updated automation, readme (#69)

.codecov.yml

@@ -0,0 +1,11 @@
+coverage:
+  range: 50..80
+  round: down
+  precision: 2
+
+ignore:
+  - "*_test.go"
+  - "vendor"
+
+fixes:
+  - "github.com/xmidt-org/bascule/::"

.github/workflows/push.yml

@@ -0,0 +1,84 @@
+name: CI
+
+on:
+  create:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  test:
+    name: Unit Tests
+    runs-on: [ ubuntu-latest ]
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v2
+
+      # Setup Go
+      - name: Setup Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: '1.15.x' # The Go version to download (if necessary) and use.
+
+      # Run build of the application
+      - name: Run build
+        run: go build ./...
+
+      # Run gofmt on the code
+      - name: Run gofmt
+        run: gofmt -d
+
+      # Run testing on the code
+      - name: Run testing
+        run: |
+          go test -v -race -coverprofile=coverage.txt ./...
+          go test -race -json ./... > report.json
+          curl -s https://codecov.io/bash | bash
+          echo "codecov done"
+
+  lint:
+    strategy:
+      matrix:
+        go-version: [ 1.15.x ]
+        os: [ ubuntu-latest ]
+    name: Lint
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2
+        with:
+          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
+          version: v1.33
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          # args: -v
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          only-new-issues: true
+
+  goreportcard:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+    steps:
+      - name: Go report card
+        uses: creekorful/goreportcard-action@v1.0
+
+  sonarcloud:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          # Disabling shallow clone is recommended for improving relevancy of reporting
+          fetch-depth: 0
+      - name: SonarCloud Scan
+        uses: sonarsource/sonarcloud-github-action@master
+        with:
+          args: >
+            -Dproject.settings=./.sonar-project.properties
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/release.yml

@@ -0,0 +1,34 @@
+name: release
+
+on:
+  push:
+    tags:
+      # Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta
+      - 'v[0-9]+.[0-9]+.[0-9]+*'
+
+jobs:
+  release:
+    runs-on: [ ubuntu-latest ]
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Prepare Release Body
+        id: prep
+        run: |
+          export VERSION=${GITHUB_REF#refs/tags/}
+          export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1\n" if /.*## \[${VERSION}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s')
+          export TODAY=`date +'%m/%d/%Y'`
+          echo ::set-output name=rname::$(echo ${VERSION} ${TODAY})
+          echo ::set-output name=body::${NOTES}
+      - name: create release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        with:
+          tag_name: ${{ github.ref }}
+          draft: false
+          prerelease: false
+          release_name: ${{ steps.prep.outputs.rname }}
+          body: ${{ steps.prep.outputs.body }}

.github/workflows/tag.yml

@@ -0,0 +1,28 @@
+name: tag
+
+on:
+  push:
+    paths:
+      - "CHANGELOG.md" # only try to tag if the CHANGELOG has been updated.
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: [ ubuntu-latest ]
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          token: '${{ secrets.PERSONAL_ACCESS_TOKEN }}'
+          fetch-depth: 0
+      - name: set up bot
+        run: |
+          git config --global user.name "xmidt-bot"
+          git config --global user.email "$BOT_EMAIL"
+      - name: export variables and tag commit
+        run: |
+          export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1)
+          export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s')
+          export TODAY=`date +'%m/%d/%Y'`
+          export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s')
+          if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi

.golangci.yaml

@@ -0,0 +1,19 @@
+---
+linters-settings:
+  misspell:
+    locale: US
+
+linters:
+  enable:
+    - bodyclose
+    - dupl
+    - errorlint
+    - funlen
+    - goconst
+    - gosec
+    - misspell
+    - unconvert
+    - prealloc
+  disable:
+    - errcheck
+    - ineffassign

.sonar-project.properties

@@ -6,6 +6,7 @@
 #   Standard properties
 # =====================================================
 
+sonar.organization=xmidt-org
 sonar.projectKey=xmidt-org_bascule
 sonar.projectName=bascule
 
@@ -21,7 +22,7 @@ sonar.test.exclusions=**/vendor/**
 # =====================================================
 
 sonar.links.homepage=https://github.com/xmidt-org/bascule
-sonar.links.ci=https://travis-ci.org/xmidt-org/bascule
+sonar.links.ci=https://github.com/xmidt-org/bascule/actions
 sonar.links.scm=https://github.com/xmidt-org/bascule
 sonar.links.issue=https://github.com/xmidt-org/bascule/issues
 

.whitesource

@@ -0,0 +1,12 @@
+{
+  "scanSettings": {
+    "baseBranches": []
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff"
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW"
+  }
+}

README.md

@@ -2,14 +2,12 @@
 
 The library for authorization: both acquiring and validating.
 
-[![Build Status](https://travis-ci.com/xmidt-org/bascule.svg?branch=main)](https://travis-ci.com/xmidt-org/bascule)
+[![Build Status](https://github.com/xmidt-org/bascule/workflows/CI/badge.svg)](https://github.com/xmidt-org/bascule/actions)
 [![codecov.io](http://codecov.io/github/xmidt-org/bascule/coverage.svg?branch=main)](http://codecov.io/github/xmidt-org/bascule?branch=main)
-[![Code Climate](https://codeclimate.com/github/xmidt-org/bascule/badges/gpa.svg)](https://codeclimate.com/github/xmidt-org/bascule)
-[![Issue Count](https://codeclimate.com/github/xmidt-org/bascule/badges/issue_count.svg)](https://codeclimate.com/github/xmidt-org/bascule)
 [![Go Report Card](https://goreportcard.com/badge/github.com/xmidt-org/bascule)](https://goreportcard.com/report/github.com/xmidt-org/bascule)
 [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/xmidt-org/bascule/blob/main/LICENSE)
 [![GitHub release](https://img.shields.io/github/release/xmidt-org/bascule.svg)](CHANGELOG.md)
-[![GoDoc](https://godoc.org/github.com/xmidt-org/bascule?status.svg)](https://godoc.org/github.com/xmidt-org/bascule)
+[![PkgGoDev](https://pkg.go.dev/badge/github.com/xmidt-org/bascule)](https://pkg.go.dev/github.com/xmidt-org/bascule)
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=xmidt-org_arrange&metric=alert_status)](https://sonarcloud.io/dashboard?id=xmidt-org_bascule)
 
 ## Summary