feat: use pflag, remove docker, update ci (#83)

jef · Jun 13, 2021 · 45549dc · 45549dc
1 parent 358b2db
commit 45549dc
Show file tree

Hide file tree

Showing 12 changed files with 201 additions and 306 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -21,7 +21,7 @@ jobs:
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: ${{ runner.os }}-go-
       - name: Build service
-        run: go build .
+        run: make build
   lint:
     name: Lint
     runs-on: ubuntu-latest
@@ -39,6 +39,7 @@ jobs:
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: ${{ runner.os }}-go-
       - name: Lint
-        run: |
-          go get -u golang.org/x/lint/golint
-          golint -set_exit_status
+        uses: golangci/golangci-lint-action@v2
+        with:
+          args: --enable dupl,gofmt,revive
+          skip-go-installation: true
diff --git a/.github/workflows/nightly-release.yaml b/.github/workflows/nightly-release.yaml
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -4,9 +4,12 @@ on:
     branches:
       - main
 jobs:
-  build-tag-release:
-    name: Build, tag, and release Docker image
+  release-please:
+    name: Build, tag, and publish assets
     runs-on: ubuntu-latest
+    outputs:
+      release-created: ${{ steps.release.outputs.release_created }}
+      upload-url: ${{ steps.release.outputs.upload_url }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
@@ -16,21 +19,51 @@ jobs:
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           release-type: simple
-          changelog-path: CHANGELOG.md
           package-name: audit-org-keys
-      - name: Login into GitHub Container Registry
-        if: ${{ steps.release.outputs.release_created }}
-        run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
-      - name: Build Docker image
-        if: ${{ steps.release.outputs.release_created }}
-        run: |
-          docker build \
-          -t "ghcr.io/${GITHUB_REPOSITORY}:${TAG_NAME}" \
-          -t "ghcr.io/${GITHUB_REPOSITORY}:latest" .
+  build-publish:
+    name: Build and publish assets
+    runs-on: ubuntu-latest
+    needs: release-please
+    if: needs.release-please.outputs.release-created
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+      - name: Setup Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: '1.16'
+      - name: Setup build cache
+        uses: actions/cache@v2
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-go-
+      - name: Build release assets
+        run: make dist
+      - name: Upload Windows asset
+        uses: actions/upload-release-asset@v1
         env:
-          TAG_NAME: ${{ steps.release.outputs.tag_name }}
-      - name: Release Docker image
-        if: ${{ steps.release.outputs.release_created }}
-        run: |
-          docker push "ghcr.io/${GITHUB_REPOSITORY}:${TAG_NAME}"
-          docker push "ghcr.io/${GITHUB_REPOSITORY}:latest"
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.release-please.outputs.upload-url }}
+          asset_path: ./audit-org-keys-windows-amd64.exe
+          asset_name: audit-org-keys-windows-amd64.exe
+          asset_content_type: application/octet-stream
+      - name: Upload Linux asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.release-please.outputs.upload-url }}
+          asset_path: ./audit-org-keys-linux-amd64
+          asset_name: audit-org-keys-linux-amd64
+          asset_content_type: application/octet-stream
+      - name: Upload macOS asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.release-please.outputs.upload-url }}
+          asset_path: ./audit-org-keys-darwin-amd64
+          asset_name: audit-org-keys-darwin-amd64
+          asset_content_type: application/octet-stream
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,2 @@
 .idea/
-audit-org-keys
+bin/
diff --git a/Dockerfile b/Dockerfile
diff --git a/Makefile b/Makefile
@@ -0,0 +1,41 @@
+PROJECT_NAME=audit-org-keys
+
+GOCMD=$(shell pwd)/cmd/$(subst -,_,$(PROJECT_NAME))
+GOBIN=$(shell pwd)/bin/$(subst -,_,$(PROJECT_NAME))
+GOREPORTS=$(shell pwd)/bin
+GO_MAJOR_VERSION = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1)
+GO_MINOR_VERSION = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
+MINIMUM_SUPPORTED_GO_MAJOR_VERSION = 1
+MINIMUM_SUPPORTED_GO_MINOR_VERSION = 16
+GO_VERSION_VALIDATION_ERR_MSG = Golang version is not supported, please update to at least $(MINIMUM_SUPPORTED_GO_MAJOR_VERSION).$(MINIMUM_SUPPORTED_GO_MINOR_VERSION)
+.SILENT:
+
+.DEFAULT:
+build: validate-go-version
+	go build -o $(GOBIN) $(GOCMD)
+
+dist: validate-go-version
+	GOOS=darwin GOARCH=amd64 go build -o $(PROJECT_NAME)-darwin-amd64 $(GOCMD)
+	GOOS=linux GOARCH=amd64 go build -o $(PROJECT_NAME)-linux-amd64 $(GOCMD)
+	GOOS=windows GOARCH=amd64 go build -o $(PROJECT_NAME)-windows-amd64.exe $(GOCMD)
+
+fmt: validate-go-version
+	gofmt -s -w .
+
+lint: validate-go-version
+	golangci-lint run --enable dupl,gofmt,revive
+
+test: validate-go-version
+	mkdir -p $(GOREPORTS)
+	go test -v ./... -coverprofile=$(GOREPORTS)/coverage.out -json > $(GOREPORTS)/report.json
+
+validate-go-version:
+	if [ $(GO_MAJOR_VERSION) -gt $(MINIMUM_SUPPORTED_GO_MAJOR_VERSION) ]; then \
+		exit 0 ;\
+	elif [ $(GO_MAJOR_VERSION) -lt $(MINIMUM_SUPPORTED_GO_MAJOR_VERSION) ]; then \
+		echo '$(GO_VERSION_VALIDATION_ERR_MSG)';\
+		exit 1; \
+	elif [ $(GO_MINOR_VERSION) -lt $(MINIMUM_SUPPORTED_GO_MINOR_VERSION) ] ; then \
+		echo '$(GO_VERSION_VALIDATION_ERR_MSG)';\
+		exit 1; \
+	fi
diff --git a/README.md b/README.md
@@ -4,74 +4,33 @@ The point of this project is to help demonstrate that users of GitHub could pote
 
 Programs like `ssh2john` from **John the Ripper** can best demonstrate how fast an SSH private key can be solved from a _not so_ complex algorithm with low key lengths (think RSA < 1024 bits).
 
-## Getting started
+## Installation
 
-### Releases
+`go get -u github.com/jef/audit-org-keys`
 
-| Tag | Description | 
-|:---:|---|
-| `latest` | Built against tagged releases; stable
-| `nightly` | Built against HEAD; generally considered stable, but could have problems |
-
-```
-GITHUB_ORGANIZATION=actions
-GITHUB_PAT=mysecrettoken
-
-docker run --rm -it \
-    --env "GITHUB_ORGANIZATION=$GITHUB_ORGANIZATION" \
-    --env "GITHUB_PAT=$GITHUB_PAT" \
-    "docker.pkg.github.com/jef/audit-org-keys/audit-org-keys:<tag>"
-```
-
-> :point_right: View [Available arguments](#available-arguments) and [Available environment variables](#available-environment-variables) below if you'd like to customize input and output
-
-### Development
-
-#### Requirements
+Also available under [GitHub Releases](https://github.com/jef/audit-org-keys/releases) as an executable.
 
-- Go 1.14+ or Docker
+## Usage
 
-#### Running
+It is required that you use a GitHub Personal Access Token (PAT). You can generate one [here](https://github.com/settings/tokens/new). The required scopes are `['read:org']`. Set your PAT to environment variable `GITHUB_TOKEN`. If `GITHUB_TOKEN` isn't set, then you may not get the results you expect.
 
-```sh
-GITHUB_ORGANIZATION=actions
-GITHUB_PAT=mysecrettoken
-
-# Golang
-go build
-./audit-org-keys
-
-# show users with multiple keys
-./audit-org-keys -show-users=multiple
-
-# Docker
-docker build -t audit-org-keys:localhost .
-
-docker run --rm -it \
-    --env "GITHUB_ORGANIZATION=$GITHUB_ORGANIZATION" \
-    --env "GITHUB_PAT=$GITHUB_PAT" \
-    audit-org-keys:localhost
-
-# show users without keys
-docker run --rm -it \
-    --env "GITHUB_ORGANIZATION=$GITHUB_ORGANIZATION" \
-    --env "GITHUB_PAT=$GITHUB_PAT" \
-    audit-org-keys:localhost -show-users=without
+```shell
+Usage of audit_org_keys:
+  -o, --organization string   [required] GitHub organization provided to inspect
+  -s, --show-users all        display users with filter (all, `with`, `without`, `multiple`)
 ```
 
-##### Available arguments
+### Examples
 
-- `-show-users=<filter>`: display users with filter (`all`, `with`, `without`, `multiple`)
+- `audit-org-keys --organization="actions"`
+- `audit-org-keys --organization="actions" --show-users="all"`
 
-##### Available environment variables
+## Releases
 
-- `GITHUB_ORGANIZATION`*: The organization under audit
-- `GITHUB_PAT`*: GitHub Personal Access Token
-    - [Create a PAT](https://github.com/settings/tokens) with `read:org` scope
-    - Some organizations have SSO; if yours does, then you also need to enable it
-- `LOG_LEVEL`: Sets zap log level
-
-> :point_right: Required denoted by `*`
+| Tag | Description | 
+|:---:|---|
+| `latest` | Built against tagged releases; stable
+| `nightly` | Built against HEAD; generally considered stable, but could have problems |
 
 ### Acknowledgments