diff --git a/.gitignore b/.gitignore index cbdc5a7..ee144d5 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,7 @@ _obj _test vendor +dist # Architecture specific extensions/prefixes *.[568vq] diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..3112dc8 --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,17 @@ +builds: + - main : ./cmd/gosec/ + binary: gosec + goos: + - darwin + - linux + - windows + goarch: + - amd64 + ldflags: -X main.Version={{.Version}} -X main.GitTag={{.Tag}} -X main.BuildDate={{.Date}} + env: + - CGO_ENABLED=0 + +archive: + files: + - README.md + - LICENSE.txt diff --git a/Dockerfile b/Dockerfile index e2ff565..a4cfb40 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM golang:1.9.4-alpine3.7 ENV BIN=gosec -COPY build/*-linux-amd64 /go/bin/$BIN +COPY dist/linux_amd64/$BIN /go/bin/$BIN COPY docker-entrypoint.sh /usr/local/bin ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/Gopkg.lock b/Gopkg.lock index 3887d06..ff4f2ac 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -2,17 +2,22 @@ [[projects]] + digest = "1:39170dcf72d0ac5933791daaf27a80782c24e9946cdc60fe98928d9429a9726d" name = "github.com/kisielk/gotool" packages = ["."] + pruneopts = "UT" revision = "0de1eaf82fa3f583ce21fde859f1e7e0c5e9b220" [[projects]] branch = "master" + digest = "1:bdb092d0984bf77804e133403f739ad84b16abaa256e21f5e7b88aabbb6d546b" name = "github.com/mozilla/tls-observatory" packages = ["constants"] + pruneopts = "UT" revision = "8791a200eb40f8625a152bfb8336171305f5f35c" [[projects]] + digest = "1:0a32435e3f12b75f2c0cd806c5b21fb92e29f70e5f76880dc852bba5e10f6585" name = "github.com/nbutton23/zxcvbn-go" packages = [ ".", @@ -23,11 +28,13 @@ "match", "matching", "scoring", - "utils/math" + "utils/math", ] + pruneopts = "UT" revision = "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4" [[projects]] + digest = "1:e54fe200d15850589f578095e5b23ed0afb8d44fb39122e63b5195cbd3858f30" name = "github.com/onsi/ginkgo" packages = [ ".", @@ -47,11 +54,13 @@ "reporters/stenographer", "reporters/stenographer/support/go-colorable", "reporters/stenographer/support/go-isatty", - "types" + "types", ] + pruneopts = "UT" revision = "11459a886d9cd66b319dac7ef1e917ee221372c9" [[projects]] + digest = "1:e340739c2403b0e6ee006e83c375754f44c1a483b695eff1b588acf8c4824925" name = "github.com/onsi/gomega" packages = [ ".", @@ -65,31 +74,39 @@ "matchers/support/goraph/edge", "matchers/support/goraph/node", "matchers/support/goraph/util", - "types" + "types", ] + pruneopts = "UT" revision = "dcabb60a477c2b6f456df65037cb6708210fbb02" [[projects]] branch = "master" + digest = "1:5b92d232e81c3e8eec282c92dcaa2e0e1ad3c23157be19a01b3e33f7e6e8d137" name = "github.com/ryanuber/go-glob" packages = ["."] + pruneopts = "UT" revision = "256dc444b735e061061cf46c809487313d5b0065" [[projects]] + digest = "1:499075870f4939e64e9d93c84c5fdf9b6253ec6e89c5dcb0a69f91292d6a2b30" name = "golang.org/x/net" packages = [ "html", "html/atom", - "html/charset" + "html/charset", ] + pruneopts = "UT" revision = "8351a756f30f1297fe94bbf4b767ec589c6ea6d0" [[projects]] + digest = "1:dae112b8ead03c5ae8106611d0788be212309815b1885ff1667bd3a41d509a4e" name = "golang.org/x/sys" packages = ["unix"] + pruneopts = "UT" revision = "164713f0dfcec4e80be8b53e1f0811f5f0d84578" [[projects]] + digest = "1:387e284158b231a5993cd01407562fc211f076a8904821db6993cf8dbf57b948" name = "golang.org/x/text" packages = [ "encoding", @@ -108,27 +125,41 @@ "language", "runes", "transform", - "unicode/cldr" + "unicode/cldr", ] + pruneopts = "UT" revision = "1cbadb444a806fd9430d14ad08967ed91da4fa0a" [[projects]] + digest = "1:96b9641eaaf0d03defe4e63d05e4711bf8066c543d4de838438244955811ff17" name = "golang.org/x/tools" packages = [ "go/ast/astutil", "go/buildutil", - "go/loader" + "go/loader", ] + pruneopts = "UT" revision = "e531a2a1c15f94033f6fa87666caeb19a688175f" [[projects]] + digest = "1:6570992c02a2137a20be83990a979b6fe892e20ecdc6b756449989b2a7efb8ae" name = "gopkg.in/yaml.v2" packages = ["."] + pruneopts = "UT" revision = "eb3733d160e74a9c7e442f435eb3bea458e1d19f" [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "706e049cd8b8db8705af09e7a375a999d01373a409beadc850c80d64de9849fd" + input-imports = [ + "github.com/kisielk/gotool", + "github.com/mozilla/tls-observatory/constants", + "github.com/nbutton23/zxcvbn-go", + "github.com/onsi/ginkgo", + "github.com/onsi/gomega", + "github.com/ryanuber/go-glob", + "golang.org/x/tools/go/loader", + "gopkg.in/yaml.v2", + ] solver-name = "gps-cdcl" solver-version = 1 diff --git a/Makefile b/Makefile index fc6002b..644a8a0 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,5 @@ GIT_TAG?= $(shell git describe --always --tags) -BUILD_DATE = $(shell date +%Y-%m-%d) BIN = gosec -BUILD_CMD = go build -ldflags "-X main.Version=${VERSION} -X main.GitTag=${GIT_TAG} -X main.BuildDate=${BUILD_DATE}" -o build/$(BIN)-$(VERSION)-$${GOOS}-$${GOARCH} ./cmd/gosec/ & FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr) IMAGE_REPO = docker.io @@ -9,40 +7,38 @@ default: $(MAKE) bootstrap $(MAKE) build +bootstrap: + dep ensure + test: bootstrap test -z '$(FMT_CMD)' go vet $(go list ./... | grep -v /vendor/) golint -set_exit_status $(shell go list ./... | grep -v vendor) gosec ./... ginkgo -r -v -bootstrap: - dep ensure + build: go build -o $(BIN) ./cmd/gosec/ + clean: - rm -rf build vendor + rm -rf build vendor dist rm -f release image bootstrap $(BIN) + release: bootstrap -ifndef VERSION - $(error VERSION flag is not set. Run 'make release VERSION='.) -endif - @echo "Running build command..." - bash -c '\ - export GOOS=linux; export GOARCH=amd64; export CGO_ENABLED=0; $(BUILD_CMD) \ - wait \ - ' - touch release + @echo "Releasing the gosec binary..." + goreleaser release image: release @echo "Building the Docker image..." - docker build -t $(IMAGE_REPO)/$(BIN):$(VERSION) . - docker tag $(IMAGE_REPO)/$(BIN):$(VERSION) $(IMAGE_REPO)/$(BIN):latest + docker build -t $(IMAGE_REPO)/$(BIN):$(GIT_TAG) . + docker tag $(IMAGE_REPO)/$(BIN):$(GIT_TAG) $(IMAGE_REPO)/$(BIN):latest touch image image-push: image @echo "Pushing the Docker image..." - docker push $(IMAGE_REPO)/$(BIN):$(VERSION) + +docker push $(IMAGE_REPO)/$(BIN):$(GIT_TAG) docker push $(IMAGE_REPO)/$(BIN):latest -.PHONY: test build clean image-push +.PHONY: test build clean release image image-push diff --git a/README.md b/README.md index 830d330..95ecc28 100644 --- a/README.md +++ b/README.md @@ -143,34 +143,35 @@ make test #### Release Build -gosec can be released as follows: +Make sure you have installed the [goreleaser](https://github.com/goreleaser/goreleaser) tool and then you can release gosec as follows: +git tag 1.0.0 +export GITHUB_TOKEN= +make release -```bash -make release VERSION=2.0.0 -``` - -The released version of the tool is available in the `build` folder. The build information should be displayed in the usage text. +The released version of the tool is available in the `dist` folder. The build information should be displayed in the usage text. ``` -./build/gosec-2.0.0-linux-amd64 -h - +./dist/darwin_amd64/gosec -h gosec - Golang security checker gosec analyzes Go source code to look for common programming mistakes that can lead to security problems. -VERSION: 2.0.0 -GIT TAG: 96489ff -BUILD DATE: 2018-02-21 - +VERSION: 1.0.0 +GIT TAG: 1.0.0 +BUILD DATE: 2018-04-27T12:41:38Z ``` +Note that all released archives are also uploaded to GitHub. + #### Docker image You can execute a release and build the docker image as follows: ``` -make image VERSION=2.0.0 +git tag +export GITHUB_TOKEN= +make image ``` Now you can run the gosec tool in a container against your local workspace: