Skip to content

Commit

Permalink
feat: add the verification command
Browse files Browse the repository at this point in the history
  • Loading branch information
rach-id committed Jun 27, 2024
1 parent e69261f commit 31627cc
Show file tree
Hide file tree
Showing 23 changed files with 2,693 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# CODEOWNERS: https://help.github.com/articles/about-codeowners/

# Everything goes through the following "global owners" by default.
# Unless a later match takes precedence, these three will be
# requested for review when someone opens a PR.
# Note that the last matching pattern takes precedence, so
# global owners are only requested if there isn't a more specific
# codeowner specified below. For this reason, the global codeowners
# are often repeated in package-level definitions.

# global owners
* @rach-id
49 changes: 49 additions & 0 deletions .github/ISSUE_TEMPLATE/bug-report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Bug Report
description: Create a report to help us squash bugs!
title: "<title>"
labels: ["bug"]

body:
- type: markdown
attributes:
value: |
IMPORTANT: Prior to opening a bug report, check if it affects one of the
core modules and if it's eligible for a bug bounty on `SECURITY.md`.
Bugs that are not submitted through the appropriate channels won't
receive any bounty.
- type: textarea
id: summary
attributes:
label: Summary of Bug
description: Concisely describe the issue.
validations:
required: true

- type: textarea
id: version
attributes:
label: Version
description: git commit hash or release version
validations:
required: true

- type: textarea
id: repro
attributes:
label: Steps to Reproduce
description: >
What commands in order should someone run to reproduce your problem?
validations:
required: true

- type: checkboxes
id: admin
attributes:
label: For Admin Use
description: (do not edit)
options:
- label: Not duplicate issue
- label: Appropriate labels applied
- label: Appropriate contributors tagged
- label: Contributor assigned/self-assigned
52 changes: 52 additions & 0 deletions .github/ISSUE_TEMPLATE/feature-request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: Feature Request
description: Create a proposal to request a feature
title: "<title>"
labels: ["enhancement"]

body:
- type: markdown
attributes:
value: |
✰ Thanks for opening an issue! ✰
Before smashing the submit button please fill in the template.
Word of caution: poorly thought-out proposals may be rejected without
deliberation.
- type: textarea
id: summary
attributes:
label: Summary
description: Short, concise description of the proposed feature.
validations:
required: true

- type: textarea
id: problem
attributes:
label: Problem Definition
description: |
Why do we need this feature?
What problems may be addressed by introducing this feature?
What benefits does the SDK stand to gain by including this feature?
Are there any disadvantages of including this feature?
validations:
required: true

- type: textarea
id: proposal
attributes:
label: Proposal
description: Detailed description of requirements of implementation.
validations:
required: true

- type: checkboxes
id: admin
attributes:
label: For Admin Use
description: (do not edit)
options:
- label: Not duplicate issue
- label: Appropriate labels applied
- label: Appropriate contributors tagged
- label: Contributor assigned/self-assigned
26 changes: 26 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
version: 2
updates:
- package-ecosystem: docker
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
reviewers:
- "rach-id"
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
reviewers:
- "rach-id"
- package-ecosystem: gomod
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10
labels:
- automerge
- dependencies
reviewers:
- "rach-id"
108 changes: 108 additions & 0 deletions .github/workflows/ci-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
name: CI and Release

# Run this workflow on push events (i.e. PR merge) to main or release branches,
# push events for new semantic version tags, all PRs, and manual triggers.
on:
push:
branches:
- main
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
pull_request:
workflow_dispatch:
# Inputs the workflow accepts.
inputs:
version:
# Friendly description to be shown in the UI instead of 'name'
description: "Semver type of new version (major / minor / patch)"
# Input has to be provided for the workflow to run
required: true
type: choice
options:
- patch
- minor
- major

jobs:
lint:
uses: ./.github/workflows/lint.yml

test:
uses: ./.github/workflows/test.yml

goreleaser-check:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- uses: goreleaser/[email protected]
with:
version: latest
args: check

# branch_name trims ref/heads/ from github.ref to access a clean branch name
branch_name:
runs-on: ubuntu-latest
outputs:
branch: ${{ steps.trim_ref.outputs.branch }}
steps:
- name: Trim branch name
id: trim_ref
run: |
echo "branch=$(${${{ github.ref }}:11})" >> $GITHUB_OUTPUT
# If this was a workflow dispatch event, we need to generate and push a tag
# for goreleaser to grab
version_bump:
needs: [lint, test, branch_name, goreleaser-check]
runs-on: ubuntu-latest
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- name: Bump version and push tag
# Placing the if condition here is a workaround for needing to block
# on this step during workflow dispatch events but the step not
# needing to run on tags. If we had the if condition on the full
# version_bump section, it would skip and not run, which would result
# in goreleaser not running either.
if: ${{ github.event_name == 'workflow_dispatch' }}
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
default_bump: ${{ inputs.version }}
# Setting the branch name so that release branch other than
# master/main doesn't impact tag name
release_branches: ${{ needs.branch_name.outputs.branch }}

# Generate the release with goreleaser to include pre-built binaries
goreleaser:
needs: version_bump
runs-on: ubuntu-20.04
if: |
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'push' && contains(github.ref, 'refs/tags/'))
permissions: "write-all"
steps:
- uses: actions/checkout@v4
- run: git fetch --force --tags
- uses: actions/setup-go@v5
with:
go-version: 1.21.6
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_SIGNING_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
# Generate the binaries and release
- uses: goreleaser/[email protected]
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
77 changes: 77 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"

on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '17 5 * * 1'

env:
GO_VERSION: '1.21.6'

jobs:
analyze:
name: Analyze
# Runner size impacts CodeQL analysis time. To learn more, please see:
# - https://gh.io/recommended-hardware-resources-for-running-codeql
# - https://gh.io/supported-runners-and-hardware-resources
# - https://gh.io/using-larger-runners
# Consider using larger runners for possible analysis time improvements.
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
# Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
# Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Checkout repository
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality

- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}

- name: Build binary
run: |
make build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
23 changes: 23 additions & 0 deletions .github/workflows/docker-build-publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Docker Build & Publish

# Trigger on all push events, new semantic version tags, and all PRs
on:
push:
branches:
- "main"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
pull_request:

jobs:
docker-security-build:
permissions:
contents: write
packages: write
uses: celestiaorg/.github/.github/workflows/[email protected] # yamllint disable-line rule:line-length
with:
dockerfile: Dockerfile
secrets: inherit
19 changes: 19 additions & 0 deletions .github/workflows/lables.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
name: Required Labels

on:
pull_request:
types: [opened, labeled, unlabeled, synchronize]

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
label:
runs-on: ubuntu-latest
steps:
- uses: mheap/github-action-required-labels@v5
with:
mode: minimum
count: 1
labels: "bug, chore, CI/CD, enhancement, dependencies, documentation, github_actions, testing" # yamllint disable-line rule:line-length
Loading

0 comments on commit 31627cc

Please sign in to comment.