slashdevops · christiangda · Sep 11, 2023 · Sep 10, 2023 · Sep 10, 2023 · Sep 10, 2023
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,7 +5,7 @@
 
 version: 2
 updates:
-  - package-ecosystem: "" # See documentation for possible values
+  - package-ecosystem: "gomod" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
diff --git a/.github/workflows/aws-sam.yml b/.github/workflows/aws-sam.yml
@@ -8,7 +8,6 @@ on:
         required: true
       SAM_APP_BUCKET:
         required: true
-
   workflow_dispatch:
 
 permissions:
@@ -17,7 +16,6 @@ permissions:
 
 env:
   AWS_REGION: us-east-1
-  GO_VERSION: 1.21.1
 
 jobs:
   publish:
@@ -51,33 +49,24 @@ jobs:
         id: go
         uses: actions/setup-go@v4
         with:
-          go-version: ${{ env.GO_VERSION }}
+          go-version-file: ./go.mod
+
+      - name: Go version
+        run: |
+          go version
+
+      - name: Git Current branch name (Version)
+        run: |
+          echo ${{ github.ref_name }}
 
       - name: Set up Python 3.x
         uses: actions/setup-python@v4
 
       - name: Set up AWS SAM
         uses: aws-actions/setup-sam@v2
 
-      - id: go-cache-paths
-        run: |
-          echo "go-build=$(go env GOCACHE)" >> $GITHUB_OUTPUT
-          echo "go-mod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT
-
-      - name: Go Build Cache
-        uses: actions/cache@v3
-        with:
-          path: ${{ steps.go-cache-paths.outputs.go-build }}
-          key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }}
-
-      - name: Go Mod Cache
-        uses: actions/cache@v3
-        with:
-          path: ${{ steps.go-cache-paths.outputs.go-mod }}
-          key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
-
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@master
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
           role-session-name: publish-sam-app
@@ -90,25 +79,21 @@ jobs:
 
       - name: AWS SAM Build template
         run: |
-          GIT_VERSION=${{ github.ref_name }} sam build --base-dir cmd/idpscim/
+          GIT_VERSION=${{ github.ref_name }} sam build
 
       - name: AWS SAM Package
         env:
           SAM_APP_BUCKET: ${{ secrets.SAM_APP_BUCKET }}
         run: |
           sam package --output-template-file packaged.yaml --s3-bucket $SAM_APP_BUCKET
 
-      - name: Git Current branch name (Version)
-        run: |
-          echo ${{ github.ref_name }}
-
-      - name: Set semVer format version
+      - name: Set SemVer format version
         id: semver
         run: |
           VERSION=$(echo ${{ github.ref_name }} | cut -d 'v' -f 2)
           echo "version=$VERSION" >> $GITHUB_OUTPUT
 
-      - name: semVer version
+      - name: Shows SemVer format version
         run: |
           echo ${{ steps.semver.outputs.version }}
 
@@ -121,7 +106,7 @@ jobs:
           sam publish --semantic-version $SAM_APP_VERSION --template packaged.yaml --region $AWS_PUBLIC_REGION
 
       - name: Get the AWS SAM published application ARN
-        id: set_arn
+        id: set-arn
         env:
           AWS_PUBLIC_REGION: ${{ matrix.AWS_REGIONS }}
         run: |
@@ -134,11 +119,11 @@ jobs:
 
       - name: Show AWS SAM Application ARN
         run: |
-          echo ${{ steps.set_arn.outputs.arn }}
+          echo ${{ steps.set-arn.outputs.arn }}
 
       - name: Get the AWS SAM published application ARN
         env:
           AWS_PUBLIC_REGION: ${{ matrix.AWS_REGIONS }}
-          AWS_SAM_APP_ARN: ${{ steps.set_arn.outputs.arn }}
+          AWS_SAM_APP_ARN: ${{ steps.set-arn.outputs.arn }}
         run: |
           aws serverlessrepo put-application-policy --application-id $AWS_SAM_APP_ARN --statements Principals='*',Actions='Deploy' --region $AWS_PUBLIC_REGION
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,46 @@
+name: "Build"
+
+on:
+  # push:
+  #   branches:
+  #     - main
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+
+permissions:
+  security-events: write
+  actions: read
+  contents: read
+  pull-requests: read
+
+jobs:
+  test:
+    name: "Test and Build"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go 1.x
+        id: go
+        uses: actions/setup-go@v4
+        with:
+          go-version-file: ./go.mod
+
+      - name: Go version
+        run: |
+          go version
+
+      - name: Test
+        run: make test
+
+      - name: codecov coverage report
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
+          files: ./coverage.out
+
+      - name: Build
+        run: make build
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml
@@ -13,81 +13,64 @@ on:
         required: true
       AWS_OIDC_ROLE_TO_ASSUME:
         required: true
-
   workflow_dispatch:
 
 env:
-  GO_VERSION: 1.21.1
   AWS_REGION: us-east-1
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
-  publish_container_images:
-    name: Publish Container Images
+  build_publish_container_images:
+    name: Build and Publish Container Images
     runs-on: ubuntu-latest
     steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v4
-        with:
-          go-version: ${{ env.GO_VERSION }}
-        id: go
-
       - name: Check out code
         uses: actions/checkout@v4
 
-      - id: go-cache-paths
-        run: |
-          echo "go-build=$(go env GOCACHE)" >> $GITHUB_OUTPUT
-          echo "go-mod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT
-
-      - name: Go Build Cache
-        uses: actions/cache@v3
+      - name: Set up Go 1.x
+        id: go
+        uses: actions/setup-go@v4
         with:
-          path: ${{ steps.go-cache-paths.outputs.go-build }}
-          key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }}
+          go-version-file: ./go.mod
 
-      - name: Go Mod Cache
-        uses: actions/cache@v3
-        with:
-          path: ${{ steps.go-cache-paths.outputs.go-mod }}
-          key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
+      - name: Go version
+        run: |
+          go version
 
       - name: Git Current branch name (Version)
         run: |
           echo ${{ github.ref_name }}
 
       - name: Docker Version
-        run: docker version
-
-      - uses: actions/cache@v3
-        with:
-          path: |
-            ~/.cache/go-build
-            ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ runner.os }}-go-
+        run: |
+          docker version
 
       - name: Build container images
-        run: make container-build GIT_VERSION=${{ github.ref_name }}
+        run: |
+          GIT_VERSION=${{ github.ref_name }} make container-build
 
-      - name: Show local container images
-        run: docker images
+      - name: Show container images
+        run: |
+          docker images
 
       - name: Logging in Docker Hub
-        run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USER }} --password-stdin
+        run: |
+          echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USER }} --password-stdin
 
       - name: Publish Images in Docker Hub
-        run: make container-publish-docker GIT_VERSION=${{ github.ref_name }}
+        run: |
+          GIT_VERSION=${{ github.ref_name }} make container-publish-docker
 
       - name: Logging in GitHub Registry
-        run: echo ${{ secrets.GH_PAT }} | docker login ghcr.io -u ${{ secrets.GH_USER }} --password-stdin
+        run: |
+          echo ${{ secrets.GH_PAT }} | docker login ghcr.io -u ${{ secrets.GH_USER }} --password-stdin
 
       - name: Publish Images in GitHub Registry
-        run: make container-publish-github GIT_VERSION=${{ github.ref_name }}
+        run: |
+          GIT_VERSION=${{ github.ref_name }} make container-publish-github
 
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@master
@@ -99,12 +82,9 @@ jobs:
       - name: Logging in AWS ECR Public Repository
         env:
           AWS_REGION: ${{ env.AWS_REGION }}
-        run: aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws
-
-      # not supported public repos yet: https://github.com/aws-actions/amazon-ecr-login/issues/116
-      # - name: Logging in AWS ECR Public Repository
-      #   id: login-ecr
-      #   uses: aws-actions/amazon-ecr-login@v1
+        run: |
+          aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws
 
       - name: Publish Images in GitHub Packages
-        run: make container-publish-aws-ecr GIT_VERSION=${{ github.ref_name }}
+        run: |
+          GIT_VERSION=${{ github.ref_name }} make container-publish-aws-ecr
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml