Merge pull request #16 from 030/12-grouping

[#6][#12][#13] Add grouping of various Maven repositories functionality.

.dockerignore

@@ -0,0 +1,2 @@
+test/gradle/demo
+test/npm/demo

.github/workflows/dip.yml

@@ -1,6 +1,6 @@
 ---
 name: DIP
-on: [push]
+'on': push
 jobs:
   dive:
     runs-on: ubuntu-latest
@@ -20,3 +20,8 @@ jobs:
           GOLANGCI_LINT_VERSION=$(./dip image --name=golangci/golangci-lint --regex=^v1\.[0-9]+\.[0-9]+-alpine$)
           echo "Check whether the latest GolangCI version: '${GOLANGCI_LINT_VERSION}' is used..."
           grep "golangci-lint:${GOLANGCI_LINT_VERSION}" ./.github/workflows/go.yml
+      - name: Check Yamllint
+        run: |
+          YAMLLINT_VERSION=$(./dip image --name=pipelinecomponents/yamllint --regex=0\..*)
+          echo "Check whether the latest yamllint version: '${YAMLLINT_VERSION}' is used..."
+          grep "pipelinecomponents/yamllint:${YAMLLINT_VERSION}" ./.github/workflows/yamllint.yml

.github/workflows/dive.yml

@@ -1,6 +1,6 @@
 ---
 name: Dive CI
-on: [push]
+'on': push
 jobs:
   dive:
     runs-on: ubuntu-latest

.github/workflows/docker.yml

@@ -1,6 +1,6 @@
 ---
 name: Docker
-on:
+'on':
   push:
     tags:
       - '*'

.github/workflows/dockle.yml

@@ -1,6 +1,6 @@
 ---
 name: Dockle
-on: [push]
+'on': push
 jobs:
   dive:
     runs-on: ubuntu-latest

.github/workflows/go.yml

@@ -1,41 +1,60 @@
 ---
 name: Go
-on: [push]
+'on': push
 jobs:
   build:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        include:
-          - os: macos-10.15
-            shasum: shasum -a 512
-          - os: ubuntu-20.04
-            shasum: sha512sum
+    runs-on: ubuntu-20.04
     steps:
       - uses: actions/checkout@v2
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
           go-version: 1.19.0
+      - uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 14
       - name: Unit tests
-        run: go test ./... -cover
-        if: ${{ startsWith(matrix.os, 'ubuntu') }}
+        timeout-minutes: 15
+        run: |
+          go test -short -cover -v -coverprofile=coverage.txt \
+          -covermode=atomic ./...
+      - uses: codecov/codecov-action@v1
+        with:
+          files: ./coverage.txt
+          flags: unittests
+          verbose: true
+      - name: SonarCloud Scan
+        uses: sonarsource/sonarcloud-github-action@master
+        with:
+          args: >
+            -Dsonar.organization=030-github
+            -Dsonar.projectKey=030_yaam
+            -Dsonar.exclusions=internal/goswagger/**,test/gradle/demo/**,test/npm/demo/**
+            -Dsonar.sources=.
+            -Dsonar.coverage.exclusions=**/*_test.go,internal/goswagger/**/*,test/gradle/demo/**,test/npm/demo/**
+            -Dsonar.verbose=true
+            -Dsonar.go.coverage.reportPaths="coverage.txt"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       - name: Set YAAM deliverable environment variable
-        run: echo "yaam-deliverable=yaam-${{ matrix.os }}" >> $GITHUB_ENV
+        run: echo "yaam-deliverable=yaam-ubuntu-20.04" >> $GITHUB_ENV
       - name: Use the value
         run: |
           echo "${{ env.yaam-deliverable }}"
       - name: Build
         run: ./scripts/build.sh
         env:
           YAAM_DELIVERABLE: ${{ env.yaam-deliverable }}
-          SHA512_CMD: ${{ matrix.shasum }}
+          SHA512_CMD: sha512sum
       - name: Quality
         run: |
           docker run --rm -v ${PWD}:/data markdownlint/markdownlint:0.11.0 \
             README.md -s /data/configs/.markdownlint.rb
-          docker run --rm -v $(pwd):/data cytopia/yamllint:1.26-0.8 .
           docker run --rm -v $(pwd):/app -w /app -e GOFLAGS=-buildvcs=false \
-            golangci/golangci-lint:v1.48.0-alpine golangci-lint run -v \
+            golangci/golangci-lint:v1.49.0-alpine golangci-lint run -v \
             --timeout 2m30s
-        if: ${{ startsWith(matrix.os, 'ubuntu') }}

.github/workflows/gosec.yml

@@ -1,6 +1,6 @@
 ---
 name: Run Gosec
-on:
+'on':
   push:
     branches:
       - main
@@ -11,7 +11,7 @@ jobs:
   tests:
     runs-on: ubuntu-latest
     env:
-      GO111MODULE: on
+      GO111MODULE: 'on'
     steps:
       - name: Checkout Source
         uses: actions/checkout@v2

.github/workflows/hadolint.yml

@@ -1,5 +1,6 @@
+---
 name: Hadolint
-on: [push]
+'on': push
 jobs:
   dive:
     runs-on: ubuntu-latest

.github/workflows/release.yml

@@ -1,30 +1,21 @@
 ---
 name: Release
-on:
+'on':
   push:
     tags:
       - '*'
 jobs:
   release:
     name: Create Release
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        include:
-          - os: macos-10.15
-            shasum: shasum -a 512
-          - os: ubuntu-20.04
-            shasum: sha512sum
+    runs-on: ubuntu-20.04
     steps:
       - uses: actions/checkout@v2
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
           go-version: 1.19.0
       - name: Set YAAM deliverable environment variable
-        run: echo "yaam-deliverable=yaam-${{ matrix.os }}" >> $GITHUB_ENV
-        if: |
-          ${{ startsWith(matrix.os, 'mac') || startsWith(matrix.os, 'ubuntu') }}
+        run: echo "yaam-deliverable=yaam-ubuntu-20.04" >> $GITHUB_ENV
       - name: Use the value
         run: |
           echo "${{ env.yaam-deliverable }}"
@@ -34,27 +25,12 @@ jobs:
           echo "Version: ${version}"
           echo "Checking README.md..."
           grep "yaam:${version}" docs/usage/DOCKER.md
-        # yamllint disable rule:line-length
-        if: ${{ startsWith(matrix.os, 'mac') || startsWith(matrix.os, 'ubuntu') }}
       - name: Create release
         run: ./scripts/build.sh
         env:
           YAAM_DELIVERABLE: ${{ env.yaam-deliverable }}
           GITHUB_TAG: ${{ github.ref }}
-          SHA512_CMD: ${{ matrix.shasum }}
-        if: ${{ startsWith(matrix.os, 'mac') || startsWith(matrix.os, 'ubuntu') }}
-      - name: Create release windows
-        shell: cmd
-        run: |
-          echo "GITHUB_TAG: '${{ github.ref }}'"
-          echo "YAAM_DELIVERABLE: '${{ env.yaam-deliverable }}'"
-          cd cmd/yaam
-          go build -buildvcs=false -ldflags "-X main.Version=${{ github.ref }}" -o "${{ env.yaam-deliverable }}"
-          sha512sum "${{ env.yaam-deliverable }}" > "${{ env.yaam-deliverable }}.sha512.txt"
-          chmod +x "${{ env.yaam-deliverable }}"
-          ls yaam-windows-2019
-        if: ${{ startsWith(matrix.os, 'windows') }}
-        # yamllint enable rule:line-length
+          SHA512_CMD: sha512sum
       - name: Upload binaries to release
         uses: svenstaro/upload-release-action@v2
         with:

.github/workflows/trivy.yml

@@ -1,6 +1,6 @@
 ---
 name: Trivy
-on: [push]
+'on': push
 jobs:
   build:
     name: Build
@@ -11,12 +11,23 @@ jobs:
       - name: Build an image from Dockerfile
         run: |
           docker build -t utrecht/yaam:${{ github.sha }} .
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
+        with:
+          image-ref: 'utrecht/yaam:${{ github.sha }}'
+          format: sarif
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL,HIGH'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: "utrecht/yaam:${{ github.sha }}"
-          format: "table"
-          exit-code: "1"
+          image-ref: 'utrecht/yaam:${{ github.sha }}'
+          format: 'table'
+          exit-code: '1'
           ignore-unfixed: true
-          vuln-type: "os,library"
-          severity: "CRITICAL,HIGH"
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'

.github/workflows/yamllint.yml

@@ -0,0 +1,16 @@
+---
+name: Yamllint
+'on': push
+jobs:
+  yamllint:
+    runs-on: ubuntu-latest
+    container:
+      image: pipelinecomponents/yamllint:0.20.7
+      env:
+        YAMLLINT_CONFIG_FILE: /code/configs/.yamllint.yaml
+      options: --cpus 1
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: run yamllint
+        run: yamllint .

.gitignore

@@ -1 +1,10 @@
 cmd/yaam/yaam
+
+test/gradle/demo/.gradle
+test/gradle/demo/build
+test/gradle/demo/build.gradle
+test/gradle/demo/settings.gradle
+
+test/npm/demo/node_modules
+test/npm/demo/.npmrc
+test/npm/demo/package-lock.json

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.19.0-alpine3.16 as builder
+FROM golang:1.19.1-alpine3.16 as builder
 ARG VERSION
 ENV USERNAME=yaam
 ENV BASE=/opt/${USERNAME}

README.md

@@ -31,6 +31,7 @@
 [![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=030_yaam&metric=reliability_rating)](https://sonarcloud.io/dashboard?id=030_yaam)
 [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=030_yaam&metric=security_rating)](https://sonarcloud.io/dashboard?id=030_yaam)
 [![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=030_yaam&metric=sqale_index)](https://sonarcloud.io/dashboard?id=030_yaam)
+[![codecov](https://codecov.io/gh/030/yaam/branch/main/graph/badge.svg)](https://codecov.io/gh/030/yaam)
 [![BCH compliance](https://bettercodehub.com/edge/badge/030/yaam?branch=main)](https://bettercodehub.com/results/030/yaam)
 [![GolangCI](https://golangci.com/badges/github.com/golangci/golangci-web.svg)](https://golangci.com/r/github.com/030/yaam)
 [![codebeat badge](https://codebeat.co/badges/af6b1a01-df2c-40e7-bfb1-13ec0bb90087)](https://codebeat.co/projects/github-com-030-yaam-main)