Zondax/GitHub workflows

.github/ISSUE_TEMPLATE/bug-report.md

@@ -0,0 +1,30 @@
+---
+name: Bug Report 
+about: Create a report to help us squash bugs!
+title: "[Bug]: "
+labels: "T:Bug"
+---
+
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺ 
+v                            ✰  Thanks for opening an issue! ✰    
+v    Before smashing the submit button please review the template.
+v    Please also ensure that this is not a duplicate issue :)  
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
+
+<!--
+IMPORTANT: Prior to opening a bug report, check if it affects one of the core modules
+and if its elegible for a bug bounty on `SECURITY.md`. Bugs that are not submitted
+through the appropriate channels won't receive any bounty.
+ -->
+
+## Summary of Bug
+
+<!-- Concisely describe the issue -->
+
+## Version
+
+<!-- git commit hash or release version -->
+
+## Steps to Reproduce
+
+<!-- What commands in order should someone run to reproduce your problem? -->

.github/ISSUE_TEMPLATE/epics.md

@@ -0,0 +1,31 @@
+---
+name: Epic
+about: Create an epic/user
+title: "[Epic]: "
+labels: T:Epic
+---
+
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺ 
+v                            ✰  Thanks for opening an issue! ✰    
+v    Before smashing the submit button please review the template.
+v    Word of caution: poorly thought-out proposals may be rejected 
+v                     without deliberation 
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
+
+## Summary
+
+<!-- Short, concise description of the proposed feature/changes to the repository
+What are the user needs?
+How could this solution fix the user facing problem?  -->
+
+## Problem Definition
+
+<!-- Why do we need this feature? 
+What problems may be addressed by introducing this feature?
+What benefits does the SDK stand to gain by including this feature?
+Are there any disadvantages of including this feature? -->
+
+## Work Breakdown
+
+<!-- Break the work into many bullet points that will later be turned into issues that can be assigned to developers to work on 
+This work may been to be broken up into phases of work in order to better organize when and how things get done. -->

.github/ISSUE_TEMPLATE/feature-request.md

@@ -0,0 +1,28 @@
+---
+name: Feature Request
+about: Create a proposal to request a feature
+title: "[Feature]: "
+labels: T:feature-request
+---
+
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺ 
+v                            ✰  Thanks for opening an issue! ✰    
+v    Before smashing the submit button please review the template.
+v    Word of caution: poorly thought-out proposals may be rejected 
+v                     without deliberation 
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
+
+## Summary
+
+<!-- Short, concise description of the proposed feature -->
+
+## Problem Definition
+
+<!-- Why do we need this feature? 
+What problems may be addressed by introducing this feature?
+What benefits does the SDK stand to gain by including this feature?
+Are there any disadvantages of including this feature? -->
+
+## Proposal
+
+<!-- Detailed description of requirements of implementation -->

.github/PULL_REQUEST_TEMPLATE/docs.md

@@ -0,0 +1,38 @@
+## Description
+
+Closes: #XXXX
+
+<!-- Add a description of the changes that this PR introduces and the files that
+are the most critical to review. -->
+
+<!-- Pull requests that sit inactive for longer than 30 days will be closed.  -->
+---
+
+### Author Checklist
+
+*All items are required. Please add a note to the item if the item is not applicable and
+please add links to any relevant follow up issues.*
+
+I have...
+
+- [ ] included the correct `docs:` prefix in the PR title
+- [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/main/CONTRIBUTING.md#pr-targeting))
+- [ ] provided a link to the relevant issue or specification
+- [ ] followed the [documentation writing guidelines](https://github.com/cosmos/cosmos-sdk/blob/main/docs/DOC_WRITING_GUIDELINES.md)
+- [ ] reviewed "Files changed" and left comments if necessary
+- [ ] confirmed all CI checks have passed
+
+### Reviewers Checklist
+
+*All items are required. Please add a note if the item is not applicable and please add
+your handle next to the items reviewed if you only reviewed selected items.*
+
+I have...
+
+- [ ] confirmed the correct `docs:` prefix in the PR title
+- [ ] confirmed all author checklist items have been addressed 
+- [ ] confirmed that this PR only changes documentation
+- [ ] reviewed content for consistency
+- [ ] reviewed content for thoroughness
+- [ ] reviewed content for spelling and grammar
+- [ ] tested instructions (if applicable)

.github/PULL_REQUEST_TEMPLATE/other.md

@@ -0,0 +1,32 @@
+## Description
+
+Closes: #XXXX
+
+<!-- Add a description of the changes that this PR introduces and the files that
+are the most critical to review. -->
+
+---
+
+### Author Checklist
+
+*All items are required. Please add a note to the item if the item is not applicable and
+please add links to any relevant follow up issues.*
+
+I have...
+
+- [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
+- [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/main/CONTRIBUTING.md#pr-targeting))
+- [ ] provided a link to the relevant issue or specification
+- [ ] reviewed "Files changed" and left comments if necessary
+- [ ] confirmed all CI checks have passed
+
+### Reviewers Checklist
+
+*All items are required. Please add a note if the item is not applicable and please add
+your handle next to the items reviewed if you only reviewed selected items.*
+
+I have...
+
+- [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
+- [ ] confirmed all author checklist items have been addressed
+- [ ] confirmed that this PR does not change production code

.github/dependabot.yml

@@ -0,0 +1,18 @@
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "01:00"
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "01:05"
+    labels:
+      - "A:automerge"
+      - dependencies

.github/issue_labeler.yml

@@ -0,0 +1,2 @@
+needs-triage: # if no label is set then set triage
+  - ''

.github/pr_labeler.yml

@@ -0,0 +1,2 @@
+"C:Rosetta":
+  - /**/*

.github/workflows/build.yml

@@ -0,0 +1,51 @@
+name: Build rosetta
+#  This workflow is run on pushes to main & every Pull Requests where a .go, .mod, .sum have been changed
+on:
+  pull_request:
+  merge_group:
+  push:
+    branches:
+      - main
+      - release/**
+permissions:
+  contents: read
+
+concurrency:
+  group: ci-${{ github.ref }}-build
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-arch: ["amd64", "arm", "arm64"]
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: "1.20"
+          check-latest: true
+      - uses: technote-space/[email protected]
+        id: git_diff
+        with:
+          PATTERNS: |
+            **/*.go
+            go.mod
+            go.sum
+            **/go.mod
+            **/go.sum
+            **/Makefile
+            Makefile
+        ###################
+        #### Build App ####
+        ###################
+      - name: Build
+        if: env.GIT_DIFF
+        run: GOARCH=${{ matrix.go-arch }} make build
+        ###################
+        ## Build Tooling ##
+        ###################
+      - name: Build Rosetta
+        if: env.GIT_DIFF
+        run: GOARCH=${{ matrix.go-arch }} make rosetta

.github/workflows/changelog-reminder.yml

@@ -0,0 +1,19 @@
+# Checks if a changelog is missing in the PR diff
+name: Changelog Reminder
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    paths: ["**/*.go"]
+permissions:
+  pull-requests: write
+jobs:
+  remind:
+    name: Changelog Reminder
+    runs-on: ubuntu-latest
+    # Skip draft PRs and PRs starting with: revert, test, chore, ci, docs, style, build, refactor
+    if: "!github.event.pull_request.draft && !contains(github.event.pull_request.title, 'revert') && !contains(github.event.pull_request.title, 'test') && !contains(github.event.pull_request.title, 'chore') && !contains(github.event.pull_request.title, 'ci') && !contains(github.event.pull_request.title, 'docs') && !contains(github.event.pull_request.title, 'style') && !contains(github.event.pull_request.title, 'build') && !contains(github.event.pull_request.title, 'refactor')"
+    steps:
+      - uses: actions/checkout@v3
+      - uses: mskelton/changelog-reminder-action@v3
+        with:
+          message: "@${{ github.actor }} your pull request is missing a changelog!"

.github/workflows/clean-action-artifacts.yml

@@ -0,0 +1,17 @@
+name: Remove GitHub Action Old Artifacts
+
+on:
+  schedule:
+    # Every day at 1am
+    - cron: "0 1 * * *"
+
+jobs:
+  remove-old-artifacts:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - name: Remove old artifacts
+        uses: c-hive/gha-remove-artifacts@v1
+        with:
+          age: "7 days"

.github/workflows/gosec.yml

@@ -0,0 +1,38 @@
+name: Run Gosec
+on:
+  pull_request:
+    paths:
+      - "**/*.go"
+      - "go.mod"
+      - "go.sum"
+  push:
+    branches:
+      - main
+    paths:
+      - "**/*.go"
+      - "go.mod"
+      - "go.sum"
+
+jobs:
+  Gosec:
+    permissions:
+      security-events: write
+
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@master
+        with:
+          # we let the report trigger content trigger a failure using the GitHub Security features.
+          args: "-exclude=G101,G107 -no-fail -fmt sarif -out results.sarif ./..."
+
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: results.sarif

.github/workflows/issue_labeler.yml

@@ -0,0 +1,15 @@
+name: "Issue Labeler"
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  triage:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: github/[email protected]
+        if: join(github.event.issue.labels) == ''
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"
+          configuration-path: .github/issue_labeler.yml
+          enable-versioned-regex: 0 

.github/workflows/issues.yml

@@ -0,0 +1,18 @@
+name: Add Sprint issues to Cosmos SDK Project 
+
+on:
+  issues:
+    types:
+      - opened
+      - labeled
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          project-url: https://github.com/orgs/cosmos/projects/26
+          github-token: ${{ secrets.PERSONAL_TOKEN }}
+          labeled: T:Sprint,needs-triage