rebased sync main to fix-issue-1793 branch

Signed-off-by: jose luis <[email protected]>

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,57 @@
+name: Bug
+description: File a bug/issue
+title: "[BUG] <title>"
+labels: ["kind/bug"]
+body:
+  - type: markdown
+    attributes:
+      value: "## Thank you for contributing to our Kompose!"
+  - type: textarea
+    attributes:
+      label: Expected Behavior
+      description: |
+        Briefly describe what is the desired behavior.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Actual Behavior
+      description: |
+        Briefly describe what is the actual behavior.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Steps To Reproduce
+      description: Steps to reproduce the behavior.
+      placeholder: |
+        1. In this environment...
+        2. With this config...
+        3. Run '...'
+        4. See error or unexpected result...
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Kompose Version
+      description: |
+        Paste output of `kompose version`.
+      render: Text
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Docker-Compose file
+      description: Paste output of the `docker-compose.yaml` that you are using.
+      render: YAML
+    validations:
+      required: false
+  - type: textarea
+    attributes:
+      label: Anything else?
+      description: |
+        Links? References? Anything that will give us more context about the issue you are encountering!
+
+        Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Kubernetes Community Slack
+    url: https://kubernetes.slack.com
+    about: "Use the #kompose channel"

.github/ISSUE_TEMPLATE/enhancement.yml

@@ -0,0 +1,22 @@
+name: Enhancement Tracking Issue
+description: Provide supporting details for a feature in development
+labels: kind/feature
+body:
+  - type: markdown
+    attributes:
+      value: "## Thank you for contributing to our Kompose!"
+  - type: textarea
+    id: feature
+    attributes:
+      label: What would you like to be added?
+      description: |
+        Describe what feature/enhancement that you want to be added to Kompose.
+    validations:
+      required: true
+
+  - type: textarea
+    id: rationale
+    attributes:
+      label: Why is this needed?
+    validations:
+      required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,20 @@
+#### What type of PR is this?
+
+<!--
+Add one of the following kinds:
+/kind bug
+/kind cleanup
+/kind documentation
+/kind feature
+-->
+
+#### What this PR does / why we need it:
+
+#### Which issue(s) this PR fixes:
+<!--
+*Automatically closes linked issue when PR is merged.
+Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
+-->
+Fixes #
+
+#### Special notes for your reviewer:

.github/dependabot.yaml

@@ -0,0 +1,22 @@
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+
+updates:
+  - commit-message:
+      include: "scope"
+      prefix: "chore(deps)"
+    directory: "/"
+    open-pull-requests-limit: 10
+    package-ecosystem: "gomod"
+    schedule:
+      interval: "daily"
+
+  - commit-message:
+      include: "scope"
+      prefix: "chore(ci)"
+    directory: "/"
+    open-pull-requests-limit: 10
+    package-ecosystem: "github-actions"
+    schedule:
+      interval: "daily"

.github/workflows/go.yml

@@ -0,0 +1,35 @@
+name: Go
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+env:
+  # Avoid noisy outputs like "tput: No value for $TERM and no -T specified"
+  TERM: dumb
+
+jobs:
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.x
+      uses: actions/setup-go@v5
+      with:
+        go-version: ^1.19
+      id: go
+
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v4
+
+    - name: Build
+      run: make bin
+
+    - name: Upload a Build Artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: "kompose"
+        path: "kompose"

.github/workflows/lint.yml

@@ -0,0 +1,19 @@
+name: lint
+on:
+  pull_request:
+jobs:
+  lint:
+    strategy:
+      matrix:
+        go: [1.18, 1.19]
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout"
+        uses: actions/checkout@v4
+      - name: "Install golang"
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ matrix.go }}
+      - name: "Run go vet"
+        run: "go vet ./pkg/..."

.github/workflows/test.yml

@@ -0,0 +1,49 @@
+name: Kompose CI
+on:
+  push:
+    branches:
+      - main 
+  pull_request:
+env:
+  # Avoid noisy outputs like "tput: No value for $TERM and no -T specified"
+  TERM: dumb
+jobs:
+  test:
+    name: Test with ${{ matrix.go }} and CROSS_COMPILE=${{ matrix.cross_compile }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go: [1.18, 1.19]
+        cross_compile: [true, false]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: ${{ matrix.go }}
+      - name: Install dyff
+        run: go install github.com/homeport/dyff/cmd/[email protected]
+      - name: Run tests
+        run: make test
+      - name: Perform cross compile
+        if: ${{ matrix.cross_compile }}
+        run: make cross
+  docs:
+    name: Build docs and Coveralls integration
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 1.19
+      - name: Install dyff
+        run: go install github.com/homeport/dyff/cmd/[email protected]
+      - name: Create .coverprofile for each targeted directory by re:running tests
+        run: make test
+      - name: Collect all .coverprofile files and save it to one file gover.coverprofile
+        run: gover
+      - name: Send coverage
+        run: goveralls -coverprofile=gover.coverprofile -service=github
+        env:
+          # As per https://github.com/mattn/goveralls#github-actions
+          COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,84 @@
+#
+# KOMPOSE SPECIFIC
+#
+
+# Ignore compiled Kompose files
+kompose
+bin
+/docker-compose.yaml
+/docker-compose.yml
+/compose.yaml
+/compose.yml
+changes.txt
+
+# Ignore site documents / when switching branches
+docs/_site/
+docs/.jekyll-cache/
+docs/.git/
+docs/.gitignore
+_site/
+.jekyll-cache/
+
+#
+# GO SPECIFIC
+#
+
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Coveralls files
+.coverprofile
+
+#
+# VIM SPECIFIC
+#
+
+# swap
+[._]*.s[a-w][a-z]
+[._]s[a-w][a-z]
+
+# session
+Session.vim
+
+# temporary
+.netrwhist
+*~
+
+# auto-generated tag files
+tags
+
+# IntelliJ IDE specific
+.idea
+
+.DS_Store
+
+# VSCode specific
+.vscode
+
+# Client Test generated files
+client/testdata/generated

.golangci.yml

@@ -0,0 +1,29 @@
+# Golang CI pipeline configuration
+linters:
+  disable-all: true
+
+  # Run golangci-lint.yml linters to see the list of all linters
+  # Please keep them sorted alphabetically
+  enable:
+    - bodyclose
+    - deadcode
+    - depguard
+#    - dogsled
+#    - errcheck
+#    - goconst
+    - goimports
+#    - staticcheck
+    - goprintffuncname
+#    - gosimple
+    - govet
+#    - ineffassign
+    - misspell
+#    - nakedret
+    - nolintlint
+    - rowserrcheck
+    - structcheck
+    - stylecheck
+    - typecheck
+    - unconvert
+    - varcheck
+    - whitespace

.mention-bot

@@ -0,0 +1,10 @@
+{
+  "maxReviewers": 2,
+  "numFilesToCheck": 5,
+  "message": "@pullRequester, thank you for the pull request! We'll request some people to review your PR. @reviewers, please review this.",
+  "fileBlacklist": ["*.md"],
+  "userBlacklist": ["ngtuna", "janetkuo", "sebgoa", "dustymabe", "gitlawr"],
+  "actions": ["opened", "labeled"],
+  "skipAlreadyMentionedPR": true,
+  "createReviewRequest": true
+}

.openvex/templates/README.md

@@ -0,0 +1,27 @@
+# OpenVEX Templates Directory
+
+This directory contains the OpenVEX data for this repository.
+The files stored in this directory are used as templates by
+`vexctl generate` when generating VEX data for a release or 
+a specific artifact.
+
+To add new statements to publish data about a vulnerability,
+download [vexctl](https://github.com/openvex/vexctl)
+and append new statements using `vexctl add`. For example:
+```
+vexctl add --in-place main.openvex.json pkg:oci/test CVE-2014-1234567 fixed
+```
+That will add a new VEX statement expressing that the impact of
+CVE-2014-1234567 is under investigation in the test image. When
+cutting a new release, for `pkg:oci/test` the new file will be
+incorporated to the relase's VEX data.
+
+## Read more about OpenVEX
+
+To know more about generating, publishing and using VEX data
+in your project, please check out the vexctl repository and
+documentation: https://github.com/openvex/vexctl
+
+OpenVEX also has an examples repository with samples and docs:
+https://github.com/openvex/examples
+