date }} CLI_VERSION: alpha - - - name: Build stand alone cli - run: | - CGO_ENABLED=0 GOOS=linux GOARCH=386 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_linux_x86_stand_alone ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_linux_x86_stand_alone.sig ./tmp/horusec_linux_x86_stand_alone - - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_linux_amd64_stand_alone ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_linux_amd64_stand_alone.sig ./tmp/horusec_linux_amd64_stand_alone - - CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_linux_arm64_stand_alone ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_linux_arm64_stand_alone.sig ./tmp/horusec_linux_arm64_stand_alone - - CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_win_x86_stand_alone.exe ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_win_x86_stand_alone.exe.sig ./tmp/horusec_win_x86_stand_alone.exe - - CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_win_amd64_stand_alone.exe ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_win_amd64_stand_alone.exe.sig ./tmp/horusec_win_amd64_stand_alone.exe - - CGO_ENABLED=0 GOOS=windows GOARCH=arm64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_win_arm64_stand_alone.exe ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_win_arm64_stand_alone.exe.sig ./tmp/horusec_win_arm64_stand_alone.exe - - CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_mac_amd64_stand_alone ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_mac_amd64_stand_alone.sig ./tmp/horusec_mac_amd64_stand_alone - - CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -ldflags \ - "-X 'github.com/ZupIT/horusec/config/dist.standAlone=true' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Version=alpha' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit=${{ github.sha }}' \ - -X 'github.com/ZupIT/horusec/cmd/app/version.Date=${{ steps.date.outputs.date }}'" \ - -o ./tmp/horusec_mac_arm64_stand_alone ./cmd/app/main.go - - cosign sign-blob -key=$COSIGN_KEY_LOCATION \ - -output=./tmp/horusec_mac_arm64_stand_alone.sig ./tmp/horusec_mac_arm64_stand_alone - env: - COSIGN_PASSWORD: ${{ secrets.COSIGN_PWD }} - - - name: Delete outdate release - uses: dev-drprasad/delete-tag-and-release@v0.2.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - delete_release: true - tag_name: alpha - - name: Update alpha release uses: meeDamian/github-release@2.0 with: @@ -217,23 +137,27 @@ jobs: horusec_win_arm64.exe.sig:./dist/horusec_windows_arm64/horusec.exe.sig horusec_mac_arm64:./dist/horusec_darwin_arm64/horusec horusec_mac_arm64.sig:./dist/horusec_darwin_arm64/horusec.sig - horusec_linux_x86_stand_alone:./tmp/horusec_linux_x86_stand_alone - horusec_linux_x86_stand_alone.sig:./tmp/horusec_linux_x86_stand_alone.sig - horusec_linux_amd64_stand_alone:./tmp/horusec_linux_amd64_stand_alone - horusec_linux_amd64_stand_alone.sig:./tmp/horusec_linux_amd64_stand_alone.sig - horusec_win_x86_stand_alone.exe:./tmp/horusec_win_x86_stand_alone.exe - horusec_win_x86_stand_alone.exe.sig:./tmp/horusec_win_x86_stand_alone.exe.sig - horusec_win_amd64_stand_alone.exe:./tmp/horusec_win_amd64_stand_alone.exe - horusec_win_amd64_stand_alone.exe.sig:./tmp/horusec_win_amd64_stand_alone.exe.sig - horusec_mac_amd64_stand_alone:./tmp/horusec_mac_amd64_stand_alone - horusec_mac_amd64_stand_alone.sig:./tmp/horusec_mac_amd64_stand_alone.sig - horusec_linux_arm64_stand_alone:./tmp/horusec_linux_arm64_stand_alone - horusec_linux_arm64_stand_alone.sig:./tmp/horusec_linux_arm64_stand_alone.sig - horusec_win_arm64_stand_alone.exe:./tmp/horusec_win_arm64_stand_alone.exe - horusec_win_arm64_stand_alone.exe.sig:./tmp/horusec_win_arm64_stand_alone.exe.sig - horusec_mac_arm64_stand_alone:./tmp/horusec_mac_arm64_stand_alone - horusec_mac_arm64_stand_alone.sig:./tmp/horusec_mac_arm64_stand_alone.sig + + + horusec_linux_amd64_stand_alone:./dist/horusec-standalone_linux_amd64/horusec + horusec_linux_amd64_stand_alone.sig:./dist/horusec-standalone_linux_amd64/horusec.sig + horusec_linux_x86_stand_alone:./dist/horusec-standalone_linux_386/horusec + horusec_linux_x86_stand_alone.sig:./dist/horusec-standalone_linux_386/horusec.sig + horusec_mac_amd64_stand_alone:./dist/horusec-standalone_darwin_amd64/horusec + horusec_mac_amd64_stand_alone.sig:./dist/horusec-standalone_darwin_amd64/horusec.sig + horusec_win_amd64_stand_alone.exe:./dist/horusec-standalone_windows_amd64/horusec.exe + horusec_win_amd64_stand_alone.exe.sig:./dist/horusec-standalone_windows_amd64/horusec.exe.sig + horusec_win_x86.exe_stand_alone:./dist/horusec-standalone_windows_386/horusec.exe + horusec_win_x86.exe_stand_alone.sig:./dist/horusec-standalone_windows_386/horusec.exe.sig + horusec_linux_arm64_stand_alone:./dist/horusec-standalone_linux_arm64/horusec + horusec_linux_arm64_stand_alone.sig:./dist/horusec-standalone_linux_arm64/horusec.sig + horusec_win_arm64_stand_alone.exe:./dist/horusec-standalone_windows_arm64/horusec.exe +# horusec_win_arm64_stand_alone.exe.sig:./dist/horusec-standalone_windows_arm64/horusec.exe.sig + horusec_mac_arm64_stand_alone:./dist/horusec-standalone_darwin_arm64/horusec + horusec_mac_arm64_stand_alone.sig:./dist/horusec-standalone_darwin_arm64/horusec.sig + body: | ## Docker images - - - `docker pull horuszup/horusec-cli:alpha` + - `docker pull osodracnai/horusec-cli:alpha` + - name: Push updates + run: mage -v gitPushAlpha \ No newline at end of file diff --git a/.github/workflows/release-beta.yml b/.github/workflows/release-beta.yml new file mode 100644 index 000000000..b42607aef --- /dev/null +++ b/.github/workflows/release-beta.yml @@ -0,0 +1,102 @@ +# Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: release-beta +on: + workflow_dispatch: + inputs: + releaseType: + description: 'Release type: Major; Minor; Patch' + required: true +permissions: read-all +jobs: + Beta: + permissions: + contents: write + packages: write + runs-on: ubuntu-latest + env: + COSIGN_KEY_LOCATION: /tmp/cosign.key + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.17 + + - name: Docker Login + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Cosign Installer + uses: sigstore/cosign-installer@main + with: + cosign-release: 'v1.2.0' + + - name: Install Mage + run: go install github.com/magefile/mage@v1.11 + + - name: Get current date + id: date + run: mage -v getCurrentDate + + - name: Git config + run: mage -v defaultGitConfig + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Install cosign private key + run: mage -v writeCosignKeyToFile + env: + COSIGN_KEY: ${{secrets.COSIGN_KEY}} + + - name: Version increment + id: updated-version + run: | + mage -v upVersions ${{ github.event.inputs.releaseType }} + env: + HORUSEC_REPOSITORY_ORG: ${{ github.repository_owner }} + HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }} + - name: Checkout release branch + run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }} + + - name: Create local tag + run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextBetaVersion }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextBetaVersion }} + CURRENT_DATE: ${{ steps.date.outputs.date }} + CLI_VERSION: ${{ steps.updated-version.outputs.nextBetaVersion }} + + - name: Push updates + run: mage -v gitPushAll \ No newline at end of file diff --git a/.github/workflows/release-new.yml b/.github/workflows/release-new.yml new file mode 100644 index 000000000..febdc24ff --- /dev/null +++ b/.github/workflows/release-new.yml @@ -0,0 +1,104 @@ +# Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: release-new +on: + workflow_dispatch: + inputs: + releaseType: + description: 'Release type: Major; Minor; Patch' + required: true +permissions: read-all +jobs: + NewRelease: + permissions: + contents: write + packages: write + runs-on: ubuntu-latest + env: + COSIGN_KEY_LOCATION: /tmp/cosign.key + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + + + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.17 + + - name: Docker Login + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Cosign Installer + uses: sigstore/cosign-installer@main + with: + cosign-release: 'v1.2.0' + + - name: Install Mage + run: go install github.com/magefile/mage@v1.11 + + - name: Get current date + id: date + run: mage -v getCurrentDate + + - name: Git config + run: mage -v defaultGitConfig + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Install cosign private key + run: mage -v writeCosignKeyToFile + env: + COSIGN_KEY: ${{secrets.COSIGN_KEY}} + + - name: Version increment + id: updated-version + run: | + mage -v upVersions ${{ github.event.inputs.releaseType }} + env: + HORUSEC_REPOSITORY_ORG: ${{ github.repository_owner }} + HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }} + + - name: Checkout release candidate branch + run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }} + + - name: Create local tag + run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextReleaseVersion }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextReleaseVersion }} + CURRENT_DATE: ${{ steps.date.outputs.date }} + CLI_VERSION: ${{ steps.updated-version.outputs.nextReleaseVersion }} + + - name: Push updates + run: mage -v gitPushAll \ No newline at end of file diff --git a/.github/workflows/release-rc.yml b/.github/workflows/release-rc.yml new file mode 100644 index 000000000..a872f2795 --- /dev/null +++ b/.github/workflows/release-rc.yml @@ -0,0 +1,103 @@ +# Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: release-rc +on: + workflow_dispatch: + inputs: + releaseType: + description: 'Release type: Major; Minor; Patch' + required: true +permissions: read-all +jobs: + Rc: + permissions: + contents: write + packages: write + runs-on: ubuntu-latest + env: + COSIGN_KEY_LOCATION: /tmp/cosign.key + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + + + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.17 + + - name: Docker Login + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Cosign Installer + uses: sigstore/cosign-installer@main + with: + cosign-release: 'v1.2.0' + + - name: Install Mage + run: go install github.com/magefile/mage@v1.11 + + - name: Get current date + id: date + run: mage -v getCurrentDate + + - name: Git config + run: mage -v defaultGitConfig + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Install cosign private key + run: mage -v writeCosignKeyToFile + env: + COSIGN_KEY: ${{secrets.COSIGN_KEY}} + + - name: Version increment + id: updated-version + run: | + mage -v upVersions ${{ github.event.inputs.releaseType }} + env: + HORUSEC_REPOSITORY_ORG: ${{ github.repository_owner }} + HORUSEC_REPOSITORY_NAME: ${{ github.event.repository.name }} + - name: Checkout release branch + run: mage -v checkoutReleaseBranch ${{ steps.updated-version.outputs.nextReleaseBranchName }} + + - name: Create local tag + run: mage -v createLocalTag ${{ steps.updated-version.outputs.nextRCVersion }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 + with: + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + GORELEASER_CURRENT_TAG: ${{ steps.updated-version.outputs.nextRCVersion }} + CURRENT_DATE: ${{ steps.date.outputs.date }} + CLI_VERSION: ${{ steps.updated-version.outputs.nextRCVersion }} + + - name: Push updates + run: mage -v gitPushAll \ No newline at end of file diff --git a/.github/workflows/release-test.yml b/.github/workflows/release-test.yml new file mode 100644 index 000000000..e27a6487b --- /dev/null +++ b/.github/workflows/release-test.yml @@ -0,0 +1,52 @@ +# Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: potato +on: + push: +permissions: read-all +jobs: + Rc: + permissions: + contents: write + packages: write + runs-on: ubuntu-latest + env: + COSIGN_KEY_LOCATION: /tmp/cosign.key + COSIGN_PWD: ${{ secrets.COSIGN_PWD }} + + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.17 + - name: Install Mage + run: go install github.com/magefile/mage@v1.11 + - name: Set the value + id: step_one + run: | + echo "action_state=yellow" >> $GITHUB_ENV + - name: Use the value + id: step_two + run: | + echo "${{ env.action_state }}" # This will output 'yellow' + - name: Set the value + id: set_potato + run: | + mage -v setPotatoVariable + - name: Use the value + id: use_potato + run: | + echo "${{ env.potato }}" # This will output 'fried_potato' \ No newline at end of file diff --git a/e2e/commands/start/start_test.go b/e2e/commands/start/start_test.go index beea02cec..cc550f898 100644 --- a/e2e/commands/start/start_test.go +++ b/e2e/commands/start/start_test.go @@ -237,8 +237,8 @@ var _ = Describe("running binary Horusec with start parameter", func() { When("--return-error is passed", func() { BeforeEach(func() { flags = map[string]string{ - testutil.StartFlagProjectPath: projectPath, - testutil.StartFlagReturnError: "true", + testutil.StartFlagProjectPath: projectPath, + testutil.StartFlagReturnError: "true", } }) @@ -287,7 +287,7 @@ var _ = Describe("running binary Horusec with start parameter", func() { BeforeEach(func() { flags = map[string]string{ - testutil.StartFlagProjectPath: projectPath, + testutil.StartFlagProjectPath: projectPath, testutil.StartFlagRepositoryName: repositoryName, } }) diff --git a/go.mod b/go.mod index 0181a8429..76cb7fc22 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/ZupIT/horusec go 1.17 require ( - github.com/ZupIT/horusec-devkit v1.0.19 + github.com/ZupIT/horusec-devkit v1.0.20-0.20211122200334-936f43cae044 github.com/ZupIT/horusec-engine v0.3.6 github.com/bmatcuk/doublestar/v4 v4.0.2 github.com/briandowns/spinner v1.16.0 @@ -14,6 +14,7 @@ require ( github.com/golang/mock v1.6.0 github.com/google/uuid v1.3.0 github.com/iancoleman/strcase v0.2.0 + github.com/magefile/mage v1.11.0 github.com/manifoldco/promptui v0.9.0 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.17.0 @@ -40,8 +41,8 @@ require ( github.com/go-enry/go-oniguruma v1.2.1 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/google/addlicense v1.0.0 // indirect - github.com/gorilla/mux v1.8.0 // indirect + github.com/google/go-github/v40 v40.0.0 // indirect + github.com/google/go-querystring v1.1.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.0.0 // indirect github.com/magiconair/properties v1.8.5 // indirect @@ -61,16 +62,12 @@ require ( github.com/stretchr/objx v0.3.0 // indirect github.com/subosito/gotenv v1.2.0 // indirect golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect - golang.org/x/mod v0.5.1 // indirect golang.org/x/net v0.0.0-20211011170408-caeb26a5c8c0 // indirect - golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect golang.org/x/sys v0.0.0-20211020174200-9d6173849985 // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect - golang.org/x/tools v0.1.7 // indirect - golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/genproto v0.0.0-20211013025323-ce878158c4d4 // indirect - google.golang.org/grpc v1.41.0 // indirect + google.golang.org/grpc v1.42.0 // indirect google.golang.org/protobuf v1.27.1 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/ini.v1 v1.63.2 // indirect diff --git a/go.sum b/go.sum index a3deca2ca..99b7c6e5e 100644 --- a/go.sum +++ b/go.sum @@ -92,8 +92,12 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/ZupIT/horusec-devkit v1.0.17/go.mod h1:wTsXrXTD1YrChTQEng8EvVg+zL9nMUIQkhUG85sQwuQ= -github.com/ZupIT/horusec-devkit v1.0.19 h1:eQNzst0a91YkAzSWy+1A/brBR9Lon2dMmzs0vZ3dUzQ= -github.com/ZupIT/horusec-devkit v1.0.19/go.mod h1:8rEUFNoFOGeAIG1unUfaF5qP6agHPnf9WsMtGfQR/iU= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211118133831-9063ae50b89c h1:Krn51voysXy+0e7STbYJvq0CwDXY4nTKaIOEV11eOJU= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211118133831-9063ae50b89c/go.mod h1:OyD/c5VGmmIxZamErINJJZ3ZFVFQJKRnh6/5a69n1J4= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211122180314-509fda32e382 h1:kl8cJAKBrecJUzQiMIHFheAbpUPvUs4UnJTzzh73M08= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211122180314-509fda32e382/go.mod h1:OyD/c5VGmmIxZamErINJJZ3ZFVFQJKRnh6/5a69n1J4= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211122200334-936f43cae044 h1:8tuEnDTBVJYiBk0d5oypfC92vJ+1sdHeSxIZbmgosyw= +github.com/ZupIT/horusec-devkit v1.0.20-0.20211122200334-936f43cae044/go.mod h1:OyD/c5VGmmIxZamErINJJZ3ZFVFQJKRnh6/5a69n1J4= github.com/ZupIT/horusec-engine v0.3.6 h1:m/kL9K8+OVAaYjagoDmNFFDEA3BnyJbcx0DfNYGyaDM= github.com/ZupIT/horusec-engine v0.3.6/go.mod h1:s3SZQ9gXXlEcIagEuopZJga+Dw6RBFWMD7Rh5A+tIys= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= @@ -142,6 +146,7 @@ github.com/briandowns/spinner v1.16.0 h1:DFmp6hEaIx2QXXuqSJmtfSBSAjRmpGiKG6ip2Wm github.com/briandowns/spinner v1.16.0/go.mod h1:QOuQk7x+EaDASo80FEXwlwiA+j/PPIcX3FScO+3/ZPQ= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= @@ -169,8 +174,11 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= @@ -361,9 +369,11 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= @@ -446,8 +456,6 @@ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/google/addlicense v1.0.0 h1:cqvo5suPWlsk6r6o42Fs2K66xYCl2tnhVPUYoP3EnO4= -github.com/google/addlicense v1.0.0/go.mod h1:Sm/DHu7Jk+T5miFHHehdIjbi4M5+dJDRS3Cq0rncIxA= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -463,6 +471,13 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-github/v37 v37.0.0 h1:rCspN8/6kB1BAJWZfuafvHhyfIo5fkAulaP/3bOQ/tM= +github.com/google/go-github/v37 v37.0.0/go.mod h1:LM7in3NmXDrX58GbEHy7FtNLbI2JijX93RnMKvWG3m4= +github.com/google/go-github/v40 v40.0.0 h1:oBPVDaIhdUmwDWRRH8XJ/dZG+Rn755i08+Hp1uJHlR0= +github.com/google/go-github/v40 v40.0.0/go.mod h1:G8wWKTEjUCL0zdbaQvpwDk0hqf6KZgPQH+ssJa+/NVc= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= +github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= +github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= @@ -663,6 +678,8 @@ github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= +github.com/magefile/mage v1.11.0 h1:C/55Ywp9BpgVVclD3lRnSYCwXTYxmSppIgLeDYlNuls= +github.com/magefile/mage v1.11.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls= @@ -701,6 +718,8 @@ github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182aff github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/migueleliasweb/go-github-mock v0.0.5 h1:oCUwIPIknszT0DkjGT3VfILe1FgUDaNgEnj4w8mTZZA= +github.com/migueleliasweb/go-github-mock v0.0.5/go.mod h1:gTpcHVcrBxK35OOQP3aGrgQypxvEoFTvtR0VGaEs2VM= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= @@ -965,6 +984,7 @@ github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69 github.com/swaggo/files v0.0.0-20190704085106-630677cd5c14/go.mod h1:gxQT6pBGRuIGunNf/+tSOB5OHvguWi8Tbt82WOkf35E= github.com/swaggo/files v0.0.0-20210815190702-a29dd2bc99b2/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= github.com/swaggo/http-swagger v1.1.1/go.mod h1:cKIcshBU9yEAnfWv6ZzVKSsEf8h5ozxB8/zHQWyOQ/8= +github.com/swaggo/http-swagger v1.1.2/go.mod h1:mX5nhypDmoSt4iw2mc5aKXxRFvp1CLLcCiog2B9M+Ro= github.com/swaggo/swag v1.7.0/go.mod h1:BdPIL73gvS9NBsdi7M1JOxLvlbfvNRaBP8m6WT6Aajo= github.com/swaggo/swag v1.7.3/go.mod h1:zD8h6h4SPv7t3l+4BKdRquqW1ASWjKZgT6Qv9z3kNqI= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= @@ -1096,8 +1116,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.5.1 h1:OJxoQ/rynoF0dcCdI7cLPktw/hR2cueqYfjm43oqK38= -golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1185,7 +1203,6 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1290,10 +1307,6 @@ golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211020174200-9d6173849985 h1:LOlKVhfDyahgmqa97awczplwkjzNaELFg3zRIJ13RYo= golang.org/x/sys v0.0.0-20211020174200-9d6173849985/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211103184734-ae416a5f93c7 h1:wQUOddybiV2Rfc8FX691KCOx5yEoZlfwpBjtKV6huYo= -golang.org/x/sys v0.0.0-20211103184734-ae416a5f93c7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211103235746-7861aae1554b h1:1VkfZQv42XQlA/jchYumAnv1UPo6RgF9rJFkTgZIxO4= -golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1382,8 +1395,6 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.7 h1:6j8CgantCy3yc8JGBqkDLMKWqZ0RDU2g1HVgacojGWQ= -golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1521,8 +1532,8 @@ google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQ google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0 h1:f+PlOh7QV4iIJkPrx5NQ7qaNGFQ3OTse67yaDHfju4E= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= +google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1581,11 +1592,11 @@ gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gorm.io/driver/postgres v1.1.0/go.mod h1:hXQIwafeRjJvUm+OMxcFWyswJ/vevcpPLlGocwAwuqw= -gorm.io/driver/postgres v1.1.2/go.mod h1:/AGV0zvqF3mt9ZtzLzQmXWQ/5vr+1V1TyHZGZVjzmwI= +gorm.io/driver/postgres v1.2.1/go.mod h1:SHRZhu+D0tLOHV5qbxZRUM6kBcf3jp/kxPz2mYMTsNY= gorm.io/gorm v1.21.9/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= gorm.io/gorm v1.21.11/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= -gorm.io/gorm v1.21.15/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= -gorm.io/gorm v1.21.16/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= +gorm.io/gorm v1.22.0/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= +gorm.io/gorm v1.22.2/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= diff --git a/goreleaser.yml b/goreleaser.yml index 2562caeb5..1460edf34 100644 --- a/goreleaser.yml +++ b/goreleaser.yml @@ -13,6 +13,7 @@ # limitations under the License. project_name: horusec + builds: - id: horusec env: [ CGO_ENABLED=0 ] @@ -21,6 +22,24 @@ builds: - -X 'github.com/ZupIT/horusec/cmd/app/version.Version={{ .Env.CLI_VERSION }}' - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit={{ .Commit }}' - -X 'github.com/ZupIT/horusec/cmd/app/version.Date={{ .Env.CURRENT_DATE }}' + - -s -w + goos: + - linux + - windows + - darwin + goarch: + - amd64 + - arm64 + - 386 + - id: horusec-standalone + env: [ CGO_ENABLED=0 ] + main: ./cmd/app/main.go + ldflags: + - -X 'github.com/ZupIT/horusec/cmd/app/version.Version={{ .Env.CLI_VERSION }}' + - -X 'github.com/ZupIT/horusec/cmd/app/version.Commit={{ .Commit }}' + - -X 'github.com/ZupIT/horusec/cmd/app/version.Date={{ .Env.CURRENT_DATE }}' + - -X 'github.com/ZupIT/horusec/config/dist.standAlone=true' + - -s -w goos: - linux - windows @@ -31,6 +50,8 @@ builds: - 386 changelog: skip: true +snapshot: + name_template: '{{ incpatch .Tag }}' archives: - id: horusec builds: @@ -43,32 +64,29 @@ archives: arm64: arm64 darwin: mac windows: win + - id: horusec-standalone + builds: + - horusec-standalone + name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Arch }}_stand_alone" + format: binary + replacements: + amd64: amd64 + 386: x86 + arm64: arm64 + darwin: mac + windows: win checksum: name_template: 'checksums.txt' release: draft: true extra_files: - glob: deployments/cosign.pub - - glob: ./tmp/horusec_linux_x86_stand_alone - - glob: ./tmp/horusec_linux_x86_stand_alone.sig - - glob: ./tmp/horusec_linux_amd64_stand_alone - - glob: ./tmp/horusec_linux_amd64_stand_alone.sig - - glob: ./tmp/horusec_linux_arm64_stand_alone - - glob: ./tmp/horusec_linux_arm64_stand_alone.sig - - glob: ./tmp/horusec_win_x86_stand_alone.exe - - glob: ./tmp/horusec_win_x86_stand_alone.exe.sig - - glob: ./tmp/horusec_win_amd64_stand_alone.exe - - glob: ./tmp/horusec_win_amd64_stand_alone.exe.sig - - glob: ./tmp/horusec_win_arm64_stand_alone.exe - - glob: ./tmp/horusec_win_arm64_stand_alone.exe.sig - - glob: ./tmp/horusec_mac_amd64_stand_alone - - glob: ./tmp/horusec_mac_amd64_stand_alone.sig - - glob: ./tmp/horusec_mac_arm64_stand_alone - - glob: ./tmp/horusec_mac_arm64_stand_alone.sig nfpms: - id: horusec package_name: horusec file_name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Arch }}" + builds: + - horusec replacements: amd64: amd64 386: x86 @@ -99,7 +117,7 @@ docker_signs: stdin: '{{ .Env.COSIGN_PWD }}' dockers: - image_templates: - - 'horuszup/horusec-cli:{{ .Tag }}-amd64' + - 'osodracnai/horusec-cli:{{ .Tag }}-amd64' skip_push: false goos: linux goarch: amd64 @@ -115,7 +133,7 @@ dockers: push_flags: - --tls-verify=false - image_templates: - - 'horuszup/horusec-cli:{{ .Tag }}-arm64' + - 'osodracnai/horusec-cli:{{ .Tag }}-arm64' skip_push: false goos: linux goarch: arm64 @@ -131,15 +149,23 @@ dockers: push_flags: - --tls-verify=false docker_manifests: - - name_template: 'horuszup/horusec-cli:{{ .Tag }}' + + - name_template: 'osodracnai/horusec-cli:{{ .Tag }}' + image_templates: + - 'osodracnai/horusec-cli:{{ .Tag }}-amd64' + - 'osodracnai/horusec-cli:{{ .Tag }}-arm64' + - name_template: 'osodracnai/horusec-cli:latest' image_templates: - - 'horuszup/horusec-cli:{{ .Tag }}-amd64' - - 'horuszup/horusec-cli:{{ .Tag }}-arm64' - - name_template: 'horuszup/horusec-cli:latest' + - 'osodracnai/horusec-cli:{{ .Tag }}-amd64' + - 'osodracnai/horusec-cli:{{ .Tag }}-arm64' + skip_push: auto + - name_template: 'osodracnai/horusec-cli:v{{ .Major }}' image_templates: - - 'horuszup/horusec-cli:{{ .Tag }}-amd64' - - 'horuszup/horusec-cli:{{ .Tag }}-arm64' - - name_template: 'horuszup/horusec-cli:v{{ .Major }}' + - 'osodracnai/horusec-cli:{{ .Tag }}-amd64' + - 'osodracnai/horusec-cli:{{ .Tag }}-arm64' + skip_push: auto + - name_template: 'osodracnai/horusec-cli:v{{ .Major }}{{ .Minor }}' image_templates: - - 'horuszup/horusec-cli:{{ .Tag }}-amd64' - - 'horuszup/horusec-cli:{{ .Tag }}-arm64' + - 'osodracnai/horusec-cli:{{ .Tag }}-amd64' + - 'osodracnai/horusec-cli:{{ .Tag }}-arm64' + skip_push: auto \ No newline at end of file diff --git a/mage.go b/mage.go new file mode 100644 index 000000000..8cc3ccde8 --- /dev/null +++ b/mage.go @@ -0,0 +1,24 @@ +// Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +//go:build ignore + +package main + +import ( + "github.com/magefile/mage/mage" + "os" +) + +func main() { os.Exit(mage.Main()) } diff --git a/magefile.go b/magefile.go new file mode 100644 index 000000000..89a93fa28 --- /dev/null +++ b/magefile.go @@ -0,0 +1,42 @@ +// Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +//go:build mage + +// A comment on the package will be output when you list the targets of a +// magefile. +package main + +import ( + "fmt" + "github.com/magefile/mage/sh" + // mage:import + _ "github.com/ZupIT/horusec-devkit/pkg/utils/mageutils" +) + +// GetCurrentDate execute "echo", `::set-output name=date::$(date "+%a %b %d %H:%M:%S %Y")` +func GetCurrentDate() error { + return sh.RunV("echo", `::set-output name=date::$(date "+%a %b %d %H:%M:%S %Y")`) +} +func SetPotatoVariable() error { + //stdOut := os.Stdout + //_, err := stdOut.WriteString("echo potato=fried_potato >> $GITHUB_ENV") + //if err != nil { + // return err + //} + //exec.Command("echo potato=fried_potato >> $GITHUB_ENV") + println("echo potato=fried_potato >> $GITHUB_ENV ") + fmt.Println("echo potato=fried_potato >> $GITHUB_ENV ") + return sh.Run("echo", "potato=fried_potato", ">>", "$GITHUB_ENV") +}