go-cli-github

module
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2023 License: Apache-2.0

README

Go CLI Github

Release Coverage Go Report Card OpenSSF Scorecard

This repository is a template for a Go CLI tool or service. It is quite opinionated about security and release engineering, but hopefully in a good way.

It comes pre-configured for integration with GitHub-specific features such as Dependabot security tooling, CodeQL, and branch protection. It also automatically builds and tests your code using GitHub Actions.

Features

  • Use GoReleaser to automatically build and create GitHub Releases and Docker images on merge to main.

  • Lint your commit messages, and your Go, GitHub Action, and Dockerfile code.

  • Test Pull Requests using go test.

  • Build Docker images from Pull Requests for manual testing and review.

  • Static code analysis using CodeQL and Go Report Card.

  • Test coverage analysis using Coveralls.

  • Security analysis using OpenSSF.

How to use

First set up the Github repo

  1. Create a new empty Github repository.

Then push some code to main:

  1. Install gonew and run this command, replacing the last argument with the name of your new module:

    gonew github.com/smlx/go-cli-github github.com/smlx/newproject

  2. Create the git repo and push to main (which will become the default branch):

    cd newproject
git init .
git branch -M main
git remote add origin git@github.com:smlx/newproject.git
git add .
git commit -a
git push -u origin main

Then customize the code for your repository:

  1. Check out a new branch to set up the repo git checkout -b setup

  2. Update the code for your project:

    • rename deploy/go-cli-github to deploy/$YOUR_COMMAND
    • update deploy/$YOUR_COMMAND/Dockerfile
    • rename cmd/go-cli-github to cmd/$YOUR_COMMAND
    • update module in cmd/$YOUR_COMMAND/*.go, internal/server/serve_test.go
    • update .goreleaser.yml to build cmd/$YOUR_COMMAND
    • update the links at the top of the README
    • update the build, release, and tag-to-release workflows, replacing go-cli-github with $YOUR_COMMAND.

  3. Commit and push:

    git commit -a
git push -u origin setup

  4. Open a PR, ensure all the actions are green, then merge the PR.

Configure the repository:

  1. Go to repository Settings > General:

    • Disable wiki and projects (unless you plan to use them!)
    • Allow only merge commits for Pull Requests
    • Allow auto-merge
    • Automatically delete head branches

  2. Go to repository Settings > Code security and analysis, and enable:

    • Dependabot alerts
    • Dependabot security updates
      • Secret scanning
        • Push protection
    • Private vulnerability reporting

  3. Go to repository Settings > Actions > General:

    • Set Workflow permissions to "Read repository contents and package permissions"

  4. Go to repository Settings > Rules > Rulesets, and import the protect-default-branch.json ruleset.

  5. That's it.

Directories

Path Synopsis
cmd
go-cli-github
internal
server

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.