version 3 (#16)

* initial rewrite of aws-nuke using libnuke * fix: gitignore * fix: add missing workflows * fix: disable push for branches * fix: do not run goreleaser on prs by default * fix: say yes to all cosign prompts * fix: the tags in which goreleaser builds * fix: goreleaser config * version: 3.0.0-beta.1 * fix: Dockerfile BREAKING CHANGE: tool no longer runs off default command, must use subcommand
ekristen · Jan 30, 2024 · a06c527 · a06c527
1 parent cd21b0f
commit a06c527
Show file tree

Hide file tree

Showing 507 changed files with 27,326 additions and 8,394 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
@@ -0,0 +1,53 @@
+name-template: "v$RESOLVED_VERSION"
+tag-template: "$RESOLVED_VERSION"
+version-template: "$MAJOR.$MINOR.$PATCH"
+version-resolver:
+  major:
+    labels:
+      - "major"
+  minor:
+    labels:
+      - "minor"
+      - "enhancement"
+  patch:
+    labels:
+      - "auto-update"
+      - "patch"
+      - "fix"
+      - "bugfix"
+      - "bug"
+      - "hotfix"
+  default: "minor"
+
+categories:
+  - title: "🚀 Enhancements"
+    labels:
+      - "enhancement"
+      - "patch"
+  - title: "🐛 Bug Fixes"
+    labels:
+      - "fix"
+      - "bugfix"
+      - "bug"
+      - "hotfix"
+  - title: "🤖 Automatic Updates"
+    labels:
+      - "auto-update"
+
+exclude-labels:
+  - "skip-changelog"
+
+change-template: |
+  <details>
+    <summary>$TITLE @$AUTHOR (#$NUMBER)</summary>
+    $BODY
+  </details>
+template: |
+  $CHANGES
+replacers:
+  # Remove irrelevant information from Renovate bot
+  - search: '/---\s+^#.*Renovate configuration(?:.|\n)*?This PR has been generated .*/gm'
+    replace: ""
+  # Remove Renovate bot banner image
+  - search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm'
+    replace: ""
diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
@@ -0,0 +1,60 @@
+name: docs
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - docs/**
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: setup pages
+        uses: actions/configure-pages@v3
+      - name: setup python
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
+      - name: setup cache
+        run: |
+          echo "cache_id=$(date --utc '+%V')" >> $GITHUB_ENV
+      - name: handle cache
+        uses: actions/cache@v3
+        with:
+          key: mkdocs-material-${{ env.cache_id }}
+          path: .cache
+          restore-keys: |
+            mkdocs-material-
+      - name: install mkdocs material
+        run: |
+          pip install mkdocs-material
+      - name: run mkdocs material
+        run: |
+          mkdocs build
+      - name: upload artifact
+        uses: actions/upload-pages-artifact@v1
+        with:
+          # Upload entire repository
+          path: public/
+      - name: deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v2
diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml
diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml
@@ -0,0 +1,24 @@
+name: release-drafter
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - .github/**
+      - docs/**
+
+permissions:
+  contents: write
+  pull-requests: read
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v5
+        with:
+          publish: false
+          prerelease: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.RELEASES_GITHUB_TOKEN }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,87 @@
+name: goreleaser
+
+on:
+  #pull_request:
+  #  branches:
+  #    - main
+  push:
+    branches:
+      - main
+    tags:
+      - "*.*.*"
+      - "v*.*.*"
+      - "v*.*.*-*"
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        if: github.event_name == 'pull_request'
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.ref }}
+      - uses: actions/checkout@v3
+        if: github.event_name == 'push'
+        with:
+          fetch-depth: 0
+      - name: setup-go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.21.x
+      - name: setup qemu
+        id: qemu
+        uses: docker/setup-qemu-action@v2
+      - name: setup docker buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: install cosign
+        uses: sigstore/cosign-installer@main
+        with:
+          cosign-release: "v2.0.1"
+      - name: setup cosign
+        run: |
+          echo "${COSIGN_KEY}" > "$GITHUB_WORKSPACE/cosign.key"
+        env:
+          COSIGN_KEY: ${{ secrets.COSIGN_KEY }}
+      - name: set goreleaser default args
+        if: startsWith(github.ref, 'refs/tags/') == true
+        run: |
+          echo "GORELEASER_ARGS=" >> $GITHUB_ENV
+      - name: set goreleaser args for branch
+        if: startsWith(github.ref, 'refs/tags/') == false
+        run: |
+          echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV
+      - name: set goreleaser args renovate
+        if: startsWith(github.ref, 'refs/heads/renovate') == true
+        run: |
+          echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV
+      - name: run goreleaser
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          distribution: goreleaser
+          version: latest
+          args: release --rm-dist ${{ env.GORELEASER_ARGS }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+      - name: push docker images (for branches)
+        if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main'
+        run: |
+          docker images --format "{{.Repository}}:{{.Tag}}" | grep "ekristen/aws-nuke" | xargs -L1 docker push
+      - name: upload artifacts
+        if: github.event.pull_request.base.ref == 'main'
+        uses: actions/upload-artifact@v3
+        with:
+          name: binaries
+          path: releases/*.tar.gz
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -0,0 +1,20 @@
+name: tests
+on:
+  pull_request:
+    branches:
+      - main
+jobs:
+  test:
+    name: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: 1.21.x
+      - name: download go mods
+        run: |
+          go mod download
+      - name: run go tests
+        run: |
+          go test -timeout 60s -run ./...
diff --git a/.gitignore b/.gitignore
@@ -1,11 +1,8 @@
-/vendor
-/aws-nuke
-/aws-nuke-*
-/dist
-/releases
-/mocks
+releases
 .envrc
 .idea
-config.yaml
 cosign.key
-*-config.yaml
+/config*.yaml
+/*-config.yaml
+/config.*.yaml
+