feat: add ci for PRs, fix fmt issues, generate SBOMS for source artif… (

#34)

* feat: add ci for PRs, fix fmt issues, generate SBOMS for source artifacts, add gitleaks, Pin go to 1.23.6

* feat: remove gitleaks workflow configuration

* feat: update archive format to array syntax in goreleaser configuration

* feat: update archive configuration to use 'formats' key for consistency

* fix: update golangci-lint action to exit with code 1 on issues

.editorconfig

@@ -0,0 +1,21 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2
+
+[*.json]
+indent_style = space
+indent_size = 2
+
+[{go.mod,go.sum,*.go}]
+indent_style = tab
+indent_size = 4

.github/dependabot.yaml

@@ -4,9 +4,9 @@ updates:
     directory: /
     open-pull-requests-limit: 10
     schedule:
-      interval: monthly
+      interval: weekly
   - package-ecosystem: github-actions
     directory: /
     open-pull-requests-limit: 10
     schedule:
-      interval: monthly
+      interval: weekly

.github/workflows/ci.yaml

@@ -0,0 +1,79 @@
+name: ci
+
+on:
+  pull_request:
+      branches: [main]
+
+env:
+  GO_VERSION: '1.23.6'
+
+jobs:
+  lint:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/[email protected]
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Check go mod
+        run: |
+          go mod tidy
+          git diff --exit-code go.mod
+          git diff --exit-code go.sum
+
+      - name: lint
+        uses: golangci/[email protected]
+        with:
+          version: latest
+          args: --issues-exit-code=1  --config=.golangci.yml
+
+  ci-linux:
+    name: ci-linux
+    needs: lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/[email protected]
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Build with Goreleaser
+        uses: goreleaser/[email protected]
+        with:
+          distribution: goreleaser
+          version: '~> v2'
+          args: release --snapshot --skip publish,archive,sbom,homebrew --clean --config .goreleaser.yaml
+
+  ci-windows:
+    name: ci-windows
+    needs: ci-linux
+    runs-on: windows-latest
+    steps:
+      - name: Checkout
+        uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/[email protected]
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Run GoReleaser
+        uses: goreleaser/[email protected]
+        with:
+          distribution: goreleaser
+          version: '~> v2'
+          args: release --snapshot --skip publish,archive,sbom,chocolatey,winget --clean --config .goreleaser-windows.yaml

.github/workflows/goreleaser.yaml

@@ -9,6 +9,9 @@ permissions:
   contents: write
   packages: write
 
+env:
+  GO_VERSION: '1.23.6'
+
 jobs:
   goreleaser-linux:
     name: goreleaser-linux
@@ -18,14 +21,18 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Fetch all tags
         run: git fetch --force --tags
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: 'stable'
+          go-version: ${{ env.GO_VERSION }}
+
       - name: Download Syft
         uses: anchore/sbom-action/download-syft@v0
+
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v6
         with:
@@ -35,6 +42,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           AUTH_GITHUB: ${{ secrets.AUTH_GITHUB }}
+
   goreleaser-windows:
     name: goreleaser-windows
     needs: goreleaser-linux
@@ -44,14 +52,17 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Fetch all tags
         run: git fetch --force --tags
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: 'stable'
+          go-version: ${{ env.GO_VERSION }}
       - name: Download Syft
         uses: anchore/sbom-action/download-syft@v0
+
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v6
         with:

.golangci.yml

@@ -0,0 +1,134 @@
+run:
+  tests: true
+  allow-parallel-runners: true
+  timeout: 5m
+
+# https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml
+linters:
+  # Disable all linters.
+  # Default: false
+  disable-all: true
+  # Enable specific linter
+  enable:
+    - asciicheck
+    - bidichk
+    - copyloopvar
+    - dupl
+    - errorlint
+    - funlen
+    #- errcheck
+    - gofmt
+    - goconst
+    - gofumpt
+    - gocyclo
+    - godox
+    - gosec
+    #- gocritic
+    #- govet
+    - goimports
+    - goheader
+    - misspell
+    - nolintlint
+    #- revive
+    #- stylecheck
+    - staticcheck
+    - tparallel
+    - tagliatelle
+    - unconvert
+    - unparam
+    - whitespace
+    #- nilerr
+
+linters-settings:
+  dupl:
+    # Tokens count to trigger issue.
+    # Default: 150
+    threshold: 100
+
+  errorlint:
+    # Check whether fmt.Errorf uses the %w verb for formatting errors.
+    # Default: true
+    asserts: false
+
+  funlen:
+    # Checks the number of lines in a function.
+    # Default: 60
+    lines: -1
+    # Default: 40
+    statements: 50
+    # Ignore comments when counting lines.
+    # Default false
+    ignore-comments: true
+
+  goconst:
+    # Minimal length of string constant.
+    # Default: 3
+    min-len: 2
+    # Default: 3
+    min-occurrences: 3
+
+  # gocritic:
+  #   enabled-tags:
+  #     - diagnostic
+  #     - experimental
+  #     - opinionated
+  #     - performance
+  #     - style
+  #   disabled-checks:
+  #     - dupImport # https://github.com/go-critic/go-critic/issues/845
+  #     - ifElseChain
+  #     - octalLiteral
+  #     - whyNoLint
+
+  gocyclo:
+    # Minimal code complexity to report.
+    # Default: 30 (but we recommend 10-20)
+    min-complexity: 15
+
+  godox:
+    keywords:
+      - FIXME
+      #- TODO
+      - FIX
+      - NOTE
+      - OPTIMIZE # marks code that should be optimized before merging
+      - HACK # marks hack-around that should be removed before merging
+
+  gofmt:
+    # Simplify code: gofmt with `-s` option.
+    # Default: true
+    simplify: false
+    # Apply the rewrite rules to the source before reformatting.
+    # https://pkg.go.dev/cmd/gofmt
+    # Default: []
+    rewrite-rules:
+      # - pattern: 'interface{}'
+      #   replacement: 'any'
+      - pattern: 'a[b:len(a)]'
+        replacement: 'a[b:]'
+
+  goimports:
+    local-prefixes: github.com/golangci/golangci-lint
+
+  # govet:
+  #   enable-all: true
+  #   disable:
+  #     - fieldalignment
+
+  misspell:
+    # Correct spellings using locale preferences for US or UK.
+    locale: US
+
+  nolintlint:
+    # Disable to ensure that all nolint directives actually have an effect.
+    allow-unused: false # report any unused nolint directives
+    require-explanation: true # require an explanation for nolint directives
+    require-specific: true # require nolint directives to be specific about which linter is being skipped
+
+  # revive:
+  #   rules:
+  #     - name: indent-error-flow
+  #     - name: unexported-return
+  #       disabled: true
+  #     - name: unused-parameter
+  #     - name: unused-receiver

.goreleaser-windows.yaml

@@ -28,11 +28,15 @@ changelog:
       - "^.vscode:"
 
 sboms:
-  - artifacts: archive
+  - id: archive
+    artifacts: archive
+    cmd: syft
+  - id: source
+    artifacts: source
     cmd: syft
 
 archives:
-  - format: zip
+  - formats: [ 'zip' ]
     # this name template makes the OS and Arch compatible with the results of `uname`.
     name_template: >-
       {{ .ProjectName }}_

.goreleaser.yaml

@@ -29,11 +29,15 @@ changelog:
       - "^.vscode:"
 
 sboms:
-  - artifacts: archive
+  - id: archive
+    artifacts: archive
+    cmd: syft
+  - id: source
+    artifacts: source
     cmd: syft
 
 archives:
-  - format: tar.gz
+  - formats: [ 'tar.gz' ]
     # this name template makes the OS and Arch compatible with the results of `uname`.
     name_template: >-
       {{ .ProjectName }}_

azurecli/internal.go

@@ -57,7 +57,7 @@ func (cli *CLI) readProfile() error {
 	}
 
 	// Open the azureProfile.json file
-	configFile, err := cli.fs.OpenFile(configFilePath, os.O_RDONLY, 0644)
+	configFile, err := cli.fs.OpenFile(configFilePath, os.O_RDONLY, 0o644)
 	if err != nil {
 		return fmt.Errorf("%s is not a valid file: %s", configFilePath, err.Error())
 	}
@@ -117,7 +117,7 @@ func (cli *CLI) readTenants() error {
 	}
 
 	// Open the azctxTenants.json file
-	configFile, err := cli.fs.OpenFile(configFilePath, os.O_RDONLY, 0644)
+	configFile, err := cli.fs.OpenFile(configFilePath, os.O_RDONLY, 0o644)
 	if err != nil {
 		return fmt.Errorf("%s is not a valid file: %s", configFilePath, err.Error())
 	}
@@ -143,7 +143,7 @@ func (cli CLI) writeTenants() error {
 
 	// Open the azctxTenants.json file
 	configFilePath := fmt.Sprintf("%s/%s", configDir, TENANTS_JSON)
-	configFile, err := cli.fs.OpenFile(configFilePath, os.O_CREATE|os.O_WRONLY, 0644)
+	configFile, err := cli.fs.OpenFile(configFilePath, os.O_CREATE|os.O_WRONLY, 0o644)
 	if err != nil {
 		return fmt.Errorf("%s is not a valid file: %s", configFilePath, err.Error())
 	}

cmd/root.go

@@ -16,7 +16,7 @@ import (
 )
 
 const (
-	// Respository Owner
+	// Repository Owner
 	owner = "whiteducksoftware"
 
 	// Repository Name

prompt/templates.go

@@ -26,8 +26,7 @@ var (
 func template(terminalWidth int, maxSubscriptionsLength, maxTenantsLength, maxTenantsWithIdLength int) promptTemplate {
 	// Determine the template based on the terminal width
 	switch {
-
-	// +50, subscriptionId is 36 chars, + 4 spaces / seperator, + 10 from the previous case
+	// +50, subscriptionId is 36 chars, + 4 spaces / separator, + 10 from the previous case
 	case terminalWidth > maxSubscriptionsLength+maxTenantsWithIdLength+36+4+10:
 		return template_Long
 
@@ -37,6 +36,5 @@ func template(terminalWidth int, maxSubscriptionsLength, maxTenantsLength, maxTe
 
 	default:
 		return template_VeryShort
-
 	}
 }