ci build setup

.github/CODEOWNERS

@@ -0,0 +1,7 @@
+# This file allows Github to automatically request reviews from
+# code owners when certain files are changed.
+# Ref: https://github.com/blog/2392-introducing-de-owners
+
+*                  @razorpay/Tech
+
+ci.yml                      vivek.aggarwal@razorpay.com   sunny.aggrawal@razorpay.com   ankit.gupta@razorpay.com    amrendra.singh@razorpay.com  manikant.pandit@razorpay.com

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+- package-ecosystem: "gomod" # See documentation for possible values
+  directory: "/" # Location of package manifests
+  schedule:
+    interval: "daily"

.github/workflows/ci.yml

@@ -0,0 +1,76 @@
+name: CI
+on: [ push ]
+jobs:
+  cancel:
+    runs-on: [self-hosted]
+    name: Cancel Previous Runs
+    if: always()
+    steps:
+      - uses: styfle/cancel-workflow-action@d57d93c3a8110b00c3a2c0b64b8516013c9fd4c9
+        if: github.ref != 'refs/heads/master'
+        name: cancel old workflows
+        id: cancel
+        with:
+          access_token: ${{ github.token }}
+      - if: github.ref == 'refs/heads/master'
+        name: Don't cancel old workflows
+        id: dont_cancel
+        run: |
+          echo "Don't cancel old workflow"
+
+  build-statping-docker-image:
+    name: Docker image - statping
+    runs-on: [self-hosted]
+    steps:
+      - uses: actions/checkout@v2
+      - name: Build and push
+        uses: docker/build-push-action@v1
+        with:
+          registry: c.rzp.io
+          username: ${{ secrets.HARBOR_DOCKER_USERNAME }}
+          password: ${{ secrets.HARBOR_DOCKER_PASSWORD }}
+          repository: ${{ github.repository }}
+          dockerfile: ./Dockerfile
+          build_args: GIT_COMMIT_HASH=${{ github.sha }},GIT_TOKEN=${{ secrets.GIT_TOKEN }}
+          push: true
+          tags: service_${{ github.sha }}
+
+  fmt:
+    name: fmt
+    runs-on: [self-hosted]
+    continue-on-error: false
+    steps:
+      - name: checkout
+        id: checkout
+        uses: actions/checkout@v2
+      - name: format
+        uses: docker://golang:1.13-alpine3.10
+        env:
+          GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
+        with:
+          entrypoint: /bin/sh
+          args: ./scripts/run_tests.sh fmt drone
+
+  workflow_status:
+    runs-on: [self-hosted]
+    name: Update Status Check
+    needs: [ build-statping-docker-image]
+    if: always()
+    steps:
+      - name: Failed
+        id: failed
+        if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
+        run: |
+          echo 'Failing the workflow for github status check.'
+          curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
+          -d '{ "state" : "failure" , "context" : "github/combined-status-check" , "description" : "github/combined-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
+          https://api.github.com/repos/${{ github.repository }}/statuses/${{ github.sha }}
+          exit 1
+      - name: Success
+        if: steps.failed.conclusion == 'skipped'
+        run: |
+          echo 'Status check has passed!'
+          curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
+          -d '{ "state" : "success" , "context" : "github/combined-status-check" , "description" : "github/combined-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
+          https://api.github.com/repos/${{ github.repository }}/statuses/${{ github.sha }}
+          exit 0

.github/workflows/main.yml

@@ -0,0 +1,37 @@
+on:
+  pull_request:
+    types: [ opened, reopened, edited, synchronize]
+name: Mandatory-Jira-Check
+jobs:
+
+  Find-Jira-Id:
+    name: Find-Jira-Id
+    runs-on: [self-hosted]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@master
+
+      - name: Checkout GitHub Action Repo
+        uses: actions/checkout@v2
+        with:
+          repository: Razorpay/check-commit-jira
+          path: .github/actions/check-commit-jira
+          ref:  combined_check
+          token: ${{ secrets.GIT_TOKEN }}
+      - name: Login
+        uses: ./.github/actions/check-commit-jira/jira-login
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      #  Find Issue on JIRA
+      - name: Get Issue Key
+        id: find
+        uses: ./.github/actions/check-commit-jira/jira-issue-check
+        with:
+          from: pull_request
+      #  Print JIRA ID found on jira
+      - name: Find issue info
+        run: echo "Issue ${{ steps.find.outputs.issue }} was found"

.github/workflows/semgrep.yml

@@ -0,0 +1,14 @@
+name: Semgrep
+on: [pull_request, push]
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: [self-hosted]
+    steps:
+      - uses: actions/checkout@v2
+      - uses: returntocorp/semgrep-action@v1
+        with:
+          publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
+          publishDeployment: 339
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

scripts/run_tests.sh

@@ -0,0 +1,66 @@
+#!/bin/sh
+
+# set -eux
+
+test_env=$2
+if [[ "${test_env}" = "drone" ]]; then
+    echo "Setting up code"
+    ORIG_DIR=/github/workspace/
+    SRC_DIR=/go/src/github.com/razorpay/statping
+    mkdir -p ${SRC_DIR}
+    cp -Rp ${ORIG_DIR} ${SRC_DIR}
+    cd ${SRC_DIR}
+    cp -r workspace/* .
+fi
+
+if [[ "$1" = "fmt" ]]; then
+    echo "Running go fmt"
+    files=$(gofmt -l $(find . -type f -name '*.go' -not -path "./vendor/*") 2>&1)
+    if [[ "$files" ]]; then
+        echo "These files did not pass the gofmt check:"
+        echo ${files}
+        exit 1
+    fi
+fi
+
+if [[ "$1" = "test" ]]; then
+    echo "Installing dependencies"
+    apk add --no-cache git gcc musl-dev
+    export GO111MODULE="on"
+    echo 'exec echo ${GIT_TOKEN}' > /tmp/askpass.sh
+    chmod +x /tmp/askpass.sh
+    export GIT_ASKPASS=/tmp/askpass.sh
+    go mod vendor
+    go version
+    echo "Running mysql migrations"
+    go run cmd/migration/mysql/main.go -env=drone up
+    echo "Running postgres migrations"
+    go run cmd/migration/postgres/main.go -env=drone up
+    cp configs/drone.toml configs/test.toml
+
+    echo "Running tests ${DRONE_BRANCH}"
+
+    echo "Running Unit tests with coverage Test"
+    go generate ./...
+        #Interate all the go packages after listing it
+    list=$(go list ./...)
+    i=1
+    #Run the go test for each package and generate a cov with the package name
+    for pkg in $list
+       do
+            go test -coverprofile=pkg-$i.cover.out -coverpkg=./... -covermode=atomic $pkg
+            x=$?
+            i=$((i+1))
+            if [[ $x -ne 0 ]]; then
+                echo "Unit tests failed"
+                exit $x
+            fi
+       done
+
+    echo "mode: set" > sonarqube.cov && cat *.cover.out | grep -v mode: | sort -r | \
+        # Merge all the cov file and generate sonaqube.cov files
+    awk '{if($1 != last) {print $0;last=$1}}' >> sonarqube.cov
+        #Renaming the file with the drone_build_number to identify uniquely in drone
+    cp sonarqube.cov /github/workspace/sonarqube.cov
+    exit $?
+fi