diff --git a/.gitattributes b/.gitattributes new file mode 100755 index 0000000..4146c85 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.go eol=lf diff --git a/.github/actions/lint/action.yaml b/.github/actions/lint/action.yaml index d4833fb..d34e6ca 100755 --- a/.github/actions/lint/action.yaml +++ b/.github/actions/lint/action.yaml @@ -1,6 +1,6 @@ --- -name: Tests -description: Runs Go tests +name: Lint +description: Runs golangci-lint on the project runs: using: composite diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index a4474e3..6fb4223 100755 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -10,7 +10,7 @@ runs: with: go-version: ">=1.21" - - name: Tidy + - name: Verify Tidiness shell: bash run: | go version diff --git a/.github/renovate.json5 b/.github/renovate.json5 index aa35e96..c285b3f 100755 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,7 +1,7 @@ -{ +{ "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "config:base", + "config:recommended", ":dependencyDashboard", ":disableRateLimiting", "docker:enableMajor", @@ -9,11 +9,10 @@ ":automergeDigest", ":enablePreCommit", ":gomod", - //"github>h3mmy/renovate-config:commit-message", "github>h3mmy/renovate-config:pr-labels", "github>h3mmy/renovate-config:semantic-commits", "github>h3mmy/renovate-config:generic-regex-manager", - "github>h3mmy/renovate-config:automerge-github-actions" + "github>h3mmy/renovate-config:automerge-github-actions", ], "onboarding": false, "requireConfig": "optional", @@ -22,7 +21,5 @@ "suppressNotifications": ["prIgnoreNotification"], "commitBodyTable": true, "rebaseWhen": "conflicted", - "postUpdateOptions": [ - "goModTidy", "gomodNoMassage" - ] + "postUpdateOptions": ["gomodTidy"] } diff --git a/.github/workflows/charts-lint.yaml b/.github/workflows/charts-lint.yaml deleted file mode 100755 index f0928f7..0000000 --- a/.github/workflows/charts-lint.yaml +++ /dev/null @@ -1,88 +0,0 @@ -name: "Charts: Lint" - -on: - workflow_call: - inputs: - checkoutCommit: - required: true - type: string - isRenovatePR: - required: true - default: "false" - type: string - chartsToLint: - description: > - A JSON encoded array of charts to lint - required: true - type: string - overrideDeps: - description: > - A JSON encoded array of dependencies to override before linting - type: string - required: false - default: "[]" - -env: - HELM_VERSION: 3.11.2 - -jobs: - lint-chart: - if: ${{ inputs.chartsToLint != '[]' }} - name: Lint chart - strategy: - matrix: - chart: ${{ fromJSON(inputs.chartsToLint) }} - fail-fast: false - runs-on: ubuntu-22.04 - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - with: - fetch-depth: 0 - ref: ${{ inputs.checkoutCommit }} - - - name: Verify chart version - uses: bjw-s/helm-charts-actions/verify-chart-version@main - id: verify-chart-version - with: - chart: "charts/${{ matrix.chart }}" - - - name: Verify chart changelog - uses: bjw-s/helm-charts-actions/verify-chart-changelog@main - if: inputs.isRenovatePR != 'true' - id: verify-chart-changelog - with: - chart: "charts/${{ matrix.chart }}" - - - name: Install Kubernetes tools - uses: yokawasa/action-setup-kube-tools@v0.11.0 - with: - setup-tools: | - helmv3 - helm: "${{ env.HELM_VERSION }}" - - - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 - - - name: Override chart dependencies - uses: ./.github/actions/override-chart-deps - if: ${{ inputs.overrideDeps != '[]' }} - with: - chart: ${{ matrix.chart }} - overrides: ${{ inputs.overrideDeps }} - - - name: Run chart-testing (lint) - run: ct lint --config .ci/ct/ct.yaml --charts "charts/${{ matrix.chart }}" - - # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 - lint_success: - needs: - - lint-chart - if: | - always() - name: Lint successful - runs-on: ubuntu-22.04 - steps: - - name: Check lint matrix status - if: ${{ (inputs.chartsToLint != '' && inputs.chartsToLint != '[]') && (needs.lint-chart.result != 'success') }} - run: exit 1 diff --git a/.github/workflows/charts-release-oci.yaml b/.github/workflows/charts-release-oci.yaml deleted file mode 100755 index e0f5f3a..0000000 --- a/.github/workflows/charts-release-oci.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -name: "Charts: Release to GHCR OCI" - -on: - workflow_call: - inputs: - charts: - description: > - Json encoded list of Helm charts to release. - Defaults to releasing everything. - default: "[]" - required: false - type: string - secrets: - APP_ID: - required: true - APP_PRIVATE_KEY: - required: true - -env: - HELM_VERSION: 3.11.2 - CHARTS_SRC_DIR: "charts" - TARGET_REGISTRY: ghcr.io - -jobs: - release-charts: - name: Release charts - runs-on: ubuntu-22.04 - steps: - - name: Checkout chart sources - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - with: - fetch-depth: 0 - - - name: Install Kubernetes tools - uses: yokawasa/action-setup-kube-tools@v0.11.0 - with: - setup-tools: | - helmv3 - helm: "${{ env.HELM_VERSION }}" - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ${{ env.TARGET_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Package & Push Helm Charts - shell: bash - run: | - CHARTS=( $(yq --null-input e '${{ inputs.charts }}[]' ) ) - - for CHART in "${CHARTS[@]}" ; do - mapfile -t CHART_PATH_PARTS < <(echo "$CHART" | tr '/' '\n') - CHART_TYPE=${CHART_PATH_PARTS[0]} - CHART_NAME=${CHART_PATH_PARTS[1]} - CHART_VERSION=$(yq e '.version' ${{ env.CHARTS_SRC_DIR }}/${CHART}/Chart.yaml) - - helm package "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}" --dependency-update --destination "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}" --version "${CHART_VERSION}" - helm push "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}-${CHART_VERSION}.tgz" oci://${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm - done diff --git a/.github/workflows/charts-release.yaml b/.github/workflows/charts-release.yaml deleted file mode 100755 index 905cf8d..0000000 --- a/.github/workflows/charts-release.yaml +++ /dev/null @@ -1,72 +0,0 @@ ---- -name: "Charts: Release" - -concurrency: helm-release - -on: - workflow_dispatch: - inputs: - charts: - description: > - Charts to release. Comma-separated string. - Defaults to releasing everything. - default: "" - required: false - - push: - branches: - - main - paths: - - "charts/**" - -env: - HELM_VERSION: 3.11.2 - -jobs: - prepare: - name: Prepare data required for release - runs-on: ubuntu-22.04 - outputs: - libraryChartsToRelease: ${{ steps.collect-charts.outputs.chartsLibrary }} - applicationChartsToRelease: ${{ steps.collect-charts.outputs.chartsApplication }} - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - with: - fetch-depth: 0 - - - name: Collect charts to release - uses: bjw-s/helm-charts-actions/collect-charts@main - id: collect-charts - with: - repoConfigFile: ./.ci/repo-config.yaml - overrideCharts: "[${{ inputs.charts }}]" - - release-library-charts: - name: Release Library charts to GitHub pages - uses: ./.github/workflows/charts-release-ghpages.yaml - needs: - - prepare - with: - charts: "${{ needs.prepare.outputs.libraryChartsToRelease }}" - secrets: inherit - - release-application-charts: - name: Release Application charts to GitHub pages - uses: ./.github/workflows/charts-release-ghpages.yaml - needs: - - prepare - - release-library-charts - with: - charts: "${{ needs.prepare.outputs.applicationChartsToRelease }}" - secrets: inherit - - release-github-oci: - name: Release Application charts to GitHub Container Registry - uses: ./.github/workflows/charts-release-oci.yaml - needs: - - prepare - - release-library-charts - with: - charts: "${{ needs.prepare.outputs.applicationChartsToRelease }}" - secrets: inherit diff --git a/.github/workflows/charts-test.yaml b/.github/workflows/charts-test.yaml deleted file mode 100755 index fd16cdc..0000000 --- a/.github/workflows/charts-test.yaml +++ /dev/null @@ -1,137 +0,0 @@ ---- -name: "Charts: Test" - -on: - workflow_call: - inputs: - checkoutCommit: - required: true - type: string - chartsToTest: - description: > - A JSON encoded array of charts to lint - type: string - required: true - overrideDeps: - description: > - A JSON encoded array of dependencies to override before testing - type: string - required: false - default: "[]" - -env: - HELM_VERSION: 3.11.2 - -jobs: - install-chart: - name: Install chart - runs-on: ubuntu-22.04 - if: ${{ inputs.chartsToTest != '[]' && inputs.chartsToTest != '' }} - strategy: - matrix: - chart: ${{ fromJSON(inputs.chartsToTest) }} - k8s_version: - ["v1.24.13", "v1.25.9", "v1.26.4", "v1.27.1", "v1.28.3"] - fail-fast: false - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - with: - fetch-depth: 0 - ref: ${{ inputs.checkoutCommit }} - - - name: Install Kubernetes tools - uses: yokawasa/action-setup-kube-tools@v0.11.0 - with: - setup-tools: | - helmv3 - kubectl - helm: "${{ env.HELM_VERSION }}" - kubectl: "${{ matrix.k8s_version }}" - - - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 - - - name: Create k3d cluster - uses: nolar/setup-k3d-k3s@v1 - with: - version: ${{ matrix.k8s_version }} - - - name: Remove node taints - run: | - kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true - - - name: Override chart dependencies - uses: ./.github/actions/override-chart-deps - if: ${{ inputs.overrideDeps != '[]' }} - with: - chart: ${{ matrix.chart }} - overrides: ${{ inputs.overrideDeps }} - - - name: Run chart-testing (install) - run: ct install --config .ci/ct/ct.yaml --charts "charts/${{ matrix.chart }}" - - # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 - install_success: - needs: - - install-chart - if: | - always() - name: Install successful - runs-on: ubuntu-22.04 - steps: - - name: Check install matrix status - if: ${{ (inputs.chartsToTest != '[]' && inputs.chartsToTest != '') && needs.install-chart.result != 'success' }} - run: exit 1 - - unittest-chart: - name: Unit-test chart - runs-on: ubuntu-22.04 - if: ${{ inputs.chartsToTest != '[]' && inputs.chartsToTest != '' }} - strategy: - matrix: - chart: ${{ fromJSON(inputs.chartsToTest) }} - fail-fast: false - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - with: - fetch-depth: 0 - ref: ${{ inputs.checkoutCommit }} - - - name: Install Kubernetes tools - uses: yokawasa/action-setup-kube-tools@v0.11.0 - with: - setup-tools: | - helmv3 - helm: "${{ env.HELM_VERSION }}" - - - name: Override chart dependencies - uses: ./.github/actions/override-chart-deps - if: ${{ inputs.overrideDeps != '[]' }} - with: - chart: ${{ matrix.chart }} - overrides: ${{ inputs.overrideDeps }} - - - name: Run tests - run: | - helm plugin install https://github.com/vbehar/helm3-unittest --version v1.0.16 - helm dep update "charts/${{ matrix.chart }}" - helm unittest -f "tests/**/*_test.yaml" "charts/${{ matrix.chart }}" - - # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 - unittest_success: - needs: - - unittest-chart - if: | - always() - name: Unittest successful - runs-on: ubuntu-22.04 - steps: - - name: Check unittest matrix status - if: ${{ (inputs.chartsToTest != '[]' && inputs.chartsToTest != '') && needs.unittest-chart.result != 'success' }} - run: exit 1 diff --git a/.github/workflows/on-pr.yaml b/.github/workflows/on-pr.yaml index 19b117f..4dee49e 100755 --- a/.github/workflows/on-pr.yaml +++ b/.github/workflows/on-pr.yaml @@ -23,6 +23,13 @@ jobs: # uses: ent/contrib/ci@master lint: + permissions: + # Required: allow read access to the content for analysis. + contents: read + # Optional: allow read access to pull request. Use with `only-new-issues` option. + pull-requests: read + # Optional: Allow write access to checks to allow the action to annotate code in the PR. + checks: write runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/publish-snapshot.yaml b/.github/workflows/publish-snapshot.yaml index 058b505..be86562 100755 --- a/.github/workflows/publish-snapshot.yaml +++ b/.github/workflows/publish-snapshot.yaml @@ -5,6 +5,14 @@ push: branches: - dev + paths: + - 'go.mod' + - 'go.sum' + - '**.go' + - 'ent/**' + - '**.proto' + - 'Dockerfile' + - '.github/workflows/publish-snapshot.yaml' jobs: @@ -30,6 +38,13 @@ uses: ./.github/actions/tests lint: + permissions: + # Required: allow read access to the content for analysis. + contents: read + # Optional: allow read access to pull request. Use with `only-new-issues` option. + pull-requests: read + # Optional: Allow write access to checks to allow the action to annotate code in the PR. + checks: write runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/run-renovate.yaml b/.github/workflows/run-renovate.yaml index dc23aed..a0915da 100755 --- a/.github/workflows/run-renovate.yaml +++ b/.github/workflows/run-renovate.yaml @@ -50,7 +50,7 @@ token: "${{ steps.app-token.outputs.token }}" - name: Renovate - uses: renovatebot/github-action@v40.1.4 + uses: renovatebot/github-action@v40.1.5 env: LOG_LEVEL: ${{ inputs.renovateLogLevel }} RENOVATE_DRY_RUN: ${{ inputs.dryRun }} diff --git a/.github/workflows/schedule-broken-link-check.yaml b/.github/workflows/schedule-broken-link-check.yaml new file mode 100755 index 0000000..5a0f6b0 --- /dev/null +++ b/.github/workflows/schedule-broken-link-check.yaml @@ -0,0 +1,54 @@ +--- + name: Broken Link Check + + on: # yamllint disable-line rule:truthy + workflow_dispatch: + schedule: + - cron: "0 0 * * *" + + jobs: + check: + name: Check + runs-on: ubuntu-latest + steps: + - name: Generate Token + uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 + id: generate-token + with: + app_id: "${{ secrets.APP_ID }}" + private_key: "${{ secrets.APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + token: "${{ steps.generate-token.outputs.token }}" + + - name: Scan for broken links + uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3 + id: lychee + env: + GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}" + with: + args: > + --verbose + --no-progress + --exclude-mail + './**/*.md' + + - name: Find Link Checker Issue + id: broken-link-check-issue + uses: micalevisk/last-issue-action@0d40124cc99ac8601c2516007f0c98ef3d27537b # v2.3.0 + with: + state: open + labels: | + broken-links + + - name: Update Issue + uses: peter-evans/create-issue-from-file@24452a72d85239eacf1468b0f1982a9f3fec4c94 # v5.0.0 + with: + title: Broken links detected 🔗 + issue-number: "${{ steps.broken-link-check-issue.outputs.issue-number }}" + content-filepath: ./lychee/out.md + token: "${{ steps.generate-token.outputs.token }}" + labels: | + broken-links diff --git a/.github/workflows/versioned-release.yaml b/.github/workflows/versioned-release.yaml index a84e608..67e7483 100755 --- a/.github/workflows/versioned-release.yaml +++ b/.github/workflows/versioned-release.yaml @@ -30,6 +30,13 @@ jobs: uses: ./.github/actions/tests lint: + permissions: + # Required: allow read access to the content for analysis. + contents: read + # Optional: allow read access to pull request. Use with `only-new-issues` option. + pull-requests: read + # Optional: Allow write access to checks to allow the action to annotate code in the PR. + checks: write runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 19d35d3..09bd3c1 100755 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -47,10 +47,10 @@ stages: docker_build: # Use the official docker image. - image: docker:latest@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:latest@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 stage: build services: - - docker:dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:dind@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 before_script: - !reference [.docker, before_script] script: @@ -79,9 +79,9 @@ docker_build: # Tags only the $CI_DEFAULT_BRANCH as latest push_latest: - image: docker:latest@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:latest@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 services: - - docker:dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:dind@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 variables: # Disable fresh pull of source GIT_STRATEGY: none @@ -98,9 +98,9 @@ push_latest: - docker push $CI_REGISTRY_IMAGE:latest push_tag: - image: docker:latest@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + image: docker:latest@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 services: - - docker:dind@sha256:0b0e8cab617d83dd041d950827dc67e18db5a0c3786d660bab002120b09a6d91 + - docker:dind@sha256:0cbb848730faec7cb371842dcf54fc061feebac06e56306b458c55bc9f9fd7e6 variables: GIT_STRATEGY: none stage: push diff --git a/.vscode/settings.json b/.vscode/settings.json index c4e1fe4..fd4d874 100755 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -2,6 +2,15 @@ "files.associations": { "*.json5": "jsonc" }, + "json.schemas": [ + { + "fileMatch": [ + "./github/renovate.json", + "./gitlab/renovate.json5" + ], + "url": "https://docs.renovatebot.com/renovate-schema.json" + } + ], "yaml.schemas": { "https://gitlab.com/gitlab-org/gitlab/-/raw/master/app/assets/javascripts/editor/schema/ci.json": [ diff --git a/Dockerfile b/Dockerfile index 15b1971..28df89a 100755 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,7 @@ RUN go mod download RUN go build -ldflags="-w -s" . RUN echo $(ls .) -FROM gcr.io/distroless/static@sha256:072d78bc452a2998929a9579464e55067db4bf6d2c5f9cde582e33c10a415bd1 +FROM gcr.io/distroless/static@sha256:7e5c6a2a4ae854242874d36171b31d26e0539c98fc6080f942f16b03e82851ab COPY --from=build /build/bloopyboi / diff --git a/bot/services/media_service.go b/bot/services/media_service.go index de542af..2be5428 100755 --- a/bot/services/media_service.go +++ b/bot/services/media_service.go @@ -70,12 +70,12 @@ func (s *MediaService) GetMediaRequestsForUser(ctx context.Context, discordUserI WithBook(). Where( mediarequest.HasDiscordUsersWith( - discorduser.DiscordidEQ(string(discordUserId)), + discorduser.DiscordidEQ(fmt.Sprint(discordUserId)), ), ). All(ctx) if err != nil { - return nil, fmt.Errorf("failed to get book requests for discord user %s: %w", discordUserId, err) + return nil, fmt.Errorf("failed to get book requests for discord user %d: %w", discordUserId, err) } return requests, nil }