fix: unify codeql/lint/sec/unit 🐛

[MartinezAvellan]

Midaz Pull Request Checklist

Pull Request Type

• Auth
• Infra
• Ledger
• Mdz
• Transaction
• Pipeline
• Documentation

Checklist

Please check each item after it's completed.

• I have tested these changes locally.
• I have updated the documentation accordingly.
• I have added necessary comments to the code, especially in complex areas.
• I have ensured that my changes adhere to the project's coding standards.
• I have checked for any potential security issues.
• I have ensured that all tests pass.
• I have updated the version appropriately (if applicable).
• I have confirmed this code is ready for review.

Additional Notes

Obs: Please, always remember to target your PR to develop branch instead of main.

[what-the-diff]

PR Summary

• Removal of the CodeQL Workflow File
  The existing .github/workflows/codeql.yml workflow file has been removed.

• Combined Analysis Workflow
  A new, comprehensive workflow file named .github/workflows/go-combined-analysis.yml has been introduced. This file includes:

  • CodeQL analysis for Go: Assists in discovering and dealing with security vulnerabilities in the code.
  • GoLangCI-Lint: This tool helps in analyzing the quality of the code and ensures adherence to coding standards.
  • GoSec: This component helps with the identification of potential security problems in the code.
  • A unit testing job: Specifically, it runs tests located in the components/ledger directory to validate the proper functioning of the individual units of code.

• Deletion of Outdated Workflow Files
  Outdated workflow files namely:

  • .github/workflows/golangci-lint.yml
  • .github/workflows/gosec.yml
  • .github/workflows/unit-tests.yml
    have been removed.

This consolidation enhances the workflow, reduces duplication, and promises better, more secure code.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[lerian-studio-midaz-push-bot]

Pull requests to main can only come from develop or hotfix branches. Please change base!!!

done

[lerian-studio-midaz-push-bot]

Pull requests to main can only come from develop or hotfix branches. Please change base!!!

done

[lerian-studio-midaz-push-bot]

Pull requests to main can only come from develop or hotfix branches. Please change base!!!

done

[lerian-studio-midaz-push-bot]

🎉 This PR is included in version 1.31.0-beta.9 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀