actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-12-26 04:25:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #219 from ccojocar/goreleaser

Browse source 
Use the goreleaser tool to perform releases
This commit is contained in:
Cosmin Cojocar 2018-07-27 14:59:25 +02:00 committed by GitHub
commit 5fb530cda3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 85 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -8,6 +8,7 @@
_obj _obj
_test _test
vendor vendor
dist
# Architecture specific extensions/prefixes # Architecture specific extensions/prefixes
*.[568vq] *.[568vq]

17
.goreleaser.yml Normal file
View file

@ -0,0 +1,17 @@
builds:
- main : ./cmd/gosec/
binary: gosec
goos:
- darwin
- linux
- windows
goarch:
- amd64
ldflags: -X main.Version={{.Version}} -X main.GitTag={{.Tag}} -X main.BuildDate={{.Date}}
env:
- CGO_ENABLED=0
archive:
files:
- README.md
- LICENSE.txt

2
Dockerfile
View file

@ -2,7 +2,7 @@ FROM golang:1.9.4-alpine3.7
ENV BIN=gosec ENV BIN=gosec
COPY build/*-linux-amd64 /go/bin/$BIN COPY dist/linux_amd64/$BIN /go/bin/$BIN
COPY docker-entrypoint.sh /usr/local/bin COPY docker-entrypoint.sh /usr/local/bin
ENTRYPOINT ["docker-entrypoint.sh"] ENTRYPOINT ["docker-entrypoint.sh"]

45
Gopkg.lock generated
View file

@ -2,17 +2,22 @@
[[projects]] [[projects]]
digest = "1:39170dcf72d0ac5933791daaf27a80782c24e9946cdc60fe98928d9429a9726d"
name = "github.com/kisielk/gotool" name = "github.com/kisielk/gotool"
packages = ["."] packages = ["."]
pruneopts = "UT"
revision = "0de1eaf82fa3f583ce21fde859f1e7e0c5e9b220" revision = "0de1eaf82fa3f583ce21fde859f1e7e0c5e9b220"
[[projects]] [[projects]]
branch = "master" branch = "master"
digest = "1:bdb092d0984bf77804e133403f739ad84b16abaa256e21f5e7b88aabbb6d546b"
name = "github.com/mozilla/tls-observatory" name = "github.com/mozilla/tls-observatory"
packages = ["constants"] packages = ["constants"]
pruneopts = "UT"
revision = "8791a200eb40f8625a152bfb8336171305f5f35c" revision = "8791a200eb40f8625a152bfb8336171305f5f35c"
[[projects]] [[projects]]
digest = "1:0a32435e3f12b75f2c0cd806c5b21fb92e29f70e5f76880dc852bba5e10f6585"
name = "github.com/nbutton23/zxcvbn-go" name = "github.com/nbutton23/zxcvbn-go"
packages = [ packages = [
".", ".",
@ -23,11 +28,13 @@
"match", "match",
"matching", "matching",
"scoring", "scoring",
"utils/math" "utils/math",
] ]
pruneopts = "UT"
revision = "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4" revision = "a22cb81b2ecdde8b68e9ffb8824731cbf88e1de4"
[[projects]] [[projects]]
digest = "1:e54fe200d15850589f578095e5b23ed0afb8d44fb39122e63b5195cbd3858f30"
name = "github.com/onsi/ginkgo" name = "github.com/onsi/ginkgo"
packages = [ packages = [
".", ".",
@ -47,11 +54,13 @@
"reporters/stenographer", "reporters/stenographer",
"reporters/stenographer/support/go-colorable", "reporters/stenographer/support/go-colorable",
"reporters/stenographer/support/go-isatty", "reporters/stenographer/support/go-isatty",
"types" "types",
] ]
pruneopts = "UT"
revision = "11459a886d9cd66b319dac7ef1e917ee221372c9" revision = "11459a886d9cd66b319dac7ef1e917ee221372c9"
[[projects]] [[projects]]
digest = "1:e340739c2403b0e6ee006e83c375754f44c1a483b695eff1b588acf8c4824925"
name = "github.com/onsi/gomega" name = "github.com/onsi/gomega"
packages = [ packages = [
".", ".",
@ -65,31 +74,39 @@
"matchers/support/goraph/edge", "matchers/support/goraph/edge",
"matchers/support/goraph/node", "matchers/support/goraph/node",
"matchers/support/goraph/util", "matchers/support/goraph/util",
"types" "types",
] ]
pruneopts = "UT"
revision = "dcabb60a477c2b6f456df65037cb6708210fbb02" revision = "dcabb60a477c2b6f456df65037cb6708210fbb02"
[[projects]] [[projects]]
branch = "master" branch = "master"
digest = "1:5b92d232e81c3e8eec282c92dcaa2e0e1ad3c23157be19a01b3e33f7e6e8d137"
name = "github.com/ryanuber/go-glob" name = "github.com/ryanuber/go-glob"
packages = ["."] packages = ["."]
pruneopts = "UT"
revision = "256dc444b735e061061cf46c809487313d5b0065" revision = "256dc444b735e061061cf46c809487313d5b0065"
[[projects]] [[projects]]
digest = "1:499075870f4939e64e9d93c84c5fdf9b6253ec6e89c5dcb0a69f91292d6a2b30"
name = "golang.org/x/net" name = "golang.org/x/net"
packages = [ packages = [
"html", "html",
"html/atom", "html/atom",
"html/charset" "html/charset",
] ]
pruneopts = "UT"
revision = "8351a756f30f1297fe94bbf4b767ec589c6ea6d0" revision = "8351a756f30f1297fe94bbf4b767ec589c6ea6d0"
[[projects]] [[projects]]
digest = "1:dae112b8ead03c5ae8106611d0788be212309815b1885ff1667bd3a41d509a4e"
name = "golang.org/x/sys" name = "golang.org/x/sys"
packages = ["unix"] packages = ["unix"]
pruneopts = "UT"
revision = "164713f0dfcec4e80be8b53e1f0811f5f0d84578" revision = "164713f0dfcec4e80be8b53e1f0811f5f0d84578"
[[projects]] [[projects]]
digest = "1:387e284158b231a5993cd01407562fc211f076a8904821db6993cf8dbf57b948"
name = "golang.org/x/text" name = "golang.org/x/text"
packages = [ packages = [
"encoding", "encoding",
@ -108,27 +125,41 @@
"language", "language",
"runes", "runes",
"transform", "transform",
"unicode/cldr" "unicode/cldr",
] ]
pruneopts = "UT"
revision = "1cbadb444a806fd9430d14ad08967ed91da4fa0a" revision = "1cbadb444a806fd9430d14ad08967ed91da4fa0a"
[[projects]] [[projects]]
digest = "1:96b9641eaaf0d03defe4e63d05e4711bf8066c543d4de838438244955811ff17"
name = "golang.org/x/tools" name = "golang.org/x/tools"
packages = [ packages = [
"go/ast/astutil", "go/ast/astutil",
"go/buildutil", "go/buildutil",
"go/loader" "go/loader",
] ]
pruneopts = "UT"
revision = "e531a2a1c15f94033f6fa87666caeb19a688175f" revision = "e531a2a1c15f94033f6fa87666caeb19a688175f"
[[projects]] [[projects]]
digest = "1:6570992c02a2137a20be83990a979b6fe892e20ecdc6b756449989b2a7efb8ae"
name = "gopkg.in/yaml.v2" name = "gopkg.in/yaml.v2"
packages = ["."] packages = ["."]
pruneopts = "UT"
revision = "eb3733d160e74a9c7e442f435eb3bea458e1d19f" revision = "eb3733d160e74a9c7e442f435eb3bea458e1d19f"
[solve-meta] [solve-meta]
analyzer-name = "dep" analyzer-name = "dep"
analyzer-version = 1 analyzer-version = 1
inputs-digest = "706e049cd8b8db8705af09e7a375a999d01373a409beadc850c80d64de9849fd" input-imports = [
"github.com/kisielk/gotool",
"github.com/mozilla/tls-observatory/constants",
"github.com/nbutton23/zxcvbn-go",
"github.com/onsi/ginkgo",
"github.com/onsi/gomega",
"github.com/ryanuber/go-glob",
"golang.org/x/tools/go/loader",
"gopkg.in/yaml.v2",
]
solver-name = "gps-cdcl" solver-name = "gps-cdcl"
solver-version = 1 solver-version = 1

32
Makefile
View file

@ -1,7 +1,5 @@
GIT_TAG?= $(shell git describe --always --tags) GIT_TAG?= $(shell git describe --always --tags)
BUILD_DATE = $(shell date +%Y-%m-%d)
BIN = gosec BIN = gosec
BUILD_CMD = go build -ldflags "-X main.Version=${VERSION} -X main.GitTag=${GIT_TAG} -X main.BuildDate=${BUILD_DATE}" -o build/$(BIN)-$(VERSION)-$${GOOS}-$${GOARCH} ./cmd/gosec/ &
FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr) FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr)
IMAGE_REPO = docker.io IMAGE_REPO = docker.io
@ -9,40 +7,38 @@ default:
$(MAKE) bootstrap $(MAKE) bootstrap
$(MAKE) build $(MAKE) build
bootstrap:
dep ensure
test: bootstrap test: bootstrap
test -z '$(FMT_CMD)' test -z '$(FMT_CMD)'
go vet $(go list ./... | grep -v /vendor/) go vet $(go list ./... | grep -v /vendor/)
golint -set_exit_status $(shell go list ./... | grep -v vendor) golint -set_exit_status $(shell go list ./... | grep -v vendor)
gosec ./... gosec ./...
ginkgo -r -v ginkgo -r -v
bootstrap:
dep ensure
build: build:
go build -o $(BIN) ./cmd/gosec/ go build -o $(BIN) ./cmd/gosec/
clean: clean:
rm -rf build vendor rm -rf build vendor dist
rm -f release image bootstrap $(BIN) rm -f release image bootstrap $(BIN)
release: bootstrap release: bootstrap
ifndef VERSION @echo "Releasing the gosec binary..."
$(error VERSION flag is not set. Run 'make release VERSION=<YOUR VERSION>'.) goreleaser release
endif
@echo "Running build command..."
bash -c '\
export GOOS=linux; export GOARCH=amd64; export CGO_ENABLED=0; $(BUILD_CMD) \
wait \
'
touch release
image: release image: release
@echo "Building the Docker image..." @echo "Building the Docker image..."
docker build -t $(IMAGE_REPO)/$(BIN):$(VERSION) . docker build -t $(IMAGE_REPO)/$(BIN):$(GIT_TAG) .
docker tag $(IMAGE_REPO)/$(BIN):$(VERSION) $(IMAGE_REPO)/$(BIN):latest docker tag $(IMAGE_REPO)/$(BIN):$(GIT_TAG) $(IMAGE_REPO)/$(BIN):latest
touch image touch image
image-push: image image-push: image
@echo "Pushing the Docker image..." @echo "Pushing the Docker image..."
docker push $(IMAGE_REPO)/$(BIN):$(VERSION)
docker push $(IMAGE_REPO)/$(BIN):$(GIT_TAG)
docker push $(IMAGE_REPO)/$(BIN):latest docker push $(IMAGE_REPO)/$(BIN):latest
.PHONY: test build clean image-push .PHONY: test build clean release image image-push

27
README.md
View file

@ -143,34 +143,35 @@ make test
#### Release Build #### Release Build
gosec can be released as follows: Make sure you have installed the [goreleaser](https://github.com/goreleaser/goreleaser) tool and then you can release gosec as follows:
git tag 1.0.0
export GITHUB_TOKEN=<YOUR GITHUB TOKEN>
make release
```bash The released version of the tool is available in the `dist` folder. The build information should be displayed in the usage text.
make release VERSION=2.0.0
```
The released version of the tool is available in the `build` folder. The build information should be displayed in the usage text.
``` ```
./build/gosec-2.0.0-linux-amd64 -h ./dist/darwin_amd64/gosec -h
gosec - Golang security checker gosec - Golang security checker
gosec analyzes Go source code to look for common programming mistakes that gosec analyzes Go source code to look for common programming mistakes that
can lead to security problems. can lead to security problems.
VERSION: 2.0.0 VERSION: 1.0.0
GIT TAG: 96489ff GIT TAG: 1.0.0
BUILD DATE: 2018-02-21 BUILD DATE: 2018-04-27T12:41:38Z
``` ```
Note that all released archives are also uploaded to GitHub.
#### Docker image #### Docker image
You can execute a release and build the docker image as follows: You can execute a release and build the docker image as follows:
``` ```
make image VERSION=2.0.0 git tag <VERSION>
export GITHUB_TOKEN=<Your GitHub token>
make image
``` ```
Now you can run the gosec tool in a container against your local workspace: Now you can run the gosec tool in a container against your local workspace: