Skip to content

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@brancz
brancz committed Apr 4, 2023
0 parents commit fcaf0ac
Show file tree
Hide file tree
Showing 20 changed files with 1,320 additions and 0 deletions.
11 changes: 11 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
.vscode
.idea
.git
Dockerfile
*.md
/dist
/images
/.github
/tmp
target
debug
14 changes: 14 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
root = true

[*]
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

[*.go]
indent_style = tab

[*.{rs,sh}]
indent_style = space
indent_size = 4
1 change: 1 addition & 0 deletions .errcheck_excludes.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
(github.com/go-kit/log.Logger).Log
74 changes: 74 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
name: Build

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

env:
# renovate: datasource=go depName=mvdan.cc/gofumpt
GOFUMPT_VERSION: v0.3.1
# renovate: datasource=go depName=github.com/golangci/golangci-lint
GOLANGCI_LINT_VERSION: v1.50.1

jobs:
skip-check:
name: Skip check
continue-on-error: true
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip-check.outputs.should_skip }}
permissions:
actions: write
contents: read
steps:
- id: skip-check
uses: fkirc/skip-duplicate-actions@9d116fa7e55f295019cfab7e3ab72b478bcf7fdd # tag=v4.0.0
with:
do_not_skip: '["schedule", "workflow_dispatch"]'
paths: |-
[
"**.go",
".github/workflows/build.yml",
"Makefile",
"go.mod",
"go.sum"
]
skip_after_successful_duplicate: false

go-build-test:
name: Go Build
runs-on: ubuntu-latest
needs: skip-check
if: ${{ needs.skip-check.outputs.should_skip != 'true' }}
steps:
- name: Check out the code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2

- name: Set up Go
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # tag=v3.2.1
with:
go-version-file: 'go.mod'
check-latest: true
cache: true

- name: Build
run: make build

- name: Test
run: |
make test
- name: Format
run: |
make format
git diff --exit-code
- name: Vet
run: make vet

- name: Lint
uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # tag=v3.3.1
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
71 changes: 71 additions & 0 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"

on:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '28 16 * * 3'

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
# Learn more:
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed

steps:
- name: Check out the code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2

- name: Set up Go
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # tag=v3.2.1
with:
go-version-file: 'go.mod'
cache: true

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@0c670bbf0414f39666df6ce8e718ec5662c21e03 # tag=v2.1.17
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
# - name: Autobuild
# uses: github/codeql-action/autobuild@v1

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl

- run: make build

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@0c670bbf0414f39666df6ce8e718ec5662c21e03 # tag=v2.1.17
135 changes: 135 additions & 0 deletions .github/workflows/container.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
name: Container

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

env:
# renovate: datasource=go depName=github.com/goreleaser/goreleaser
GORELEASER_VERSION: v1.10.2

jobs:
skip-check:
name: Skip check
continue-on-error: true
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip-check.outputs.should_skip }}
permissions:
actions: write
contents: read
steps:
- id: skip-check
uses: fkirc/skip-duplicate-actions@9d116fa7e55f295019cfab7e3ab72b478bcf7fdd # tag=v4.0.0
with:
do_not_skip: '["schedule", "workflow_dispatch"]'
paths: |-
[
"**.go",
".dockerignore",
".github/workflows/container.yml",
"Dockerfile*",
"Makefile",
"go.mod",
"go.sum"
]
skip_after_successful_duplicate: false


build-binaries:
name: Build binaries using goreleaser
needs: skip-check
if: ${{ needs.skip-check.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
container:
image: docker.io/goreleaser/goreleaser-cross:v1.18.3
options: --privileged
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GORELEASER_CURRENT_TAG: "${{ env.goreleaser_current_tag }}"
steps:
- name: Check out the code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2

- name: Set up Go
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # tag=v3.2.1
with:
go-version-file: 'go.mod'
cache: true

- name: Run Goreleaser
run: goreleaser release --rm-dist --skip-validate --skip-publish --snapshot --debug

- name: Archive generated artifacts
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3.1.0
with:
name: parca-push-dist-container
if-no-files-found: error
path: |
goreleaser/dist
!goreleaser/dist/*.txt
build-and-push-container:
name: Container build and push (when merged)
needs: build-binaries
runs-on: ubuntu-latest
container:
# https://github.com/containers/podman/tree/main/contrib/podmanimage
# Specifying SHA repeatedly fails:
# @sha256:421ac576cebff98e90c531e7b9ce4482370ecc7cee59abc2341714031bfb5f43
image: quay.io/containers/podman:v4.1.1
options: >-
--device /dev/fuse:rw
--privileged
--security-opt label=disable
--security-opt seccomp=unconfined
permissions:
id-token: write
packages: write
contents: read
steps:
- name: Install dependencies
run: dnf install --assumeyes --repo fedora git make jq

- name: Check out code into the Go module directory
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2

- name: Set up Go
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # tag=v3.2.1
with:
go-version-file: 'go.mod'
check-latest: true

- uses: actions/download-artifact@v3
with:
name: parca-push-dist-container
path: goreleaser/dist

- name: Build container
run: make container

- name: Check images are created
run: podman images | grep 'ghcr.io/parca-dev/parca-push'

- name: Install cosign
if: ${{ github.event_name != 'pull_request' }}
uses: sigstore/cosign-installer@09a077b27eb1310dcfb21981bee195b30ce09de0 # tag=v2.5.0

- name: Login to registry
if: ${{ github.event_name != 'pull_request' }}
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | podman login -u parca-dev --password-stdin ghcr.io
- name: Install crane
if: ${{ github.event_name != 'pull_request' }}
uses: imjasonh/setup-crane@e82f1b9a8007d399333baba4d75915558e9fb6a4 # tag=v0.2

- name: Push and sign container
if: ${{ github.event_name != 'pull_request' }}
env:
COSIGN_EXPERIMENTAL: true
run: |
make push-container
make sign-container
58 changes: 58 additions & 0 deletions .github/workflows/docs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: Documents

on:
push:
branches: [ main ]
paths:
pull_request:
branches: [ main ]

jobs:
skip-check:
name: Skip check
continue-on-error: true
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip-check.outputs.should_skip }}
permissions:
actions: write
contents: read
steps:
- id: skip-check
uses: fkirc/skip-duplicate-actions@9d116fa7e55f295019cfab7e3ab72b478bcf7fdd # tag=v4.0.0
with:
do_not_skip: '["schedule", "workflow_dispatch"]'
paths: |-
[
".github/workflows/docs.yml",
"Makefile",
"cmd/parca-push/main.go",
"docs"
]
skip_after_successful_duplicate: false

docs:
name: Generate documentation
needs: skip-check
if: ${{ needs.skip-check.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- name: Check out the code
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2

- name: Set up Go
uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # tag=v3.2.1
with:
go-version-file: 'go.mod'
cache: true

- name: Set up tools
run: ./env.sh

- name: Build
run: make build

- name: Docs check
run: |
make README.md
git diff --exit-code
Loading

0 comments on commit fcaf0ac

Please sign in to comment.