File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ version : 2
2+ updates :
3+ - package-ecosystem : " gomod"
4+ directory : " /"
5+ schedule :
6+ interval : " daily"
7+ groups :
8+ minor-patch :
9+ update-types :
10+ - " minor"
11+ - " patch"
12+
13+ - package-ecosystem : " github-actions"
14+ directory : " /"
15+ schedule :
16+ interval : " daily"
17+ groups :
18+ minor-patch :
19+ update-types :
20+ - " minor"
21+ - " patch"
22+
23+ - package-ecosystem : " docker"
24+ directory : " /"
25+ schedule :
26+ interval : " weekly"
Original file line number Diff line number Diff line change 1+ name : Build
2+
3+ on :
4+ push :
5+ branches :
6+ - main
7+ pull_request : {}
8+
9+ permissions : {}
10+
11+ jobs :
12+ build :
13+ name : build
14+ runs-on : ubuntu-latest
15+ permissions :
16+ contents : read
17+ steps :
18+ - name : Checkout repository
19+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
20+ with :
21+ persist-credentials : false
22+ - name : Install Go
23+ uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
24+ with :
25+ go-version-file : go.mod
26+ - name : Build
27+ run : |
28+ make build
29+
30+ test :
31+ name : Test
32+ runs-on : ubuntu-latest
33+ permissions :
34+ contents : read
35+ steps :
36+ - name : Checkout repository
37+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
38+ with :
39+ persist-credentials : false
40+ - name : Install Go
41+ uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
42+ with :
43+ go-version-file : go.mod
44+ - name : Test
45+ run : |
46+ make test
Original file line number Diff line number Diff line change 1+ name : Build and push Docker image
2+
3+ on :
4+ push :
5+ branches :
6+ - main
7+
8+ permissions : {}
9+
10+ jobs :
11+ build-and-push :
12+ runs-on : ubuntu-latest
13+ permissions :
14+ contents : read
15+ id-token : write
16+ attestations : write
17+ packages : write
18+ artifact-metadata : write
19+ env :
20+ REGISTRY : ghcr.io
21+ IMAGE_NAME : ${{ github.repository }}
22+
23+ steps :
24+ - name : Checkout repository
25+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
26+ with :
27+ persist-credentials : false
28+ - name : Login to GitHub Container Registry
29+ uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
30+ with :
31+ registry : ${{ env.REGISTRY }}
32+ username : ${{ github.actor }}
33+ password : ${{ secrets.GITHUB_TOKEN }}
34+ - name : Build and push image
35+ id : push
36+ uses : docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
37+ with :
38+ context : .
39+ push : true
40+ tags : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:dev
41+ - name : Attest
42+ uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v 3.2.0
43+ id : attest
44+ with :
45+ subject-name : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
46+ subject-digest : ${{ steps.push.outputs.digest }}
47+ push-to-registry : true
Original file line number Diff line number Diff line change 1+ name : golangci-lint
2+
3+ on :
4+ push :
5+ branches :
6+ - main
7+ pull_request : {}
8+
9+ permissions : {}
10+
11+ jobs :
12+ golangci-lint :
13+ name : lint
14+ runs-on : ubuntu-latest
15+ permissions :
16+ contents : read
17+ steps :
18+ - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
19+ with :
20+ persist-credentials : false
21+ - name : Install Go
22+ uses : actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
23+ with :
24+ go-version-file : go.mod
25+ - name : golangci-lint
26+ uses : golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
Original file line number Diff line number Diff line change 1+ name : Release
2+
3+ on :
4+ push :
5+ tags :
6+ - ' v*.*.*'
7+
8+ permissions :
9+ contents : read
10+
11+ jobs :
12+ release :
13+ name : Build and Release OCI Image
14+ runs-on : ubuntu-latest
15+ permissions :
16+ contents : read
17+ packages : write
18+ id-token : write
19+ attestations : write
20+ steps :
21+ - name : Checkout repository
22+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
23+ with :
24+ persist-credentials : false
25+
26+ - name : Extract version from tag
27+ id : version
28+ run : |
29+ # Extract the tag name (e.g., v1.0.0)
30+ TAG=${GITHUB_REF#refs/tags/}
31+ echo "tag=${TAG}" >> $GITHUB_OUTPUT
32+
33+ name : Set up Docker Buildx
34+ uses : docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
35+
36+ - name : Log in to GitHub Container Registry
37+ uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
38+ with :
39+ registry : ghcr.io
40+ username : ${{ github.actor }}
41+ password : ${{ secrets.GITHUB_TOKEN }}
42+
43+ - name : Build and push Docker image
44+ id : push
45+ uses : docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
46+ with :
47+ context : .
48+ file : ./Dockerfile
49+ push : true
50+ tags : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.tag }}
51+ platforms : linux/amd64,linux/arm64
52+
53+ - name : Attest build provenance
54+ uses : actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
55+ with :
56+ subject-name : ghcr.io/github/artifact-attestations-opa-provider
57+ subject-digest : ${{ steps.push.outputs.digest }}
58+ push-to-registry : true
Original file line number Diff line number Diff line change 1+ * ~
2+ /deployment-tracker
Original file line number Diff line number Diff line change 1+ version : " 2"
2+ linters :
3+ default : none
4+ enable :
5+ - asasalint
6+ - asciicheck
7+ - bidichk
8+ - bodyclose
9+ - contextcheck
10+ - dupword
11+ - durationcheck
12+ - errcheck
13+ - errchkjson
14+ - errorlint
15+ - exhaustive
16+ - gocheckcompilerdirectives
17+ - gochecksumtype
18+ - gocritic
19+ - godot
20+ - godox
21+ - gosec
22+ - gosmopolitan
23+ - govet
24+ - ineffassign
25+ - loggercheck
26+ - makezero
27+ - misspell
28+ - musttag
29+ - nilerr
30+ - nilnesserr
31+ - noctx
32+ - protogetter
33+ - reassign
34+ - recvcheck
35+ - revive
36+ - rowserrcheck
37+ - spancheck
38+ - sqlclosecheck
39+ - staticcheck
40+ - testifylint
41+ - unparam
42+ - unused
43+ - zerologlint
44+ settings :
45+ revive :
46+ enable-all-rules : true
47+ rules :
48+ - name : add-constant
49+ disabled : true
50+ - name : argument-limit
51+ arguments :
52+ - 6
53+ severity : warning
54+ disabled : false
55+ - name : confusing-naming
56+ disabled : true
57+ - name : confusing-results
58+ disabled : true
59+ - name : cyclomatic
60+ arguments :
61+ - 7
62+ disabled : true
63+ - name : file-header
64+ disabled : true
65+ - name : line-length-limit
66+ arguments :
67+ - 80
68+ severity : warning
69+ disabled : true
70+ - name : function-length
71+ disabled : true
72+ - name : cognitive-complexity
73+ disabled : true
74+ - name : max-public-structs
75+ disabled : true
76+ - name : banned-characters
77+ disabled : true
78+ - name : function-result-limit
79+ arguments :
80+ - 3
81+ severity : warning
82+ disabled : false
83+ - name : flag-parameter
84+ disabled : true
85+ - name : package-comments
86+ disabled : true
87+ wsl :
88+ allow-cuddle-declarations : true
89+ force-err-cuddling : true
90+ force-short-decl-cuddling : true
91+ exclusions :
92+ generated : lax
93+ presets :
94+ - common-false-positives
95+ - legacy
96+ - std-error-handling
97+ paths :
98+ - third_party$
99+ - builtin$
100+ - examples$
101+ formatters :
102+ enable :
103+ - gofmt
104+ exclusions :
105+ generated : lax
106+ paths :
107+ - third_party$
108+ - builtin$
109+ - examples$
Original file line number Diff line number Diff line change 1+ * @ github/package-security-reviewers
You can’t perform that action at this time.
0 commit comments