add management stuff

Author: CodingWizKid

.githooks/pre-push

@@ -0,0 +1,35 @@
+name: Semgrep
+
+on:
+  # Scan changed files in PRs, block on new issues only (existing issues ignored)
+  pull_request: {}
+
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    # Skip any PR created by dependabot to avoid permission issues
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      # Fetch project source
+      - uses: actions/checkout@v3
+
+      - uses: returntocorp/semgrep-action@v1
+        with:
+          config: >- # more at semgrep.dev/explore
+            p/security-audit
+            p/secrets
+            p/ci
+            p/r2c
+            p/r2c-ci
+            p/docker
+            p/dockerfile
+            p/command-injection
+          generateSarif: "1"
+
+      # Upload findings to GitHub Advanced Security Dashboard [step 2/2]
+      - name: Upload SARIF file for GitHub Advanced Security Dashboard
+        uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        with:
+          sarif_file: semgrep.sarif
+        if: always()

.github/ISSUE_TEMPLATE/bug.yaml

@@ -0,0 +1,47 @@
+name: Bug Report
+description: File a bug report
+labels: [ bug, triage ]
+assignees:
+  - patrickkoss
+  - Slm0n87
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! Please fill the form below.
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened?
+      description: Also tell us, what did you expect to happen?
+    validations:
+      required: true
+  - type: textarea
+    id: reproducible
+    attributes:
+      label: How can we reproduce this?
+      description: Please share as much information as possible. Logs, screenshots, etc.
+    validations:
+      required: true
+  - type: checkboxes
+    id: search
+    attributes:
+      label: Search
+      options:
+        - label: I did search for other open and closed issues before opening this.
+          required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/SchwarzIT/.github/blob/main/CODE_OF_CONDUCT.md)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
+  - type: textarea
+    id: ctx
+    attributes:
+      label: Additional context
+      description: Anything else you would like to add
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/config.yaml

@@ -0,0 +1 @@
+blank_issues_enabled: true

.github/ISSUE_TEMPLATE/feature.yaml

@@ -0,0 +1,55 @@
+name: Feature Request
+description: Request a new feature and/or enhancement to an existing feature
+labels: [enhancement, triage]
+assignees:
+  - patrickkoss
+  - mgalm
+  - Slm0n87
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request! Please fill the form below.
+  - type: textarea
+    id: is-it-a-problem
+    attributes:
+      label: Is your feature request related to a problem? Please describe.
+      description: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Describe the solution you'd like
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Describe alternatives you've considered
+      description: A clear and concise description of any alternative solutions or features you've considered.
+    validations:
+      required: true
+  - type: checkboxes
+    id: search
+    attributes:
+      label: Search
+      options:
+        - label: I did search for other open and closed issues before opening this.
+          required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/SchwarzIT/.github/blob/main/CODE_OF_CONDUCT.md)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
+  - type: textarea
+    id: ctx
+    attributes:
+      label: Additional context
+      description: Anything else you would like to add
+    validations:
+      required: false

.github/renovate.json

@@ -0,0 +1,17 @@
+{
+  "extends": [
+    "config:base",
+    "group:allNonMajor",
+    ":semanticCommits",
+    ":semanticCommitTypeAll(chore)",
+    ":gitSignOff"
+  ],
+  "dependencyDashboard": false,
+  "packageRules": [
+    {
+      "matchUpdateTypes": ["major", "minor", "patch", "pin", "digest"],
+      "automerge": true
+    }
+  ],
+  "postUpdateOptions": ["gomodTidy", "gomodUpdateImportPaths"]
+}

.github/semantic.yml

@@ -0,0 +1,19 @@
+# config options found here: https://github.com/Ezard/semantic-prs
+
+# Always validate the PR title, and ignore the commits
+titleOnly: true
+
+scopes:
+- api
+- cli
+- ci
+- deps
+
+types:
+- feat
+- fix
+- docs
+- refactor
+- test
+- chore
+- revert

.github/workflows/main.yml

@@ -0,0 +1,58 @@
+---
+# based on https://github.com/mvdan/github-actions-golang
+name: CI
+
+on:
+  pull_request:
+    branches: ["main"]
+    paths-ignore: ["docs/**"]
+
+  push:
+    branches: ["main"]
+    paths-ignore: ["docs/**"]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        go-version: [1.20.x]
+        os: [ubuntu-latest]
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - name: Install Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # cache go modules
+      - uses: actions/cache@v3
+        with:
+          # In order:
+          # * Module download cache
+          # * Build cache (Linux)
+          # * Build cache (Mac)
+          # * Build cache (Windows)
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/go-build
+            ~/Library/Caches/go-build
+            %LocalAppData%\go-build
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Downloads the dependencies
+        run: make download
+
+      - name: Lints all code with golangci-lint
+        run: make lint
+
+      - name: Runs all tests
+        run: make test

.github/workflows/release.yaml

@@ -0,0 +1,42 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - "*"
+
+permissions: read-all
+
+jobs:
+  release:
+    permissions:
+      id-token: write
+      packages: write
+      contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        with:
+          fetch-depth: 0
+      - name: Set up Go
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
+        with:
+          go-version: 1.19
+      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - uses: sigstore/cosign-installer@204a51a57a74d190b284a0ce69b44bc37201f343 # v3.0.3
+      - uses: anchore/sbom-action/download-syft@422cb34a0f8b599678c41b21163ea6088edb2624 # v0.14.1
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0
+        with:
+          version: latest
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/semgrep.yaml

@@ -0,0 +1,35 @@
+name: Semgrep
+
+on:
+  # Scan changed files in PRs, block on new issues only (existing issues ignored)
+  pull_request: {}
+
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    # Skip any PR created by dependabot to avoid permission issues
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      # Fetch project source
+      - uses: actions/checkout@v3
+
+      - uses: returntocorp/semgrep-action@v1
+        with:
+          config: >- # more at semgrep.dev/explore
+            p/security-audit
+            p/secrets
+            p/ci
+            p/r2c
+            p/r2c-ci
+            p/docker
+            p/dockerfile
+            p/command-injection
+          generateSarif: "1"
+
+      # Upload findings to GitHub Advanced Security Dashboard [step 2/2]
+      - name: Upload SARIF file for GitHub Advanced Security Dashboard
+        uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        with:
+          sarif_file: semgrep.sarif
+        if: always()

CODEOWNERS

@@ -0,0 +1,4 @@
+* [email protected]
+* [email protected]
+* [email protected]
+* [email protected]

CONTRIBUTING.md

@@ -0,0 +1,37 @@
+# Contributing to External DNS STACKIT Webhook
+
+Welcome and thank you for making it this far and considering contributing to external-dns-stackit-webhook.
+We always appreciate any contributions by raising issues, improving the documentation, fixing bugs in the CLI or adding new features.
+
+Before opening a PR please read through this document.
+If you want to contribute but don't know how to start or have any questions feel free to reach out to us on [Github Discussions](https://github.com/stackitcloud/stackit-api-manager-cli/discussions). Answering any questions or discussions there is also a great way to contribute to the community.
+
+## Process of making an addition
+
+> Please keep in mind to open an issue whenever you plan to make an addition to features to discuss it before implementing it.
+
+To contribute any code to this repository just do the following:
+
+1. Make sure you have Go's latest version installed
+2. Fork this repository
+3. Run `make build` to make sure everything's setup correctly
+4. Make your changes
+   > Please follow the [seven rules of greate Git commit messages](https://chris.beams.io/posts/git-commit/#seven-rules)
+   > and make sure to keep your commits clean and atomic.
+   > Your PR won't be squashed before merging so the commits should tell a story.
+   >
+   > Optional: Sign-off on all Git commits by running `git commit -s`.
+   > Take a look at the [Gihub Docs](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for further information.
+   >
+   > Add documentation and tests for your addition if needed.
+5. Run `make lint test` to ensure your code is ready to be merged
+   > If any linting issues occur please fix them.
+   > Using a nolint directive should only be used as a last resort.
+6. Open a PR and make sure the CI pipelines succeed.
+   > Your PR needs to have a semantic title, which can look like: `type(scope) Short Description`
+   > All available `scopes` & `types` are defined in [semantic.yml](https://github.com/stackitcloud/stackit-api-manager-cli/blob/main/.github/semantic.yml)
+   >
+   > A example PR tile for adding a new feature for the CLI would looks like: `cli(feat) Add saving output to file`
+7. Wait for one of the maintainers to review your code and react to the comments.
+8. After approval merge the PR
+9. Thank you for your contribution! :)

README.md

@@ -1,5 +1,10 @@
 # STACKIT Webhook - ExternalDNS
 
+[![GoTemplate](https://img.shields.io/badge/go/template-black?logo=go)](https://github.com/golang-standards/project-layout)
+[![CI](https://github.com/stackitcloud/stackit-api-manager-cli/actions/workflows/main.yml/badge.svg)](https://github.com/stackitcloud/external-dns-stackit-webhook/actions/workflows/main.yml)
+[![Semgrep](https://github.com/stackitcloud/stackit-api-manager-cli/actions/workflows/semgrep.yml/badge.svg)](https://github.com/stackitcloud/external-dns-stackit-webhook/actions/workflows/semgrep.yml)
+[![Go Report Card](https://goreportcard.com/badge/github.com/stackitcloud/stackit-api-manager-cli)](https://goreportcard.com/report/github.com/stackitcloud/external-dns-stackit-webhook)
+
 ⚠️ CAUTION: This Webhook is designed on an unreleased edition of 
 [ExternalDNS](https://github.com/kubernetes-sigs/external-dns), specifically focusing on the novel integration 
 method via webhooks, as deliberated and constructed