Add CI and github config (#12)

* Add CI and github config

Mostly copied from operator-rs. Would be nice to have this managed by
operator-templating, but that depends on
stackabletech/operator-templating#80.

* Import pre-commit and cargo deny config as well

* pre-commit

* Update cargo-deny to v2.0.4

* Update dependencies

* Update deny.toml from op-rs

* Update .github/workflows/build.yml

Co-authored-by: Razvan-Daniel Mihai <[email protected]>

---------

Co-authored-by: Razvan-Daniel Mihai <[email protected]>

Author: nightkr

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,49 @@
+---
+name: "🐛 Bug Report"
+description: "If something isn't working as expected 🤔."
+labels: ["type/bug"]
+body:
+  - type: markdown
+    attributes:
+      value: Thanks for taking the time to file a bug report! Please fill out this form as completely as possible.
+
+  - type: input
+    attributes:
+      label: Affected version
+      description: Which version do you see this bug in?
+
+  - type: textarea
+    attributes:
+      label: Current and expected behavior
+      description: A clear and concise description of what operator-rs is doing and what you would expect.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Possible solution
+      description: "If you have suggestions on a fix for the bug."
+
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: "Add any other context about the problem here. Or a screenshot if applicable."
+
+  - type: textarea
+    attributes:
+      label: Environment
+      description: |
+        What type of kubernetes cluster you are running aginst (k3s/eks/aks/gke/other) and any other information about your environment?
+      placeholder: |
+        Examples:
+        Output of `kubectl version --short`
+
+  - type: dropdown
+    attributes:
+      label: Would you like to work on fixing this bug?
+      description: |
+        **NOTE**: Let us know if you would like to submit a PR for this. We are more than happy to help you through the process.
+      options:
+        - "yes"
+        - "no"
+        - "maybe"

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,9 @@
+---
+blank_issues_enabled: true
+contact_links:
+  - name: 🙋🏾 Question
+    about: Use this to ask a question about this project
+    url: https://github.com/orgs/stackabletech/discussions/new?category=q-a
+  - name: 🚀 Feature Requests and other things
+    about: Open an issue with your feature request or any other issue not covered elsewhere
+    url: https://github.com/stackabletech/containerdebug/issues/new

.github/pull_request_template.md

@@ -0,0 +1,29 @@
+# Description
+
+*Please add a description here. This will become the commit message of the merge request later.*
+
+## Definition of Done Checklist
+
+- Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
+- Please make sure all these things are done and tick the boxes
+
+```[tasklist]
+# Author
+- [ ] Changes are OpenShift compatible
+- [ ] Integration tests passed (for non trivial changes)
+```
+
+```[tasklist]
+# Reviewer
+- [ ] Code contains useful comments
+- [ ] (Integration-)Test cases added
+- [ ] Documentation added or updated
+- [ ] Changelog updated
+- [ ] Cargo.toml only contains references to git tags (not specific commits or branches)
+```
+
+```[tasklist]
+# Acceptance
+- [ ] Feature Tracker has been updated
+- [ ] Proper release label has been added
+```

.github/workflows/build.yml

@@ -0,0 +1,154 @@
+---
+name: Stackable Build Pipeline
+
+on:
+  push:
+    branches:
+      - main
+      - staging
+      - trying
+      - "renovate/**"
+    tags:
+      - "*"
+  pull_request:
+  merge_group:
+
+env:
+  CARGO_TERM_COLOR: always
+  CARGO_INCREMENTAL: "0"
+  CARGO_PROFILE_DEV_DEBUG: "0"
+  RUST_TOOLCHAIN_VERSION: "1.82.0"
+  RUSTFLAGS: "-D warnings"
+  RUSTDOCFLAGS: "-D warnings"
+  RUST_LOG: "info"
+
+jobs:
+  # Identify unused dependencies
+  run_udeps:
+    name: Run Cargo Udeps
+    runs-on: ubuntu-latest
+    env:
+      RUSTC_BOOTSTRAP: 1
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+      - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
+        with:
+          key: udeps
+      - run: cargo install --locked [email protected]
+      - run: cargo udeps --all-targets --all-features
+
+  run_cargodeny:
+    name: Run Cargo Deny
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        checks:
+          - advisories
+          - bans licenses sources
+
+    # Prevent sudden announcement of a new advisory from failing ci:
+    continue-on-error: ${{ matrix.checks == 'advisories' }}
+
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba # v2.0.4
+        with:
+          command: check ${{ matrix.checks }}
+
+  run_rustfmt:
+    name: Run Rustfmt
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          components: rustfmt
+      - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
+        with:
+          key: fmt
+      - run: cargo fmt --all -- --check
+
+  run_clippy:
+    name: Run Clippy
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install host dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        with:
+          submodules: recursive
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          components: clippy
+      - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
+        with:
+          key: clippy
+      - name: Run clippy action to produce annotations
+        # NOTE (@Techassi): This action might get a new release soon, because it
+        # currently uses Node 16, which is deprecated in the next few months by
+        # GitHub. See https://github.com/giraffate/clippy-action/pull/87
+        uses: giraffate/clippy-action@13b9d32482f25d29ead141b79e7e04e7900281e0 # v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        if: env.GITHUB_TOKEN != null && github.event.pull_request.draft == false
+        with:
+          clippy_flags: --all-targets -- -D warnings
+          reporter: "github-pr-review"
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run clippy manually without annotations
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        if: env.GITHUB_TOKEN == null
+        run: cargo clippy --color never -q --all-targets -- -D warnings
+
+  run_rustdoc:
+    name: Run RustDoc
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          components: rustfmt
+      - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
+        with:
+          key: doc
+      - run: cargo doc --document-private-items
+
+  run_tests:
+    name: Run Cargo Tests
+    needs:
+      - run_clippy
+      - run_rustfmt
+      - run_rustdoc
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          # rust-src is required for trybuild stderr output comparison to work
+          # for our cases.
+          # See: https://github.com/dtolnay/trybuild/issues/236#issuecomment-1620950759
+          components: rust-src
+      - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
+        with:
+          key: test
+      - run: cargo test --all-features
+
+  tests_passed:
+    name: All tests passed
+    needs:
+      - run_udeps
+      - run_tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: log
+        run: echo All tests have passed!

.github/workflows/daily_security.yml

@@ -0,0 +1,16 @@
+---
+name: Security audit
+
+on:
+  schedule:
+    - cron: '15 4 * * *'
+  workflow_dispatch:
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      - uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 # v2.0.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pr_pre-commit.yaml

@@ -0,0 +1,25 @@
+---
+name: pre-commit
+
+on:
+  pull_request:
+
+env:
+  CARGO_TERM_COLOR: always
+  RUST_TOOLCHAIN_VERSION: "1.82.0"
+  HADOLINT_VERSION: "v1.17.6"
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        with:
+          fetch-depth: 0
+      - uses: stackabletech/actions/run-pre-commit@9bd13255f286e4b7a654617268abe1b2f37c3e0a # v0.3.0
+        with:
+          rust: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          # rust-src is required for trybuild stderr output comparison to work
+          # for our cases.
+          # See: https://github.com/dtolnay/trybuild/issues/236#issuecomment-1620950759
+          rust-components: rustfmt,clippy,rust-src

.pre-commit-config.yaml

@@ -0,0 +1,46 @@
+---
+default_language_version:
+  node: system
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: 2c9f875913ee60ca25ce70243dc24d5b6415598c # 4.6.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: detect-aws-credentials
+        args: ["--allow-missing-credentials"]
+      - id: detect-private-key
+
+  - repo: https://github.com/doublify/pre-commit-rust
+    rev: eeee35a89e69d5772bdee97db1a6a898467b686e # 1.0
+    hooks:
+      - id: fmt
+        args: ["--all", "--", "--check"]
+      - id: clippy
+        args: ["--all-targets", "--", "-D", "warnings"]
+  - repo: https://github.com/adrienverge/yamllint
+    rev: 81e9f98ffd059efe8aa9c1b1a42e5cce61b640c6 # 1.35.1
+    hooks:
+      - id: yamllint
+
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: f295829140d25717bc79368d3f966fc1f67a824f # 0.41.0
+    hooks:
+      - id: markdownlint
+
+  - repo: https://github.com/koalaman/shellcheck-precommit
+    rev: 2491238703a5d3415bb2b7ff11388bf775372f29 # 0.10.0
+    hooks:
+      - id: shellcheck
+        args: ["--severity=info"]
+
+  - repo: https://github.com/rhysd/actionlint
+    rev: 62dc61a45fc95efe8c800af7a557ab0b9165d63b # 1.7.1
+    hooks:
+      - id: actionlint
+
+  - repo: https://github.com/hadolint/hadolint
+    rev: b3555ba9c2bfd9401e79f2f0da68dd1ae38e10c7 # 2.12.0
+    hooks:
+      - id: hadolint