diff --git a/.deepsource.toml b/.deepsource.toml deleted file mode 100644 index f941cb9..0000000 --- a/.deepsource.toml +++ /dev/null @@ -1,20 +0,0 @@ -version = 1 - -[[analyzers]] -name = "go" -enabled = true - - [analyzers.meta] - import_paths = ["github.com/gonzolino/gotado"] - -[[analyzers]] -name = "test-coverage" -enabled = true - -[[analyzers]] -name = "secrets" -enabled = true - -[[transformers]] -name = "gofmt" -enabled = true diff --git a/.github/mergify.yml b/.github/mergify.yml deleted file mode 100644 index c930f7c..0000000 --- a/.github/mergify.yml +++ /dev/null @@ -1,38 +0,0 @@ -pull_request_rules: - - name: Automatic approve for Dependabot - conditions: - - author=dependabot[bot] - - "check-success=DeepSource: Go" - - "check-success=DeepSource: Secrets" - - "check-success=DeepSource: Transformers" - - "check-success=GitGuardian Security Checks" - - "check-success=License Compliance" - actions: - review: - message: auto approve dependabot - - - name: Automatic approve for owner - conditions: - - author=gonzolino - - "check-success=DeepSource: Go" - - "check-success=DeepSource: Secrets" - - "check-success=DeepSource: Transformers" - - "check-success=GitGuardian Security Checks" - - "check-success=License Compliance" - actions: - review: - message: auto approve owner - - - name: Automatic merge approved by Mergify - conditions: - - approved-reviews-by=mergify[bot] - actions: - merge: - method: merge - - - name: Automatic merge approved by owner - conditions: - - approved-reviews-by=gonzolino - actions: - merge: - method: merge diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml new file mode 100644 index 0000000..f03138b --- /dev/null +++ b/.github/release-drafter.yml @@ -0,0 +1,20 @@ +name-template: v$RESOLVED_VERSION +tag-template: v$RESOLVED_VERSION + +version-resolver: + major: + labels: + - breaking + minor: + labels: + - enhancement + patch: + labels: + - bug + - dependencies + default: minor + +template: | + ## What’s Changed + + $CHANGES diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 0000000..e9ab5e2 --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,30 @@ +name: Dependabot + +on: + pull_request: + +jobs: + auto-merge: + name: Auto-merge + runs-on: ubuntu-latest + permissions: + pull-requests: write + if: github.event.pull_request.user.login == 'dependabot[bot]' + steps: + - run: gh pr merge --auto --merge "${{ github.event.pull_request.html_url }}" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + approve: + name: Approve + runs-on: ubuntu-latest + permissions: + pull-requests: write + if: github.event.pull_request.user.login == 'dependabot[bot]' + steps: + - id: metadata + uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 # v2.3.0 + # Approve the PR if the update type is a patch or minor version update + - if: contains(fromJson('["version-update:semver-patch", "version-update:semver-minor"]'), steps.metadata.outputs.update-type) + run: gh pr review --approve "${{ github.event.pull_request.html_url }}" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 533d23d..84b4dfc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,33 +5,18 @@ on: branches: - main +permissions: + contents: read + jobs: - release-please: - name: Release Please - outputs: - release_created: ${{ steps.release-please.outputs.release_created }} - runs-on: ubuntu-latest - steps: - - id: release-please - uses: google-github-actions/release-please-action@v4.1.1 - with: - token: ${{ secrets.PERSONAL_GITHUB_TOKEN }} - release-type: go - package-name: gotado - label: - if: ${{ needs.release-please.outputs.release_created }} - name: Label PR - needs: release-please + draft: + name: Draft Release runs-on: ubuntu-latest - - env: - GITHUB_TOKEN: ${{ secrets.PERSONAL_GITHUB_TOKEN }} + permissions: + contents: write + pull-requests: read steps: - - uses: actions/checkout@v4 - - name: Get PR number - id: pr - run: | - echo "pr_number=$(gh pr list --state merged --label 'autorelease: tagged' --json number --jq '.[0].number')" >> $GITHUB_OUTPUT - - run: "gh pr edit ${{ steps.pr.outputs.pr_number }} --remove-label 'autorelease: tagged'" - - run: "gh pr edit ${{ steps.pr.outputs.pr_number }} --add-label 'autorelease: published'" + - uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml deleted file mode 100644 index adcd293..0000000 --- a/.github/workflows/review.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Review - -on: - push: - branches: - - main - schedule: - - cron: "19 7 * * 2" - -jobs: - go-test: - name: Go Test - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - with: - go-version: '1.20' - - name: Report test-coverage to DeepSource - run: | - go test -coverprofile=${COVERAGE_FILE} -v ./... - curl https://deepsource.io/cli | sh - ./bin/deepsource report --analyzer test-coverage --key $LANGUAGE_KEY --value-file ${COVERAGE_FILE} - env: - DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }} - COVERAGE_FILE: cover.out - LANGUAGE_KEY: go - codeql: - name: CodeQL - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - language: ["go"] - steps: - - uses: actions/checkout@v4 - - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - - uses: github/codeql-action/autobuild@v3 - - uses: github/codeql-action/analyze@v3