diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/code-scanning.yml deleted file mode 100644 index 83d2c30be..000000000 --- a/.github/workflows/code-scanning.yml +++ /dev/null @@ -1,82 +0,0 @@ -name: "CodeQL" -run-name: ${{ github.event.inputs.code_scanning_run_name }} -on: [push, pull_request, workflow_dispatch] - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - CODE_SCANNING_REF: ${{ github.event.inputs.code_scanning_ref }} - CODE_SCANNING_BASE_BRANCH: ${{ github.event.inputs.code_scanning_base_branch }} - CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH: ${{ github.event.inputs.code_scanning_is_analyzing_default_branch }} - -jobs: - analyze: - name: Analyze (${{ matrix.language }}) - runs-on: ${{ fromJSON(matrix.runner) }} - permissions: - actions: read - contents: read - packages: read - security-events: write - continue-on-error: false - strategy: - fail-fast: false - matrix: - include: - - language: actions - category: /language:actions - build-mode: none - runner: '["ubuntu-22.04"]' - - language: go - category: /language:go - build-mode: autobuild - runner: '["ubuntu-22.04"]' - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - build-mode: ${{ matrix.build-mode }} - dependency-caching: ${{ runner.environment == 'github-hosted' }} - queries: "" # Default query suite - packs: github/ccr-${{ matrix.language }}-queries - config: | - default-setup: - org: - model-packs: [ ${{ github.event.inputs.code_scanning_codeql_packs }} ] - threat-models: [ ] - - name: Setup proxy for registries - id: proxy - uses: github/codeql-action/start-proxy@v3 - with: - registries_credentials: ${{ secrets.GITHUB_REGISTRIES_PROXY }} - language: ${{ matrix.language }} - - - name: Configure - uses: github/codeql-action/resolve-environment@v3 - id: resolve-environment - with: - language: ${{ matrix.language }} - - name: Setup Go - uses: actions/setup-go@v5 - if: matrix.language == 'go' && fromJSON(steps.resolve-environment.outputs.environment).configuration.go.version - with: - go-version: ${{ fromJSON(steps.resolve-environment.outputs.environment).configuration.go.version }} - cache: false - - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - env: - CODEQL_PROXY_HOST: ${{ steps.proxy.outputs.proxy_host }} - CODEQL_PROXY_PORT: ${{ steps.proxy.outputs.proxy_port }} - CODEQL_PROXY_CA_CERTIFICATE: ${{ steps.proxy.outputs.proxy_ca_certificate }} - with: - category: ${{ matrix.category }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml deleted file mode 100644 index 35ffc47db..000000000 --- a/.github/workflows/docker-publish.yml +++ /dev/null @@ -1,122 +0,0 @@ -name: Docker - -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -on: - schedule: - - cron: "27 0 * * *" - push: - branches: ["main"] - # Publish semver tags as releases. - tags: ["v*.*.*"] - pull_request: - branches: ["main"] - -env: - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }} - -jobs: - build: - runs-on: ubuntu-latest-xl - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Install the cosign tool except on PR - # https://github.com/sigstore/cosign-installer - - name: Install cosign - if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 #v3.5.0 - with: - cosign-release: "v2.2.4" - - # Set up BuildKit Docker container builder to be able to build - # multi-platform images and export cache - # https://github.com/docker/setup-buildx-action - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - # Extract metadata (tags, labels) for Docker - # https://github.com/docker/metadata-action - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=schedule - type=ref,event=branch - type=ref,event=tag - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - type=edge - # Custom rule to prevent pre-releases from getting latest tag - type=raw,value=latest,enable=${{ github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') }} - - - name: Go Build Cache for Docker - uses: actions/cache@v4 - with: - path: go-build-cache - key: ${{ runner.os }}-go-build-cache-${{ hashFiles('**/go.sum') }} - - - name: Inject go-build-cache - uses: reproducible-containers/buildkit-cache-dance@4b2444fec0c0fb9dbf175a96c094720a692ef810 # v2.1.4 - with: - cache-source: go-build-cache - - # Build and push Docker image with Buildx (don't push on PR) - # https://github.com/docker/build-push-action - - name: Build and push Docker image - id: build-and-push - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 - with: - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max - platforms: linux/amd64,linux/arm64 - build-args: | - VERSION=${{ github.ref_name }} - - # Sign the resulting Docker image digest except on PRs. - # This will only write to the public Rekor transparency log when the Docker - # repository is public to avoid leaking data. If you would like to publish - # transparency data even for private images, pass --force to cosign below. - # https://github.com/sigstore/cosign - - name: Sign the published Docker image - if: ${{ github.event_name != 'pull_request' }} - env: - # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable - TAGS: ${{ steps.meta.outputs.tags }} - DIGEST: ${{ steps.build-and-push.outputs.digest }} - # This step uses the identity token to provision an ephemeral certificate - # against the sigstore community Fulcio instance. - run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml deleted file mode 100644 index cd67b9653..000000000 --- a/.github/workflows/go.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Unit Tests -on: [push, pull_request] - -permissions: - contents: read - -jobs: - build: - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, windows-latest, macos-latest] - - runs-on: ${{ matrix.os }} - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Download dependencies - run: go mod download - - - name: Run unit tests - run: go test -race ./... - - - name: Build - run: go build -v ./cmd/github-mcp-server diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml deleted file mode 100644 index 263607ee1..000000000 --- a/.github/workflows/goreleaser.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: GoReleaser Release -on: - push: - tags: - - "v*" -permissions: - contents: write - id-token: write - attestations: write - -jobs: - release: - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Download dependencies - run: go mod download - - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 - with: - distribution: goreleaser - # GoReleaser version - version: "~> v2" - # Arguments to pass to GoReleaser - args: release --clean - workdir: . - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Generate signed build provenance attestations for workflow artifacts - uses: actions/attest-build-provenance@v2 - with: - subject-path: | - dist/*.tar.gz - dist/*.zip - dist/*.txt diff --git a/.github/workflows/license-check.yml b/.github/workflows/license-check.yml deleted file mode 100644 index 50f34ff60..000000000 --- a/.github/workflows/license-check.yml +++ /dev/null @@ -1,21 +0,0 @@ -# Create a github action that runs the license check script and fails if it exits with a non-zero status - -name: License Check -on: [push, pull_request] -permissions: - contents: read - -jobs: - license-check: - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - name: check licenses - run: ./script/licenses-check diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml deleted file mode 100644 index 9fa416abd..000000000 --- a/.github/workflows/lint.yaml +++ /dev/null @@ -1,45 +0,0 @@ -name: Lint -on: - push: - pull_request: - -permissions: - contents: read - -jobs: - lint: - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: 'go.mod' - - - name: Verify dependencies - run: | - go mod verify - go mod download - - - name: Run checks - run: | - STATUS=0 - assert-nothing-changed() { - local diff - "$@" >/dev/null || return 1 - if ! diff="$(git diff -U1 --color --exit-code)"; then - printf '\e[31mError: running `\e[1m%s\e[22m` results in modifications that you must check into version control:\e[0m\n%s\n\n' "$*" "$diff" >&2 - git checkout -- . - STATUS=1 - fi - } - assert-nothing-changed go mod tidy - exit $STATUS - - - name: golangci-lint - uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 - with: - version: v2.1.6 diff --git a/go.mod b/go.mod index ab2302ed5..d2f28d7da 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/fsnotify/fsnotify v1.8.0 // indirect - github.com/go-viper/mapstructure/v2 v2.2.1 + github.com/go-viper/mapstructure/v2 v2.3.0 github.com/google/go-github/v71 v71.0.0 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/google/uuid v1.6.0 // indirect diff --git a/go.sum b/go.sum index e7f6794a7..a8a950e9c 100644 --- a/go.sum +++ b/go.sum @@ -13,8 +13,8 @@ github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= -github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/go-viper/mapstructure/v2 v2.3.0 h1:27XbWsHIqhbdR5TIC911OfYvgSaW93HM+dX7970Q7jk= +github.com/go-viper/mapstructure/v2 v2.3.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= diff --git a/temp-repo b/temp-repo new file mode 160000 index 000000000..3da5953d2 --- /dev/null +++ b/temp-repo @@ -0,0 +1 @@ +Subproject commit 3da5953d2d52b24f968d3ab056e6df372aa86192