diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..4fc58e4 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,2 @@ +custom: https://owasp.org/donate/?reponame=offat&title=OWASP+OFFAT +github: OWASP \ No newline at end of file diff --git a/.github/workflows/dev-push.yml b/.github/workflows/dev-push.yml index 0965bdc..30b2374 100644 --- a/.github/workflows/dev-push.yml +++ b/.github/workflows/dev-push.yml @@ -31,7 +31,7 @@ jobs: uses: docker/build-push-action@v3 with: context: ./src/ - file: ./src/DockerFile + file: ./src/Dockerfile push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/offat:${{ github.head_ref || github.ref_name }} # for release: ${{ github.event.release.tag_name }} platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7 diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml new file mode 100644 index 0000000..1f9b32b --- /dev/null +++ b/.github/workflows/goreleaser.yml @@ -0,0 +1,39 @@ +name: goreleaser + +on: + push: + tags: + - 'v*.*.*' + +permissions: + contents: write + +jobs: + goreleaser: + runs-on: ubuntu-latest + + steps: + - name: checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.23 + + - name: set up CycloneDX + uses: CycloneDX/gh-gomod-generate-sbom@v2 + with: + version: v1 + + - name: run GoReleaser + uses: goreleaser/goreleaser-action@v6 + working-directory: ./src + with: + distribution: goreleaser + version: latest + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.OFFAT_GH_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release-push.yml b/.github/workflows/release-push.yml index 0d6b313..3fe55d4 100644 --- a/.github/workflows/release-push.yml +++ b/.github/workflows/release-push.yml @@ -29,7 +29,7 @@ jobs: uses: docker/build-push-action@v3 with: context: ./src/ - file: ./src/DockerFile + file: ./src/Dockerfile push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/offat:${{ github.event.release.tag_name }} # for dev: ${{ github.head_ref || github.ref_name }} platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7 diff --git a/.github/workflows/test-project.yml b/.github/workflows/test-project.yml index d828d90..5403c42 100644 --- a/.github/workflows/test-project.yml +++ b/.github/workflows/test-project.yml @@ -24,7 +24,7 @@ jobs: - name: Setup Go uses: actions/setup-go@v5 with: - go-version: '1.22.x' + go-version: '1.23.x' - name: Install Dependencies run: go mod download diff --git a/src/.goreleaser.yaml b/src/.goreleaser.yaml index f0ff055..89f39f5 100644 --- a/src/.goreleaser.yaml +++ b/src/.goreleaser.yaml @@ -1,46 +1,70 @@ -# This is an example .goreleaser.yml file with some sensible defaults. -# Make sure to check the documentation at https://goreleaser.com - -# The lines below are called `modelines`. See `:help modeline` -# Feel free to remove those if you don't want/need to use them. # yaml-language-server: $schema=https://goreleaser.com/static/schema.json -# vim: set ts=2 sw=2 tw=0 fo=cnqoj - +# vim: set ts=2 sw=2 tw=0 fo=jcroql version: 2 +project_name: offat + before: hooks: - # You may remove this if you don't use go modules. - - go mod tidy - # you may remove this if you don't need go generate - - go generate ./... + - go mod tidy + - go mod download builds: - - env: - - CGO_ENABLED=0 + - main: ./cmd/offat/ + binary: offat goos: - - linux - windows + - linux - darwin + - freebsd + goarch: + - amd64 + - 386 + - arm + - arm64 + ignore: + - goos: darwin + goarch: 386 + - goos: darwin + goarch: arm + - goos: windows + goarch: 386 + - goos: windows + goarch: arm + - goos: windows + goarch: arm64 + - goos: freebsd + goarch: arm archives: - - format: tar.gz - # this name template makes the OS and Arch compatible with the results of `uname`. - name_template: >- + - name_template: >- {{ .ProjectName }}_ {{- title .Os }}_ - {{- if eq .Arch "amd64" }}x86_64 + {{- if eq .Arch "darwin" }}macos {{- else if eq .Arch "386" }}i386 {{- else }}{{ .Arch }}{{ end }} - {{- if .Arm }}v{{ .Arm }}{{ end }} - # use zip for windows archives - format_overrides: - - goos: windows - format: zip + wrap_in_directory: true + format: zip + files: + - LICENSE + - README.md + +sboms: + - documents: + - "{{ .Binary }}_{{ .Os }}_{{ .Arch }}.bom.json" + artifacts: binary + cmd: cyclonedx-gomod + env: + - GOOS={{ .Os }} + - GOARCH={{ .Arch }} + args: [ "app", "-main", "cmd/offat", "-licenses", "-packages", "-json", "-output", "$document", "../" ] + +checksum: + name_template: "{{ .ProjectName }}_checksums.txt" changelog: - sort: asc + sort: desc filters: exclude: - - "^docs:" - - "^test:" + - '^MERGE' + - "{{ .Tag }}" \ No newline at end of file diff --git a/src/LICENSE b/src/LICENSE new file mode 100644 index 0000000..9cf1062 --- /dev/null +++ b/src/LICENSE @@ -0,0 +1,19 @@ +MIT License + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE.