From ae0e906c02e30cbd482ccf42c6dab9e9e423e0b0 Mon Sep 17 00:00:00 2001 From: Jahvon Dockery Date: Fri, 11 Oct 2024 14:04:38 -0400 Subject: [PATCH] ci: update gh workflows and linting opts (#178) --- .github/dependabot.yml | 6 +- .github/workflows/analyze.yaml | 74 +++++++++++++++++++ .github/workflows/codeql.yaml | 9 +-- .github/workflows/release.yaml | 39 ++++++++-- .github/workflows/test.yaml | 41 +++++++++++ .github/workflows/validate.yaml | 89 ----------------------- .golangci.yaml | 92 +----------------------- cmd/internal/exec.go | 1 - cmd/internal/flags/helpers.go | 1 - cmd/internal/workspace.go | 1 - internal/fileparser/shell_file_parser.go | 1 - internal/runner/env.go | 5 +- tools/docsgen/json.go | 1 - types/config/config.go | 1 - 14 files changed, 156 insertions(+), 205 deletions(-) create mode 100644 .github/workflows/analyze.yaml create mode 100644 .github/workflows/test.yaml delete mode 100644 .github/workflows/validate.yaml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5f9f323..4794360 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,7 +9,7 @@ updates: labels: - "dependencies" commit-message: - prefix: "(chore) " + prefix: "chore: " groups: experimental-golang-deps: patterns: @@ -30,7 +30,7 @@ updates: labels: - "dependencies" commit-message: - prefix: "(chore) " + prefix: "chore: " - package-ecosystem: "docker" directory: "/" schedule: @@ -40,4 +40,4 @@ updates: labels: - "dependencies" commit-message: - prefix: "(chore) " + prefix: "chore: " diff --git a/.github/workflows/analyze.yaml b/.github/workflows/analyze.yaml new file mode 100644 index 0000000..fceabe1 --- /dev/null +++ b/.github/workflows/analyze.yaml @@ -0,0 +1,74 @@ +name: Analyze + +on: + push: + branches: + - main + pull_request: + +permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +jobs: + generated: + runs-on: ubuntu-latest + steps: + - name: Checkout Source + uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "^1.23" + - name: Install Go Tools + run: | + go install go.uber.org/mock/mockgen@v0.4.0 + - name: Init project and generate code + run: | + go mod tidy + go fmt ./... + go generate ./... + go run ./tools/docsgen/. + - name: Verify clean state + run: | + if [[ `git status . --porcelain` ]]; then + echo "Uncommitted changes found" + git diff --color --compact-summary + exit 1 + else + echo "No uncommitted changes" + fi + lint: + runs-on: ubuntu-latest + steps: + - name: Checkout Source + uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "^1.23" + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: v1.60.3 + args: --out-format=sarif:results.sarif,colored-line-number,github-actions + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: results.sarif + category: golangci-lint + govulncheck: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version: stable + cache: true + check-latest: true + - run: go install golang.org/x/vuln/cmd/govulncheck@latest + - run: govulncheck ./... diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 91325d2..f11a506 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -1,4 +1,4 @@ -name: CodeQL +name: Analyze on: push: @@ -16,23 +16,18 @@ jobs: contents: read security-events: write runs-on: ubuntu-latest - steps: - name: Checkout uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v5 with: - go-version: "^1.22.5" - + go-version: "^1.23" - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: go - - name: Autobuild uses: github/codeql-action/autobuild@v3 - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a04a638..7ee1466 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,34 +4,59 @@ on: push: tags: - "*" + workflow_dispatch: + inputs: + tag: + description: 'Tag to release' + required: true jobs: - releases: + release-docs: + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "^1.23" + - name: Generate docs + run: | + go run ./tools/docsgen/. + - name: Setup Pages + uses: actions/configure-pages@v1 + - name: Upload artifact + uses: actions/upload-pages-artifact@v1 + with: + path: 'docs/' + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@main + release-binary: permissions: contents: write packages: write runs-on: ubuntu-latest - steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up Go uses: actions/setup-go@v5 with: - go-version: "1.23.1" - + go-version: "^1.23" - name: Set up QEMU uses: docker/setup-qemu-action@v3 - - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Run GoReleaser uses: goreleaser/goreleaser-action@v6 with: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..49f1ddd --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,41 @@ +name: Validate + +on: + push: + branches: + - main + pull_request: + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +jobs: + test: + strategy: + matrix: + os: [ubuntu-latest, macos-latest] # TODO: Explore adding Windows support + runs-on: ${{ matrix.os }} + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "^1.23" + - name: Run Tests with Retries + uses: nick-invision/retry@v2 + with: + timeout_minutes: 5 + max_attempts: 3 + command: go test ./... -race -coverprofile=coverage.txt -covermode=atomic -timeout 5m + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v4 + if: matrix.os == 'ubuntu-latest' # Only upload coverage from one OS + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + with: + file: ./coverage.txt + fail_ci_if_error: false diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml deleted file mode 100644 index c736e40..0000000 --- a/.github/workflows/validate.yaml +++ /dev/null @@ -1,89 +0,0 @@ -name: Validate - -on: - push: - branches: - - main - pull_request: - -jobs: - validate: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - runs-on: ubuntu-latest - env: - GO111MODULE: on - steps: - - name: Checkout Source - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: "^1.23.1" - - - name: Install Go Tools - run: | - go install go.uber.org/mock/mockgen@v0.4.0 - - - name: Init project and generate code - run: | - go mod tidy - go fmt ./... - go generate ./... - go run ./tools/docsgen/. - - - name: Verify clean state - run: | - if [[ `git status . --porcelain -- ':!cmd/internal/version'` ]]; then - echo "Uncommitted changes found" - git diff --color --compact-summary - exit 1 - else - echo "No uncommitted changes" - fi - - # ____ _ _ - # / ___| ___ ___ _ _ _ __(_) |_ _ _ - # \___ \ / _ \/ __| | | | '__| | __| | | | - # ___) | __/ (__| |_| | | | | |_| |_| | - # |____/ \___|\___|\__,_|_| |_|\__|\__, | - # |___/ - - name: Run Gosec Security Scanner - uses: securego/gosec@v2.21.4 - with: - args: "-no-fail -fmt sarif -out results.sarif ./..." - -# - name: Upload SARIF file -# uses: github/codeql-action/upload-sarif@v3 -# with: -# sarif_file: results.sarif - - # _ _ _ - # | | (_)_ __ | |_ - # | | | | '_ \| __| - # | |___| | | | | |_ - # |_____|_|_| |_|\__| - # - - name: golangci-lint - uses: golangci/golangci-lint-action@v6 - with: - version: v1.60.3 - - # _____ _ - # |_ _|__ ___| |_ - # | |/ _ \/ __| __| - # | | __/\__ \ |_ - # |_|\___||___/\__| - # - - name: Run coverage - run: go test ./... -race -coverprofile=coverage.txt -covermode=atomic - - - name: Upload coverage to Codecov - uses: codecov/codecov-action@v4 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - with: - file: ./coverage.txt - fail_ci_if_error: false diff --git a/.golangci.yaml b/.golangci.yaml index 4546a4b..4dd3e07 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -1,87 +1,23 @@ run: timeout: 2m -# This file contains only configs which differ from defaults. -# All possible options can be found here https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml linters-settings: cyclop: - # The maximal code complexity to report. - # Default: 10 max-complexity: 30 - # The maximal average package complexity. - # If it's higher than 0.0 (float) the check is enabled - # Default: 0.0 package-average: 10.0 - errcheck: - # Report about not checking of errors in type assertions: `a := b.(MyStruct)`. - # Such cases aren't reported by default. - # Default: false check-type-assertions: true - - exhaustive: - # Program elements to check for exhaustiveness. - # Default: [ switch ] - check: - - switch - - map - funlen: - # Checks the number of lines in a function. - # If lower than 0, disable the check. - # Default: 60 lines: 100 - # Checks the number of statements in a function. - # If lower than 0, disable the check. - # Default: 40 statements: 50 - # Ignore comments when counting lines. - # Default false ignore-comments: true - gocognit: - # Minimal code complexity to report. - # Default: 30 (but we recommend 10-20) min-complexity: 30 - - gomodguard: - blocked: - # List of blocked modules. - # Default: [] - modules: - - github.com/golang/protobuf: - recommendations: - - google.golang.org/protobuf - reason: "see https://developers.google.com/protocol-buffers/docs/reference/go/faq#modules" - - github.com/satori/go.uuid: - recommendations: - - github.com/google/uuid - reason: "satori's package is not maintained" - - github.com/gofrs/uuid: - recommendations: - - github.com/google/uuid - reason: "gofrs' package is not go module" - govet: - # Enable all analyzers. - # Default: false enable-all: true - # Disable analyzers by name. - # Run `go tool vet help` to see all analyzers. - # Default: [] disable: - fieldalignment # too strict - # Settings per analyzer. - settings: - shadow: - # Whether to be strict about shadowing; can be noisy. - # Default: false - strict: true - tenv: - # The option `all` will exec against whole test files (`_test.go`) regardless of method/function signatures. - # Otherwise, only methods that take `*testing.T`, `*testing.B`, and `testing.TB` as arguments are checked. - # Default: false all: true linters: @@ -104,7 +40,6 @@ linters: - durationcheck # checks for two durations multiplied together - errname # checks that sentinel errors are prefixed with the Err and error types are suffixed with the Error - errorlint # finds code that will cause problems with the error wrapping scheme introduced in Go 1.13 - - exhaustive # checks exhaustiveness of enum switch statements - funlen # tool for detection of long functions - gocognit # computes and checks the cognitive complexity of functions - goconst # finds repeated strings that could be replaced by a constant @@ -112,7 +47,6 @@ linters: - gocyclo # computes and checks the cyclomatic complexity of functions - goimports # in addition to fixing imports, goimports also formats your code in the same style as gofmt - gomoddirectives # manages the use of 'replace', 'retract', and 'excludes' directives in go.mod - - gomodguard # allow and block lists linter for direct Go module dependencies. This is different from depguard where there are different block types for example version constraints and module recommendations - gosec # inspects source code for security problems - lll # reports long lines - loggercheck # checks key value pairs for common logger libraries (kitlog,klog,logr,zap) @@ -138,38 +72,14 @@ linters: - whitespace # detects leading and trailing whitespace - zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event - decorder # checks declaration order and count of types, constants, variables and functions - #- gci # controls golang package import order and makes it always deterministic - doesn't work as expected - ginkgolinter # [if you use ginkgo/gomega] enforces standards of using ginkgo and gomega - interfacebloat # checks the number of methods inside an interface - tagalign # checks that struct tags are well aligned - ## disabled by default, but may be useful at some point - #- forbidigo # forbids identifiers - #- promlinter # checks Prometheus metrics naming via promlint - #- goprintffuncname # checks that printf-like functions are named with f at the end - #- revive # fast, configurable, extensible, flexible, and beautiful linter for Go, drop-in replacement of golint - #- rowserrcheck # checks whether Err of rows is checked successfully - #- sqlclosecheck # checks that sql.Rows and sql.Stmt are closed - #- gochecknoinits # checks that no init functions are present in Go code - #- exhaustruct # [highly recommend to enable] checks if all structure fields are initialized - #- godox # detects FIXME, TODO and other comment keywords - #- goheader # checks is file header matches to pattern - #- ireturn # accept interfaces, return concrete types - #- prealloc # [premature optimization, but can be used in some cases] finds slice declarations that could potentially be preallocated - #- varnamelen # [great idea, but too many false positives] checks that the length of a variable's name matches its scope - #- wrapcheck # checks that errors returned from external packages are wrapped - #- godot # checks if comments end in a period - - issues: - # Maximum count of issues with the same text. - # Set to 0 to disable. - # Default: 3 - max-same-issues: 50 - + max-same-issues: 0 exclude: - 'declaration of "(err|ctx)" shadows declaration at' # shadowing of err and ctx is acceptable - exclude-rules: - source: "(noinspection|TODO)" linters: [ godot ] diff --git a/cmd/internal/exec.go b/cmd/internal/exec.go index c66a5c8..0f97d27 100644 --- a/cmd/internal/exec.go +++ b/cmd/internal/exec.go @@ -71,7 +71,6 @@ func execPreRun(_ *context.Context, _ *cobra.Command, _ []string) { runner.RegisterRunner(parallel.NewRunner()) } -//nolint:gocognit func execFunc(ctx *context.Context, cmd *cobra.Command, verb executable.Verb, args []string) { logger := ctx.Logger if err := verb.Validate(); err != nil { diff --git a/cmd/internal/flags/helpers.go b/cmd/internal/flags/helpers.go index caff125..b3b18ff 100644 --- a/cmd/internal/flags/helpers.go +++ b/cmd/internal/flags/helpers.go @@ -10,7 +10,6 @@ import ( "github.com/jahvon/flow/internal/context" ) -//nolint:gocognit func ToPflag(cmd *cobra.Command, metadata Metadata, persistent bool) (*pflag.FlagSet, error) { flagSet := cmd.Flags() if persistent { diff --git a/cmd/internal/workspace.go b/cmd/internal/workspace.go index 74faae5..52730b9 100644 --- a/cmd/internal/workspace.go +++ b/cmd/internal/workspace.go @@ -50,7 +50,6 @@ func registerCreateWorkspaceCmd(ctx *context.Context, wsCmd *cobra.Command) { wsCmd.AddCommand(createCmd) } -//nolint:gocognit func createWorkspaceFunc(ctx *context.Context, cmd *cobra.Command, args []string) { logger := ctx.Logger name := args[0] diff --git a/internal/fileparser/shell_file_parser.go b/internal/fileparser/shell_file_parser.go index d761057..5fdaa74 100644 --- a/internal/fileparser/shell_file_parser.go +++ b/internal/fileparser/shell_file_parser.go @@ -30,7 +30,6 @@ const ( var multiLineDescriptionTag = fmt.Sprintf("<%s%s>", multiLineKeyPrefix, DescriptionConfigurationKey) -//nolint:gocognit func ExecConfigMapFromFile(logger io.Logger, file string) (map[string]string, error) { if err := validateFile(file); err != nil { return nil, err diff --git a/internal/runner/env.go b/internal/runner/env.go index 84ac5dd..55ba046 100644 --- a/internal/runner/env.go +++ b/internal/runner/env.go @@ -142,8 +142,9 @@ func DefaultEnv(ctx *context.Context, executable *executable.Executable) map[str envMap["FLOW_WORKSPACE_PATH"] = executable.WorkspacePath() envMap["FLOW_CONFIG_PATH"] = filesystem.ConfigDirPath() envMap["FLOW_CACHE_PATH"] = filesystem.CachedDataDirPath() - if os.Getenv("DISABLE_FLOW_INTERACTIVE") == "" { - envMap["DISABLE_FLOW_INTERACTIVE"] = "true" + envMap["DISABLE_FLOW_INTERACTIVE"] = "true" + if interactive := os.Getenv("DISABLE_FLOW_INTERACTIVE"); interactive != "" { + envMap["DISABLE_FLOW_INTERACTIVE"] = interactive } return envMap } diff --git a/tools/docsgen/json.go b/tools/docsgen/json.go index 295df59..5055285 100644 --- a/tools/docsgen/json.go +++ b/tools/docsgen/json.go @@ -15,7 +15,6 @@ const ( idBase = "https://flowexec.io/schemas" ) -//nolint:gocognit func generateJSONSchemas() { sm := schema.RegisteredSchemaMap() for fn, s := range sm { diff --git a/types/config/config.go b/types/config/config.go index 3625008..d062364 100644 --- a/types/config/config.go +++ b/types/config/config.go @@ -80,7 +80,6 @@ func (c *Config) JSON() (string, error) { return string(jsonBytes), nil } -//nolint:gocognit func (c *Config) Markdown() string { mkdwn := "# Global Configurations\n" mkdwn += fmt.Sprintf("**Current workspace:** `%s`\n", c.CurrentWorkspace)