diff --git a/.github/workflows/autoapprove.yml b/.github/workflows/autoapprove.yml new file mode 100644 index 0000000..ebe28c9 --- /dev/null +++ b/.github/workflows/autoapprove.yml @@ -0,0 +1,20 @@ +name: "autoapprove" + +on: + pull_request_target: + types: [assigned, opened, synchronize, reopened] + +permissions: + pull-requests: write + contents: write + +jobs: + autoapprove: + runs-on: ubuntu-latest + steps: + - name: approve + uses: hmarr/auto-approve-action@v2 + if: github.actor == 'vtolstov' || github.actor == 'dependabot[bot]' + id: approve + with: + github-token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..5ff3f69 --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,21 @@ +name: "automerge" + +on: + pull_request_target: + types: [assigned, opened, synchronize, reopened] + +permissions: + pull-requests: write + contents: write + +jobs: + automerge: + runs-on: ubuntu-latest + if: github.actor == 'vtolstov' + steps: + - name: merge + id: merge + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.TOKEN}} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eb19b68..d8002e9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,6 +3,7 @@ on: push: branches: - master + - v3 jobs: test: name: test @@ -13,7 +14,7 @@ jobs: with: go-version: 1.16 - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: cache uses: actions/cache@v2 with: @@ -31,9 +32,9 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: lint - uses: golangci/golangci-lint-action@v2 + uses: golangci/golangci-lint-action@v3.1.0 continue-on-error: true with: # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..9b4d428 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,78 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "codeql" + +on: + workflow_run: + workflows: ["prbuild"] + types: + - completed + push: + branches: [ master, v3 ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master, v3 ] + schedule: + - cron: '34 1 * * 0' + +jobs: + analyze: + name: analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'go' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + # Learn more: + # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + + steps: + - name: checkout + uses: actions/checkout@v3 + - name: setup + uses: actions/setup-go@v2 + with: + go-version: 1.16 + # Initializes the CodeQL tools for scanning. + - name: init + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: analyze + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml new file mode 100644 index 0000000..3681028 --- /dev/null +++ b/.github/workflows/dependabot-automerge.yml @@ -0,0 +1,27 @@ +name: "dependabot-automerge" + +on: + pull_request_target: + types: [assigned, opened, synchronize, reopened] + +permissions: + pull-requests: write + contents: write + +jobs: + automerge: + runs-on: ubuntu-latest + if: github.actor == 'dependabot[bot]' + steps: + - name: metadata + id: metadata + uses: dependabot/fetch-metadata@v1.3.0 + with: + github-token: "${{ secrets.TOKEN }}" + - name: merge + id: merge + if: ${{contains(steps.metadata.outputs.dependency-names, 'go.unistack.org')}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.TOKEN}} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 545baf2..ff10c46 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -3,6 +3,7 @@ on: pull_request: branches: - master + - v3 jobs: test: name: test @@ -13,7 +14,7 @@ jobs: with: go-version: 1.16 - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: cache uses: actions/cache@v2 with: @@ -31,9 +32,9 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: lint - uses: golangci/golangci-lint-action@v2 + uses: golangci/golangci-lint-action@v3.1.0 continue-on-error: true with: # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.