From c734a015cc8d1ab8edc8901fd8a3c2cfb2f1bf69 Mon Sep 17 00:00:00 2001
From: Emmanuel Gautier <git@emmanuelgautier.fr>
Date: Tue, 16 Jan 2024 23:50:41 +0100
Subject: [PATCH] build: init goreleaser

---
 .docker/Dockerfile-build      | 22 ++++++++++++++++++++++
 .docker/Dockerfile-goreleaser |  6 ++++++
 .github/workflows/ci.yml      | 31 -------------------------------
 .github/workflows/publish.yml | 19 +++++++++++++++++++
 .gitignore                    | 24 ++++++++++++++++++++++++
 .slsa-goreleaser.yml          | 24 ++++++++++++++++++++++++
 go.mod                        |  2 +-
 go.sum                        |  3 +++
 8 files changed, 99 insertions(+), 32 deletions(-)
 create mode 100644 .docker/Dockerfile-build
 create mode 100644 .docker/Dockerfile-goreleaser
 create mode 100644 .github/workflows/publish.yml
 create mode 100644 .gitignore
 create mode 100644 .slsa-goreleaser.yml

diff --git a/.docker/Dockerfile-build b/.docker/Dockerfile-build
new file mode 100644
index 0000000..d435567
--- /dev/null
+++ b/.docker/Dockerfile-build
@@ -0,0 +1,22 @@
+FROM golang:1.21-bullseye AS builder
+
+WORKDIR /go/src/github.com/emmanuelgautier/giteway
+
+COPY go.mod go.mod
+COPY go.sum go.sum
+
+ENV CGO_ENABLED 0
+ENV GO111MODULE on
+
+RUN go mod download
+
+COPY . .
+
+RUN go build -o /usr/bin/giteway .
+
+FROM gcr.io/distroless/static-debian11:nonroot AS runner
+
+COPY --from=builder --chown=nonroot:nonroot /usr/bin/giteway /usr/bin/giteway
+
+ENTRYPOINT ["giteway", "serve"]
+CMD ["giteway"]
diff --git a/.docker/Dockerfile-goreleaser b/.docker/Dockerfile-goreleaser
new file mode 100644
index 0000000..de03002
--- /dev/null
+++ b/.docker/Dockerfile-goreleaser
@@ -0,0 +1,6 @@
+FROM gcr.io/distroless/static-debian11:nonroot
+
+COPY --chown=nonroot:nonroot giteway /usr/bin/giteway
+
+ENTRYPOINT ["giteway", "serve"]
+CMD ["giteway"]
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 48c8405..e6e13d8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -2,8 +2,6 @@ name: CI
 
 on:
   push:
-    tags:
-      - "v*.*.*"
     branches:
       - main
   pull_request:
@@ -37,32 +35,3 @@ jobs:
 
       # - name: Upload coverage reports to Codecov
       #   uses: codecov/codecov-action@v3
-
-  # publish:
-  #   needs: build
-  #   runs-on: ubuntu-latest
-  #   if: startsWith(github.ref, 'refs/tags/')
-
-  #   permissions:
-  #     contents: write
-  #     packages: write
-  #     pull-requests: write
-
-  #   steps:
-  #     - uses: actions/checkout@v4
-  #       with:
-  #         fetch-depth: 0
-
-  #     - run: git fetch --force --tags
-
-  #     - name: Setup Go environment
-  #       uses: actions/setup-go@v4
-  #       with:
-  #         go-version: ${{ env.GO_VERSION }}
-
-  #     - name: Login to GitHub Container Registry
-  #       uses: docker/login-action@v3
-  #       with:
-  #         registry: ghcr.io
-  #         username: ${{ github.actor }}
-  #         password: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
new file mode 100644
index 0000000..9b92e26
--- /dev/null
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,19 @@
+name: SLSA Go releaser
+
+on:
+  workflow_dispatch:
+  release:
+    types: [created]
+
+permissions: read-all
+
+jobs:
+  release:
+    permissions:
+      id-token: write
+      contents: write
+      actions: read
+
+    uses: slsa-framework/slsa-github-generator/.github/workflows/builder_go_slsa3.yml@v1.9.0
+    with:
+      go-version: 1.21.1
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7da13f8
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,24 @@
+# If you prefer the allow list template instead of the deny list, see community template:
+# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
+#
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+# Go workspace file
+go.work
+
+dist/
+giteway
diff --git a/.slsa-goreleaser.yml b/.slsa-goreleaser.yml
new file mode 100644
index 0000000..b1ee378
--- /dev/null
+++ b/.slsa-goreleaser.yml
@@ -0,0 +1,24 @@
+before:
+  hooks:
+    - go mod tidy
+    - go generate ./...
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
+
+dockers:
+  - image_templates:
+      - "ghcr.io/thegalactiks/giteway:{{ .Tag }}"
+      - "ghcr.io/thegalactiks/giteway:v{{ .Major }}"
+      - "ghcr.io/thegalactiks/giteway:v{{ .Major }}.{{ .Minor }}"
+      - "ghcr.io/thegalactiks/giteway:latest"
+    dockerfile: .docker/Dockerfile-goreleaser
diff --git a/go.mod b/go.mod
index 6293505..6ce9132 100644
--- a/go.mod
+++ b/go.mod
@@ -14,6 +14,7 @@ require (
 	github.com/stretchr/testify v1.8.4
 	github.com/swaggo/files v1.0.1
 	github.com/swaggo/gin-swagger v1.6.0
+	github.com/xanzy/go-gitlab v0.95.2
 	go.uber.org/fx v1.20.1
 	go.uber.org/zap v1.26.0
 )
@@ -60,7 +61,6 @@ require (
 	github.com/swaggo/swag v1.8.12 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
-	github.com/xanzy/go-gitlab v0.95.2 // indirect
 	go.uber.org/dig v1.17.0 // indirect
 	go.uber.org/multierr v1.10.0 // indirect
 	golang.org/x/arch v0.5.0 // indirect
diff --git a/go.sum b/go.sum
index 49b1a73..7878769 100644
--- a/go.sum
+++ b/go.sum
@@ -62,6 +62,7 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
 github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
+github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s=
 github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
@@ -171,6 +172,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/S
 github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI=
 github.com/hashicorp/go-hclog v0.8.0/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
 github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
+github.com/hashicorp/go-hclog v0.12.0 h1:d4QkX8FRTYaKaCZBoXYY8zJX2BXjWxurN/GA2tkrmZM=
 github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
 github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
 github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM=
@@ -249,6 +251,7 @@ github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA
 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
 github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.6 h1:6Su7aK7lXmJ/U79bYtBjLNaha4Fs1Rg9plHpcH+vvnE=
 github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=