feat: Handle goprivate for GitHub (#37)

Handle GOPRIVATE env variable, limited to git VCS and github source in
particular.

.envrc

@@ -0,0 +1,7 @@
+# Automatically sets up your devbox environment whenever you cd into this
+# directory via our direnv integration:
+
+eval "$(devbox generate direnv --print-envrc)"
+
+# check out https://www.jetpack.io/devbox/docs/ide_configuration/direnv/
+# for more details

.github/workflows/ci.yml

@@ -9,35 +9,14 @@ on:
 jobs:
   check:
     runs-on: ubuntu-latest
-    env:
-      GO111MODULE: on
     steps:
       - name: Check out code
         uses: actions/checkout@v4
-      - uses: actions/setup-go@v5
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
         with:
-          go-version-file: go.mod
-          check-latest: true
-      - name: Set up prerequisites - node and yarn
-        uses: actions/setup-node@v4
-      - name: Set up yarn cache
-        id: yarn-cache
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-      - uses: actions/cache@v4
-        with:
-          path: ${{ steps.yarn-cache.outputs.dir }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-
-      - name: Run spell and markdown checkers
-        run: make check/spell check/trailing check/markdown
-      - name: Check formatting
-        run: make check/format
-      - name: Run go vet
-        run: make check/vet
-      - name: Run golangci-lint
-        run: make check/lint
-      - name: Run Gosec Security Scanner
-        run: make check/gosec
+          enable-cache: true
+      - name: Run checks
+        run: devbox run -- make check
       - name: Run tests
-        run: make test
+        run: devbox run -- make test

.github/workflows/scan.yml

@@ -15,10 +15,9 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v4
-      - name: Setup Golang
-        uses: actions/setup-go@v5
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
         with:
-          go-version-file: go.mod
-          check-latest: true
+          enable-cache: true
       - name: Run Golang Vulncheck
-        run: make check/vulns
+        run: devbox run -- make check/vulns

Makefile

@@ -28,28 +28,6 @@ endif
 
 LDFLAGS := "-s -w -X main.BuildVersion=$(VERSION) -X main.BuildGitTag=$(GIT_TAG) -X main.BuildDate=$(BUILD_DATE)"
 
-# renovate datasource=github-releases depName=securego/gosec
-GOSEC_VERSION := v2.18.2
-# renovate datasource=github-releases depName=golangci/golangci-lint
-GOLANGCI_LINT_VERSION := v1.55.2
-# renovate datasource=go depName=golang.org/x/vuln/cmd/govulncheck
-GOVULNCHECK_VERSION := v1.0.3
-# renovate datasource=go depName=golang.org/x/tools/cmd/goimports
-GOIMPORTS_VERSION := v0.17.0
-
-# Check if the program is present in $PATH and install otherwise.
-# ${1} - oneOf{binary,yarn}
-# ${2} - program name
-define _ensure_installed
-	LOCAL_BIN_DIR=$(BIN_DIR) ./scripts/ensure_installed.sh "${1}" "${2}"
-endef
-
-# Install Go binary using 'go install' with an output directory set via $GOBIN.
-# ${1} - repository url
-define _install_go_binary
-	GOBIN=$(realpath $(BIN_DIR)) go install "${1}"
-endef
-
 # Print Makefile target step description for check.
 # Only print 'check' steps this way, and not dependent steps, like 'install'.
 # ${1} - step description
@@ -84,7 +62,7 @@ test/cli:
 		--build-arg LDFLAGS="-X main.BuildVersion=2.0.0 -X main.BuildGitTag=v2.0.0 -X main.BuildDate=2023-10-23T08:03:03Z" \
 		-t go-libyear-test-bin .
 	docker build -t go-libyear-bats -f $(TEST_DIR)/Dockerfile .
-	docker run --rm go-libyear-bats $(TEST_DIR)/*
+	docker run --rm go-libyear-bats -F pretty $(TEST_DIR)/*
 
 ## Run all unit tests.
 test/unit:
@@ -103,19 +81,16 @@ check/vet:
 ## Run golangci-lint all-in-one linter with configuration defined inside .golangci.yml.
 check/lint:
 	$(call _print_step,Running golangci-lint)
-	$(call _ensure_installed,binary,golangci-lint)
-	$(BIN_DIR)/golangci-lint run
+	golangci-lint run
 
 ## Check for security problems using gosec, which inspects the Go code by scanning the AST.
 check/gosec:
 	$(call _print_step,Running gosec)
-	$(call _ensure_installed,binary,gosec)
-	$(BIN_DIR)/gosec -exclude-dir=test -exclude-generated -quiet ./...
+	gosec -exclude-dir=test -exclude-generated -quiet ./...
 
 ## Check spelling, rules are defined in cspell.json.
 check/spell:
 	$(call _print_step,Verifying spelling)
-	$(call _ensure_installed,yarn,cspell)
 	yarn --silent cspell --no-progress '**/**'
 
 ## Check for trailing whitespaces in any of the projects' files.
@@ -126,14 +101,12 @@ check/trailing:
 ## Check markdown files for potential issues with markdownlint.
 check/markdown:
 	$(call _print_step,Verifying Markdown files)
-	$(call _ensure_installed,yarn,markdownlint)
 	yarn --silent markdownlint '*.md' --disable MD010, MD034 # MD010 does not handle code blocks well.
 
 ## Check for potential vulnerabilities across all Go dependencies.
 check/vulns:
 	$(call _print_step,Running govulncheck)
-	$(call _ensure_installed,binary,govulncheck)
-	$(BIN_DIR)/govulncheck ./...
+	govulncheck ./...
 
 ## Verify if the files are formatted.
 ## You must first commit the changes, otherwise it won't detect the diffs.
@@ -145,7 +118,6 @@ check/format:
 ## Generate Golang code.
 generate:
 	echo "Generating Go code..."
-	#$(call _ensure_installed,binary,go-enum)
 	go generate ./...
 
 .PHONY: format format/go format/cspell
@@ -155,47 +127,24 @@ format: format/go format/cspell
 ## Format Go files.
 format/go:
 	echo "Formatting Go files..."
-	$(call _ensure_installed,binary,goimports)
-	go fmt ./...
-	$(BIN_DIR)/goimports -local=$$(head -1 go.mod | awk '{print $$2}') -w .
+	gofumpt -l -w -extra .
+	goimports -local=$$(head -1 go.mod | awk '{print $$2}') -w .
+	golines -m 120 --ignore-generated --reformat-tags -w .
 
 ## Format cspell config file.
 format/cspell:
 	echo "Formatting cspell.yaml configuration (words list)..."
-	$(call _ensure_installed,yarn,yaml)
 	yarn --silent format-cspell-config
 
-.PHONY: install install/yarn install/golangci-lint install/gosec install/govulncheck install/goimports
+.PHONY: install
 ## Install all dev dependencies.
-install: install/yarn install/golangci-lint install/gosec install/govulncheck install/goimports
+install: install/yarn
 
 ## Install JS dependencies with yarn.
 install/yarn:
 	echo "Installing yarn dependencies..."
 	yarn --silent install
 
-## Install golangci-lint (https://golangci-lint.run).
-install/golangci-lint:
-	echo "Installing golangci-lint..."
-	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh |\
- 		sh -s -- -b $(BIN_DIR) $(GOLANGCI_LINT_VERSION)
-
-## Install gosec (https://github.com/securego/gosec).
-install/gosec:
-	echo "Installing gosec..."
-	curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh |\
- 		sh -s -- -b $(BIN_DIR) $(GOSEC_VERSION)
-
-## Install govulncheck (https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck).
-install/govulncheck:
-	echo "Installing govulncheck..."
-	$(call _install_go_binary,golang.org/x/vuln/cmd/govulncheck@$(GOVULNCHECK_VERSION))
-
-## Install goimports (https://pkg.go.dev/golang.org/x/tools/cmd/goimports).
-install/goimports:
-	echo "Installing goimports..."
-	$(call _install_go_binary,golang.org/x/tools/cmd/goimports@$(GOIMPORTS_VERSION))
-
 .PHONY: help
 ## Print this help message.
 help:

builder.go

@@ -1,6 +1,10 @@
 package libyear
 
-import "github.com/nieomylnieja/go-libyear/internal"
+import (
+	"path/filepath"
+
+	"github.com/nieomylnieja/go-libyear/internal"
+)
 
 func NewCommandBuilder(source Source, output Output) CommandBuilder {
 	return CommandBuilder{
@@ -17,6 +21,7 @@ type CommandBuilder struct {
 	withCache     bool
 	cacheFilePath string
 	opts          Option
+	vcsRegistry   *VCSRegistry
 }
 
 func (b CommandBuilder) WithCache(cacheFilePath string) CommandBuilder {
@@ -42,6 +47,11 @@ func (b CommandBuilder) WithOptions(opts ...Option) CommandBuilder {
 	return b
 }
 
+func (b CommandBuilder) WithVCSRegistry(registry *VCSRegistry) CommandBuilder {
+	b.vcsRegistry = registry
+	return b
+}
+
 func (b CommandBuilder) Build() (*Command, error) {
 	if b.repo == nil {
 		var err error
@@ -61,11 +71,24 @@ func (b CommandBuilder) Build() (*Command, error) {
 	if v, ok := b.source.(interface{ SetModulesRepo(repo ModulesRepo) }); ok {
 		v.SetModulesRepo(b.repo)
 	}
+	if b.vcsRegistry == nil {
+		cacheBase, err := internal.GetDefaultCacheBasePath()
+		if err != nil {
+			return nil, err
+		}
+		cacheDir := filepath.Join(cacheBase, "vcs")
+		b.vcsRegistry = NewVCSRegistry(cacheDir)
+	}
+	// Share initialized VCSRegistry with sources.
+	if v, ok := b.source.(interface{ SetVCSRegistry(registry *VCSRegistry) }); ok {
+		v.SetVCSRegistry(b.vcsRegistry)
+	}
 	return &Command{
 		source:           b.source,
 		output:           b.output,
 		repo:             b.repo,
 		fallbackVersions: b.fallback,
 		opts:             b.opts,
+		vcs:              b.vcsRegistry,
 	}, nil
 }

cmd/go-libyear/flags.go

@@ -61,6 +61,12 @@ var (
 		Category:    categoryCache,
 		Action:      useOnlyWith[cli.Path]("cache-file-path", flagCache.Name),
 	}
+	flagVCSCacheDir = &cli.PathFlag{
+		Name:        "vcs-cache-dir",
+		Usage:       "Use custom cache directory for VCS modules (downloaded due to GOPRIVATE settings)",
+		DefaultText: "$XDG_CACHE_HOME/go-libyear/vcs or $HOME/.cache/go-libyear/vcs",
+		Category:    categoryCache,
+	}
 	flagTimeout = &cli.DurationFlag{
 		Name:    "timeout",
 		Aliases: []string{"t"},

cmd/go-libyear/main.go

@@ -42,6 +42,7 @@ func main() {
 			flagJSON,
 			flagCache,
 			flagCacheFilePath,
+			flagVCSCacheDir,
 			flagTimeout,
 			flagUseGoList,
 			flagIndirect,
@@ -105,6 +106,10 @@ func run(cliCtx *cli.Context) error {
 			builder = builder.WithOptions(option)
 		}
 	}
+	if cliCtx.IsSet(flagVCSCacheDir.Name) {
+		registry := golibyear.NewVCSRegistry(flagVCSCacheDir.Get(cliCtx))
+		builder = builder.WithVCSRegistry(registry)
+	}
 
 	cmd, err := builder.Build()
 	if err != nil {
@@ -115,17 +120,25 @@ func run(cliCtx *cli.Context) error {
 
 func setupContextHandling(cliCtx *cli.Context) (ctx context.Context, handler func()) {
 	ctx = cliCtx.Context
-	ctx, cancel := context.WithTimeout(ctx, flagTimeout.Get(cliCtx))
+	errTimeout := errors.New("timeout")
+	timeout := flagTimeout.Get(cliCtx)
+	ctx, cancel := context.WithTimeoutCause(ctx, timeout, errTimeout)
 	sigCh := make(chan os.Signal, 2)
 	signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM)
 	return ctx, func() {
 		select {
 		case sig := <-sigCh:
 			cancel()
-			fmt.Printf("\r%s signal detected, shutting down...\n", sig)
+			fmt.Fprintf(os.Stderr, "\r%s signal detected, shutting down...\n", sig)
 			os.Exit(0)
 		case <-ctx.Done():
-			fmt.Printf("\r%s, shutting down...\n", ctx.Err())
+			cause := context.Cause(ctx)
+			if errors.Is(cause, errTimeout) {
+				fmt.Fprintf(os.Stderr,
+					"\r%s timeout exceeded, consider increasing the timeout value via --timeout flag\n", timeout)
+			} else {
+				fmt.Fprintf(os.Stderr, "\r%s, shutting down...\n", ctx.Err())
+			}
 			os.Exit(1)
 		}
 	}