qonto
diff --git a/‎.checkov.yaml‎
Lines changed: 7 additions & 0 deletions b/‎.checkov.yaml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 36 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/feature_request.md‎
Lines changed: 24 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/feature_request.md‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎.github/dependabot.yml‎
Lines changed: 19 additions & 0 deletions b/‎.github/dependabot.yml‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎.github/workflows/linter.yaml‎
Lines changed: 33 additions & 0 deletions b/‎.github/workflows/linter.yaml‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎.github/workflows/test.yaml‎
Lines changed: 181 additions & 0 deletions b/‎.github/workflows/test.yaml‎
Lines changed: 181 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 9 additions & 0 deletions b/‎.gitignore‎
Lines changed: 9 additions & 0 deletions
@@ -0,0 +1,7 @@
+---
+skip-check:
+  - CKV_SECRET_4  # We have password in our configuration templates
+  - CKV_DOCKER_2  # We don't define healthcheck for our containers because it's a CLI
+
+skip-path:
+  - scripts/kubernetesdev  # Exclude kubernetes development environment, mostly for PostgreSQL
@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+### Describe the bug
+
+A clear and concise description of what the bug is.
+
+### Desktop (please complete the following information)
+
+- OS: [e.g. Linux]
+- PostgreSQL partition manager [e.g. v1.1]
+- PostgreSQL version: [e.g. v14]
+- Partition key column type [e.g. date, uuidv7]
+
+If possible, please also share:
+
+- Table table structure dump (`pg_dump --schema-only --no-comments --no-privileges -t <table_name> <database_name>`)
+- PostgreSQL Partition Manager configuration (`postgresql-partition-manager.yaml`)
+
+### To Reproduce
+
+Steps to reproduce the behavior
+
+### Expected behavior
+
+A clear and concise description of what you expected to happen.
+
+### Additional context
+
+Add any other context about the problem here.
@@ -0,0 +1,24 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+### Is your feature request related to a problem? Please describe
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+### Describe the solution you'd like
+
+A clear and concise description of what you want to happen.
+
+### Describe alternatives you've considered
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+### Additional context
+
+Add any other context or screenshots about the feature request here.
@@ -0,0 +1,19 @@
+---
+version: 2
+updates:
+
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: weekly
+
+  - package-ecosystem: "docker"
+    directory: "/scripts/localdev"
+    schedule:
+      interval: weekly
@@ -0,0 +1,33 @@
+---
+name: linter
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - "*"
+
+permissions:
+  contents: read
+
+jobs:
+  golangci:
+    name: golangci
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.21'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v4
+        with:
+          version: v1.54
+
+  yamllint:
+    name: yamllint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Lint YAML files
+        run: yamllint .  # YAML lint is already installed in ubuntu-latest
@@ -0,0 +1,181 @@
+---
+name: unittest
+on:  # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - "*"
+
+permissions:
+  contents: read
+
+jobs:
+  go:
+    name: go
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.21'
+      - name: Install dependencies
+        run: |
+          go get .
+      - name: Build
+        run: make build
+      - name: Run Go tests
+        run: make test
+      - name: Code Coverage Report
+        uses: irongut/[email protected]
+        with:
+          filename: coverage.xml
+          badge: true
+          fail_below_min: true
+          format: markdown
+          hide_branch_rate: false
+          hide_complexity: true
+          indicators: true
+          output: both
+          thresholds: '60 80'
+      - uses: jwalton/gh-find-current-pr@v1
+        id: finder
+      - name: Add Coverage PR Comment
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          number: ${{ steps.finder.outputs.pr }}
+          path: code-coverage-results.md
+          recreate: true
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: binary
+          path: postgresql-partition-manager
+          if-no-files-found: error
+          retention-days: 1
+
+  e2e:
+    name: End-to-end
+    needs: go
+    strategy:
+      matrix:
+        postgres:
+          - postgres:14
+          - postgres:15
+          - postgres:16
+    runs-on: ubuntu-latest
+    env:
+      BATS_LIB_PATH: "${{ github.workspace }}/test/bats/lib/"
+      PGHOST: localhost
+      PGUSER: postgres
+      PGPASSWORD: hackme
+      PGDATABASE: unittest
+    services:
+      postgres:
+        image: ${{ matrix.postgres }}
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+          --hostname postgres
+        env:
+          POSTGRES_PASSWORD: hackme
+        ports:
+          - 5432:5432
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Bats and bats libs
+        uses: bats-core/[email protected]
+        with:
+          support-path: ${{ github.workspace }}/test/bats/lib/bats-support
+          assert-path: ${{ github.workspace }}/test/bats/lib/bats-assert
+          file-install: false  # Unused
+          detik-install: false  # Unused
+
+      - name: Download artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: binary
+
+      # File permissions are not maintained during artifact upload/download
+      - name: Move binary to local executable
+        run: mv postgresql-partition-manager /usr/local/bin && chmod +x /usr/local/bin/postgresql-partition-manager
+
+      - name: Run bats
+        run: make bats-test
+
+  helm:
+    name: helm
+    runs-on: ubuntu-latest
+    env:
+      HELM_UNITTEST_VERSION: v0.3.5
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install helm-unittest
+        run: helm plugin install --version $HELM_UNITTEST_VERSION https://github.com/helm-unittest/helm-unittest.git
+      - name: Run Helm test
+        run: make helm-test
+
+  kubeconform:
+    name: kubeconform
+    runs-on: ubuntu-latest
+    env:
+      KUBECONFORM_VERSION: 0.6.2
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install kubeconform
+        run: |
+          curl -sSLo /tmp/kubeconform.tar.gz "https://github.com/yannh/kubeconform/releases/download/v${KUBECONFORM_VERSION}/kubeconform-linux-amd64.tar.gz" \
+          && tar -C /usr/local/bin/ -xzvf /tmp/kubeconform.tar.gz
+      - name: Run Kubeconform test
+        run: make kubeconform-test
+
+  debian:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-go@v5
+        with:
+          go-version: stable
+      - name: Set up QEMU for ARM64 build
+        uses: docker/setup-qemu-action@v3
+      - uses: goreleaser/goreleaser-action@v5
+        with:
+          distribution: goreleaser
+          version: latest
+          args: release --clean --skip=publish --skip=docker --snapshot
+        env:
+          GORELEASER_CURRENT_TAG: 0.0.0
+      - name: Run Debian package tests
+        run: make debian-test-ci
+
+#  checkcov:
+#    permissions:
+#      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
+#      actions: read  # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v4
+#      - name: Checkov GitHub Action
+#        uses: bridgecrewio/checkov-action@v12
+#        with:
+#          # This will add both a CLI output to the console and create a results.sarif file
+#          output_format: cli,sarif
+#          output_file_path: console,results.sarif
+#      - name: Upload SARIF file
+#        uses: github/codeql-action/upload-sarif@v3
+#        # Results are generated only on a success or failure
+#        # this is required since GitHub by default won't run the next step
+#        # when the previous one has failed. Security checks that do not pass will 'fail'.
+#        # An alternative is to add `continue-on-error: true` to the previous step
+#        # Or 'soft_fail: true' to checkov.
+#        if: success() || failure()
+#        with:
+#          sarif_file: results.sarif
@@ -0,0 +1,9 @@
+.DS_Store
+/.vscode
+/cover.html
+/coverage.txt
+/coverage.xml
+/dist
+/postgresql-partition-manager
+/postgresql-partition-manager.yaml
+scripts/localdev/.data