diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 000000000..02a97839c --- /dev/null +++ b/.editorconfig @@ -0,0 +1,22 @@ +root = true + +[*] +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true +end_of_line = lf +indent_style = space +indent_size = 2 +tab_width = 2 + +[*.go] +indent_size = 4 +tab_width = 4 +indent_style = tab +# required for multiline strings in test cases +trim_trailing_whitespace = false + +[Makefile] +indent_size = 4 +tab_width = 4 +indent_style = tab diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..715f5b432 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,18 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "gomod" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" + + - package-ecosystem: "github-actions" + # Workflow files stored in the + # default location of `.github/workflows` + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/golang.yml b/.github/workflows/golang.yml new file mode 100644 index 000000000..c7ccef2b7 --- /dev/null +++ b/.github/workflows/golang.yml @@ -0,0 +1,43 @@ +name: Go CI + +on: + push: + pull_request: + +jobs: + build: + runs-on: ubuntu-20.04 + + name: Continuous Integration + if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository + + strategy: + matrix: + go-version: [1.16] + + fail-fast: true + + steps: + - name: Set up Go ${{ matrix.go-version }} + uses: actions/setup-go@v2.1.3 + with: + go-version: ${{ matrix.go-version }} + + - name: Check out code + uses: actions/checkout@v2.3.4 + + - name: Cache Go modules + uses: actions/cache@v2.1.4 + id: go-mod-cache + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- + + - name: Get dependencies + run: make download + + - name: Build + run: | + make build diff --git a/Makefile b/Makefile index b22e5aed7..cb386d446 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -GO_BUILD_FLAGS = +GO_BUILD_FLAGS = DOCKER_PLUGINS = docker-generate docker-nv2 COMMANDS = nv2 $(DOCKER_PLUGINS) @@ -6,6 +6,11 @@ define BUILD_BINARY = go build $(GO_BUILD_FLAGS) -o $@ ./$< endef +.PHONY: help + +help: + @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-25s\033[0m %s\n", $$1, $$2}' + .PHONY: all all: build @@ -15,23 +20,27 @@ FORCE: bin/%: cmd/% FORCE $(BUILD_BINARY) +.PHONY: download +download: ## download dependencies via go mod + go mod download + .PHONY: build -build: $(addprefix bin/,$(COMMANDS)) +build: $(addprefix bin/,$(COMMANDS)) ## builds binaries .PHONY: clean clean: git status --ignored --short | grep '^!! ' | sed 's/!! //' | xargs rm -rf -.PHONY: check-encoding -check-encoding: +.PHONY: check-line-endings +check-line-endings: ## check line endings ! find cmd pkg internal -name "*.go" -type f -exec file "{}" ";" | grep CRLF -.PHONY: fix-encoding -fix-encoding: +.PHONY: fix-line-endings +fix-line-endings: ## fix line endings find cmd pkg internal -type f -name "*.go" -exec sed -i -e "s/\r//g" {} + .PHONY: vendor -vendor: +vendor: ## vendores the go modules GO111MODULE=on go mod vendor .PHONY: install @@ -46,4 +55,5 @@ install-docker-%: bin/docker-% cp $< ~/.docker/cli-plugins/ .PHONY: install-docker-plugins -install-docker-plugins: $(addprefix install-,$(DOCKER_PLUGINS)) +install-docker-plugins: $(addprefix install-,$(DOCKER_PLUGINS)) ## installs the docker plugins + cp $(addprefix bin/,$(DOCKER_PLUGINS)) ~/.docker/cli-plugins/ diff --git a/README.md b/README.md index 2997124dd..3609b6707 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Notary V2 (nv2) - Prototype +[![Go CI](https://github.com/notaryproject/nv2/actions/workflows/golang.yml/badge.svg)](https://github.com/notaryproject/nv2/actions/workflows/golang.yml) + nv2 is an incubation and prototype for the [Notary v2][notary-v2] efforts, securing artifacts stored in [distribution-spec][distribution-spec] based registries. The `nv2` prototype covers the scenarios outlined in [notaryproject/requirements](https://github.com/notaryproject/requirements/blob/master/scenarios.md#scenarios). It also follows the [prototyping approach described here](https://github.com/stevelasker/nv2#prototyping-approach). @@ -34,7 +36,7 @@ Public registries generally have two cateogires of content: #### End to End Experience -The user works for ACME Rockets. They build `FROM` and use certified content from docker hub. +The user works for ACME Rockets. They build `FROM` and use certified content from docker hub. Their environemt is configured to only trust content from `docker.io` and `acme-rockets.io` #### Public Certified Content @@ -53,8 +55,8 @@ Their environemt is configured to only trust content from `docker.io` and `acme- 1. The image fails to run as the user has `trust-required` enabled, and doesn't have the wabbit-networks key.The docker cli produces an error with a url for acquiring the wabbit-networks key. - The user can disable `trust-requried`, or acquire the required key. 1. The user acquires the wabbit-networks key, saves it in their local store -1. The user again runs: - - `docker run docker.io/wabbit-networks/net-monitor:latest` +1. The user again runs: + - `docker run docker.io/wabbit-networks/net-monitor:latest` and the image is sucessfully run ### Key acquisition