Add content (#5)

jfrog · Sep 6, 2023 · 1df7b67 · 1df7b67
1 parent 871b5b6
commit 1df7b67
Show file tree

Hide file tree

Showing 21 changed files with 941 additions and 0 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,27 @@
+---
+name: 🐞 Bug report
+about: Create a report to help us improve
+title: ""
+labels: bug
+assignees: ""
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Versions**
+
+- JFrog Applications Config schema version:
+- Operating system:
+
+**Additional context**
+Add any other context about the problem here.
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,19 @@
+---
+name: ⭐️ Feature request
+about: Suggest an idea for this project
+title: ""
+labels: feature request
+assignees: ""
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like to see**
+A clear and concise description of the new feature.
+
+**Describe alternatives you've considered**
+If applicable, a clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md
@@ -0,0 +1,7 @@
+---
+name: ❓ Question
+about: Ask a question
+title: ""
+labels: question
+assignees: ""
+---
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,4 @@
+- [ ] All [tests](https://github.com/jfrog/jfrog-apps-config/actions/workflows/test.yml) passed. If this feature is not already covered by the tests, I added new tests.
+- [ ] I used `go fmt ./...` for formatting the code before submitting the pull request.
+
+---
diff --git a/.github/release.yml b/.github/release.yml
@@ -0,0 +1,20 @@
+changelog:
+  exclude:
+    labels:
+      - ignore for release
+  categories:
+    - title: Breaking Changes 🚨
+      labels:
+        - breaking change
+    - title: Exciting New Features 🎉
+      labels:
+        - new feature
+    - title: Improvements 🌱
+      labels:
+        - improvement
+    - title: Bug Fixes 🛠
+      labels:
+        - bug
+    - title: Other Changes 📚
+      labels:
+        - "*"
diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml
@@ -0,0 +1,44 @@
+name: "Static Analysis"
+on:
+  push:
+    branches:
+      - "**"
+    tags-ignore:
+      - "**"
+  pull_request:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  Static-Check:
+    name: Static Check
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+      - name: Static Code Analysis
+        uses: golangci/golangci-lint-action@v3
+        with:
+          working-directory: go
+          args: |
+            --timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars
+
+  Go-Sec:
+    name: Go-Sec
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+      - name: Install gosec
+        run: curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin
+      - name: Run gosec
+        working-directory: go
+        run: gosec -tests ./...
diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml
@@ -0,0 +1,35 @@
+name: "CLA Assistant"
+on:
+  # issue_comment triggers this action on each comment on issues and pull requests
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened,synchronize]
+
+jobs:
+  CLAssistant:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions-ecosystem/action-regex-match@v2
+        id: sign-or-recheck
+        with:
+          text: ${{ github.event.comment.body }}
+          regex: '\s*(I have read the CLA Document and I hereby sign the CLA)|(recheck)\s*'
+
+      - name: "CLA Assistant"
+        if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
+        # Alpha Release
+        uses: cla-assistant/[email protected]
+        env:
+          # Generated and maintained by github
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # JFrog organization secret
+          PERSONAL_ACCESS_TOKEN : ${{ secrets.CLA_SIGN_TOKEN }}
+        with:
+          path-to-signatures: 'signed_clas.json'
+          path-to-document: 'https://jfrog.com/cla/'
+          remote-organization-name: 'jfrog'
+          remote-repository-name: 'jfrog-signed-clas'
+          # branch should not be protected
+          branch: 'master'
+          allowlist: bot*
diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml
@@ -0,0 +1,44 @@
+name: "Frogbot Scan Pull Request"
+on:
+  pull_request_target:
+    types: [opened, synchronize]
+permissions:
+  pull-requests: write
+  contents: read
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Optional, default: "."]
+          # Relative path to the root of the project in the Git repository
+          JF_WORKING_DIR: "go"
+
+          # [Optional]
+          # Configure the SMTP server to enable Frogbot to send emails with detected secrets in pull request scans.
+          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
+          JF_SMTP_SERVER: ${{ secrets.JF_SMTP_SERVER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The username required for authenticating with the SMTP server.
+          JF_SMTP_PASSWORD: ${{ secrets.JF_SMTP_PASSWORD }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The password associated with the username required for authentication with the SMTP server.
+          JF_SMTP_USER: ${{ secrets.JF_SMTP_USER }}
diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml
@@ -0,0 +1,34 @@
+name: "Frogbot Scan Repository"
+on:
+  schedule:
+    # The repository will be scanned once a day at 00:00 GMT.
+    - cron: "0 0 * * *"
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+jobs:
+  create-fix-pull-requests:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The repository scanning will be triggered periodically on the following branches.
+        branch: ["main"]
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Optional, default: "."]
+          # Relative path to the root of the project in the Git repository
+          JF_WORKING_DIR: "go"
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,22 @@
+name: Test
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macOS-latest]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+
+      # Run tests
+      - name: Tests
+        run: go test -v -race
+        working-directory: go