Golang Rewrite 🌟

.dev/docker-compose.yml

@@ -0,0 +1,38 @@
+version: "2.1"
+
+services:
+  dev_mq:
+    image: rabbitmq:3-management
+    hostname: dev_mq
+    container_name: dev_mq
+    healthcheck:
+      test: rabbitmq-diagnostics -q ping
+      interval: 2s
+      timeout: 3s
+      retries: 10
+    ports:
+      - 5672:5672
+      - 15672:15672
+#    volumes:
+#      - "rabbitmq_data:/var/lib/rabbitmq"
+    environment:
+      - ALLOW_ANONYMOUS_LOGIN=yes
+  app_dev:
+    image: golang:1.18-alpine
+    container_name: app_dev
+    volumes:
+      - $PWD:/app
+    entrypoint: ["tail", "-f", "/dev/null"]
+  db_dev:
+    image: postgres:12-alpine
+    container_name: db_dev
+    volumes:
+      - db_dev:/var/lib/postgresql/data
+    ports:
+      - "5432:5432"
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: example
+
+volumes:
+  db_dev:

.github/ISSUE_TEMPLATE/bug.yml

@@ -0,0 +1,74 @@
+name: Bug Report
+description: Report a bug in S3Scanner
+labels:
+  - "bug"
+  - "triage"
+body:
+  - type: checkboxes
+    attributes:
+      label: Existing Issues
+      description: Please search the existing issues before creating a new one
+      options:
+        - label: I've searched the [current issues](https://github.com/sa7mon/S3Scanner/issues)
+          required: true
+
+  - type: input
+    attributes:
+      label: Command
+      description: Paste the command you ran that produced the issue.
+      placeholder: s3scanner -bucket b123
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Observed behavior (what happened?)
+      description: Please provide a brief description of the bug in 1-2 sentences.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Expected behaviour
+      description: Please describe precisely what you'd expect to happen. Be specific.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Debug output
+      description: Please re-run your command with the `--verbose` flag and paste the results here
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: OS Info
+      description: Operating system version
+      placeholder: |
+        Windows 11 Pro
+        Ubuntu 22.04 LTS
+    validations:
+      required: false
+
+  - type: textarea
+    attributes:
+      label: Config file
+      description: If you are using any flags that require use of config file (`-provider custom`, `-db`, `-mq`, etc), please paste the contents of your config file here.
+      placeholder: |
+        db:
+          uri: "postgresql://user:pass@db:5432/postgres"
+        providers:
+          custom:
+            insecure: false
+            endpoint_format: "https://$REGION.myprovider.com"
+            regions:
+              - "us-east-1"
+            address_style: "path"
+    validations:
+      required: false
+
+  - type: textarea
+    attributes:
+      label: Additional info
+      description: Please provide any additional information that seem useful.

.github/workflows/docker-publish.yml

@@ -0,0 +1,87 @@
+name: Docker
+
+on:
+  release:
+    types: [published]
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Install the cosign tool except on PR
+      # https://github.com/sigstore/cosign-installer
+      - name: Install cosign
+        if: github.event_name != 'pull_request'
+        uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0
+        with:
+          cosign-release: 'v1.13.1'
+
+
+      # Workaround: https://github.com/docker/build-push-action/issues/461
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          file: packaging/docker/Dockerfile
+          build-args: |
+            VERSION=${{ github.event.release.tag_name }}
+
+      # Sign the resulting Docker image digest except on PRs.
+      # This will only write to the public Rekor transparency log when the Docker
+      # repository is public to avoid leaking data.  If you would like to publish
+      # transparency data even for private images, pass --force to cosign below.
+      # https://github.com/sigstore/cosign
+      - name: Sign the published Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          COSIGN_EXPERIMENTAL: "true"
+        # This step uses the identity token to provision an ephemeral certificate
+        # against the sigstore community Fulcio instance.
+        run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}

.github/workflows/golangci-lint.yml

@@ -0,0 +1,55 @@
+name: golangci-lint
+on:
+#  push:
+#    branches:
+#      - master
+#      - main
+  pull_request:
+
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.20'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # Require: The version of golangci-lint to use.
+          # When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
+          # When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
+          version: v1.53
+
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          #
+          # Note: By default, the `.golangci.yml` file should be at the root of the repository.
+          # The location of the configuration file can be changed by using `--config=`
+          # args: --timeout=30m --config=/my/path/.golangci.yml --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
+
+          # Optional: if set to true, then all caching functionality will be completely disabled,
+          #           takes precedence over all other caching options.
+          # skip-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/go/pkg.
+          # skip-pkg-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/.cache/go-build.
+          # skip-build-cache: true
+
+          # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'.
+          # install-mode: "goinstall"

.github/workflows/pr_test-coverage.yml

@@ -0,0 +1,54 @@
+name: Test Coverage
+
+on: [ pull_request ]
+
+jobs:
+  pr-test:
+    if: ${{ github.event_name }} == 'pull_request'
+    permissions:
+      pull-requests: write
+      contents: read
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:12-alpine
+        env:
+          POSTGRES_PASSWORD: example
+          options: >-
+            --health-cmd pg_isready
+            --health-interval 10s
+            --health-timeout 5s
+            --health-retries 5
+        ports:
+          - "5432:5432"
+      mq:
+        image: rabbitmq:3-management
+        ports:
+          - 5672:5672
+          - 15672:15672
+        env:
+          ALLOW_ANONYMOUS_LOGIN: "yes"
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.18'
+      - name: Test
+        run: TEST_DB=1 TEST_MQ=1 go test ./... -coverprofile=cover.out
+      - name: Install dependencies
+        run: go install github.com/axw/gocov/gocov@v1.1.0 && go install github.com/AlekSi/gocov-xml@v1.1.0
+      - run: gocov convert cover.out | gocov-xml > coverage.xml
+      - name: Code Coverage Summary
+        uses: irongut/CodeCoverageSummary@v1.3.0
+        with:
+          filename: coverage.xml
+          badge: true
+          format: markdown
+          output: both
+      - name: Add Coverage PR Comment
+        uses: marocchino/sticky-pull-request-comment@v2.6.2
+        with:
+          recreate: true
+          path: code-coverage-results.md
+          number: ${{ github.event.number }}

.github/workflows/pr_test-matrix.yml

@@ -0,0 +1,56 @@
+name: Unit & Integration Tests
+
+on: [ pull_request ]
+
+jobs:
+  linux-matrix:
+    strategy:
+      matrix:
+        go: [ 1.18, 1.19, "1.20" ]
+        os: [ubuntu-latest]
+    runs-on: ${{ matrix.os }}
+    services:
+      postgres:
+        image: postgres:12-alpine
+        env:
+          POSTGRES_PASSWORD: example
+          options: >-
+            --health-cmd pg_isready
+            --health-interval 10s
+            --health-timeout 5s
+            --health-retries 5
+        ports:
+          - "5432:5432"
+      mq:
+        image: rabbitmq:3-management
+        ports:
+          - 5672:5672
+          - 15672:15672
+        env:
+          ALLOW_ANONYMOUS_LOGIN: "yes"
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.go }}
+      - name: Test
+        run: TEST_DB=1 TEST_MQ=1 go test ./...
+      - name: Build
+        run: go build -v ./...
+  windows-matrix:
+    strategy:
+      matrix:
+        go: [ 1.18, 1.19, "1.20" ]
+        os: [ windows-latest ]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.go }}
+      - name: Test
+        run: go test ./...
+      - name: Build
+        run: go build -v ./...