From 86afd9e7651e6c98384ccc70f83519cb9a2ecfec Mon Sep 17 00:00:00 2001 From: asararatnakar Date: Fri, 8 Dec 2023 11:28:47 -0500 Subject: [PATCH] Add basic checks to workflow Signed-off-by: asararatnakar --- .github/workflows/basic-tests.yaml | 44 ++++++++++ Makefile | 35 ++++++++ pkg/apis/deployer/deployer.go | 1 - pkg/apis/peer/v2/peer.go | 1 - scripts/check-licenses.sh | 127 +++++++++++++++++++++++++++++ scripts/checks.sh | 44 ++++++++++ scripts/copy_apis.sh | 4 +- scripts/go-sec.sh | 23 ++++++ 8 files changed, 276 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/basic-tests.yaml create mode 100644 Makefile create mode 100755 scripts/check-licenses.sh create mode 100755 scripts/checks.sh create mode 100755 scripts/go-sec.sh diff --git a/.github/workflows/basic-tests.yaml b/.github/workflows/basic-tests.yaml new file mode 100644 index 00000000..8479e600 --- /dev/null +++ b/.github/workflows/basic-tests.yaml @@ -0,0 +1,44 @@ +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +name: basic-tests + +on: + push: + branches: [api] + pull_request: + branches: [api] + +env: + GO_VER: 1.18 + +jobs: + make-checks: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up go + uses: actions/setup-go@v3 + with: + go-version: ${{ env.GO_VER }} + - name: license header checks + run: make check-license + - name: gosec + run: make go-sec + - name: Run vet and format checks + run: make checks \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 00000000..311ce267 --- /dev/null +++ b/Makefile @@ -0,0 +1,35 @@ +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +## license checks +check-license: + @scripts/check-licenses.sh + +# Run go fmt against code +fmt: + go fmt ./... + +# Run go vet against code +vet: + @scripts/checks.sh + +checks: fmt vet + +# gosec checks +go-sec: + @scripts/go-sec.sh \ No newline at end of file diff --git a/pkg/apis/deployer/deployer.go b/pkg/apis/deployer/deployer.go index 7dfa3608..78747229 100644 --- a/pkg/apis/deployer/deployer.go +++ b/pkg/apis/deployer/deployer.go @@ -392,4 +392,3 @@ type ConsoleImages struct { // MustgatherDigest is the digest of the mustgather image MustgatherDigest string `json:"mustgatherDigest,omitempty"` } - diff --git a/pkg/apis/peer/v2/peer.go b/pkg/apis/peer/v2/peer.go index 3744775d..c0497093 100644 --- a/pkg/apis/peer/v2/peer.go +++ b/pkg/apis/peer/v2/peer.go @@ -208,4 +208,3 @@ type KeepAlive struct { Client v1.KeepAliveClient `json:"client,omitempty"` DeliveryClient v1.KeepAliveClient `json:"deliveryClient,omitempty"` } - diff --git a/scripts/check-licenses.sh b/scripts/check-licenses.sh new file mode 100755 index 00000000..be98f622 --- /dev/null +++ b/scripts/check-licenses.sh @@ -0,0 +1,127 @@ +#!/bin/bash +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +cat << EOB > golang_copyright.txt +/* + * Copyright contributors to the Hyperledger Fabric Operator project + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +EOB + +cat << EOB > shell_copyright.txt +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +EOB + +function filterGeneratedFiles { + for f in $@; do + head -n5 $f | grep -qE 'Code generated by.*DO NOT EDIT' || echo $f + done +} + +function filterExcludedFiles { + CHECK=`echo "$CHECK" \ + | grep -v "^\.git/" \ + | grep -v "^\.gitignore" \ + | grep -v "\.txt$" \ + | grep -v "vendor/" \ + | grep -v "go.mod" \ + | grep -v "go.sum" \ + | grep -v .deepcopy.go \ + | sort -u` + + CHECK=$(filterGeneratedFiles "$CHECK") +} + +CHECK=$(git diff --name-only --diff-filter=ACMRTUXB HEAD) +filterExcludedFiles +if [[ -z "$CHECK" ]]; then + CHECK=$(git diff-tree --no-commit-id --name-only --diff-filter=ACMRTUXB -r "HEAD^..HEAD") + filterExcludedFiles +fi + +if [[ -z "$CHECK" ]]; then + echo "All files are excluded from having license headers" + exit 0 +fi + +missing=`echo "$CHECK" | xargs ls -d 2>/dev/null | xargs grep -L "SPDX-License-Identifier: Apache-2.0"` +if [[ -z "$missing" ]]; then + echo "All files have SPDX-License-Identifier: Apache-2.0" + exit 0 +fi + +TMPFILE="./tmpfile" + +for FILE in ${missing}; do + EXT="${FILE##*.}" + echo "Adding copyright notice to $FILE" + if [ "${EXT}" = "go" ]; then + cat golang_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + elif [ "${EXT}" = "yaml" ]; then + cat shell_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + elif [ "${EXT}" = "sh" ]; then + cat shell_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + else + echo "invalid file extension" + fi +done + +rm golang_copyright.txt shell_copyright.txt + +exit 0 \ No newline at end of file diff --git a/scripts/checks.sh b/scripts/checks.sh new file mode 100755 index 00000000..eb547d27 --- /dev/null +++ b/scripts/checks.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# Need to run this before go vet +go mod download + +echo "Running 'go vet'" +OUTPUT=`go vet -all ./... 2>&1` +if [ -n "$OUTPUT" ]; then + echo "The following files contain go vet errors" + echo $OUTPUT + exit 1 +fi +echo "No 'go vet' issues found" + +cd /tmp +go install golang.org/x/tools/cmd/goimports@ff88973b1e4e +cd - +echo "Checking imports ..." +found=`goimports -l \`find . -path ./vendor -prune -o -name "*.go" -print\` 2>&1` +found=$(echo "$found" | grep -v generated) +if [ "$found" != "" ]; then + echo "The following files have import problems:" + echo "$found" + echo "You may run 'goimports -w ' to fix each file." + exit 1 +fi +echo "All files are properly formatted" \ No newline at end of file diff --git a/scripts/copy_apis.sh b/scripts/copy_apis.sh index 6e92969c..556eab5d 100755 --- a/scripts/copy_apis.sh +++ b/scripts/copy_apis.sh @@ -62,5 +62,7 @@ do file_name=$(basename "$file_path") cat ${file_path} | head -${line} > /tmp/${file_name} mv /tmp/${file_name} ${file_path} +done -done \ No newline at end of file +## format the files +go fmt ../... \ No newline at end of file diff --git a/scripts/go-sec.sh b/scripts/go-sec.sh new file mode 100755 index 00000000..474e64e4 --- /dev/null +++ b/scripts/go-sec.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin $RELEASE + +gosec ./... \ No newline at end of file