Project setup

Author: alenon

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,69 @@
+---
+name: "🐛 Bug Report"
+description: Create a report to help us improve
+labels: [bug]
+body:
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the bug
+      description: What is the problem? A clear and concise description of the bug.
+    validations:
+      required: true
+
+  - type: textarea
+    id: current
+    attributes:
+      label: Current behavior
+      description: |
+        Please include full errors, uncaught exceptions, screenshots, and relevant logs.
+        Using environment variable JFROG_CLI_LOG_LEVEL="DEBUG" upon running the command will provide more log information.
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Reproduction steps
+      description: |
+        Provide steps to reproduce the behavior.
+    validations:
+      required: false
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+      description: |
+        What did you expect to happen?
+    validations:
+      required: false
+
+  - type: input
+    id: cli-application-version
+    attributes:
+      label: JFrog CLI-Application version
+    validations:
+      required: true
+      
+  - type: input
+    id: cli-version
+    attributes:
+      label: JFrog CLI version (if applicable)
+      description: using "jf --version"
+    validations:
+      required: false
+
+  - type: input
+    id: os-version
+    attributes:
+      label: Operating system type and version
+    validations:
+      required: true
+
+  - type: input
+    id: app-version
+    attributes:
+      label: JFrog Application version
+    validations:
+      required: false

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: ⭐️ Feature request
+about: Suggest an idea for this project
+title: ''
+labels: feature request
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like to see**
+A clear and concise description of the new feature.
+
+**Describe alternatives you've considered**
+If applicable, a clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,8 @@
+---
+name: ❓ Question
+about: Ask a question
+title: ''
+labels: question
+assignees: ''
+
+---

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,9 @@
+- [ ] The pull request is targeting the `main` branch.
+- [ ] The code has been validated to compile successfully by running `go vet ./...`.
+- [ ] The code has been formatted properly using `go fmt ./...`.
+- [ ] All [static analysis checks](https://github.com/jfrog/jfrog-cli-application/actions/workflows/analysis.yml) passed.
+- [ ] All [tests](https://github.com/jfrog/jfrog-cli-application/actions/workflows/tests.yml) have passed. If this feature is not already covered by the tests, new tests have been added.
+- [ ] All integration tests have passed locally as they cannot be automated yet.
+- [ ] All changes are detailed at the description. if not already covered at [JFrog Documentation](https://github.com/jfrog/documentation), new documentation have been added.
+
+-----

.github/release.yml

@@ -0,0 +1,20 @@
+changelog:
+  exclude:
+    labels:
+      - ignore for release
+  categories:
+    - title: Breaking Changes 🚨
+      labels:
+        - breaking change
+    - title: Exciting New Features 🎉
+      labels:
+        - new feature
+    - title: Improvements 🌱
+      labels:
+        - improvement
+    - title: Bug Fixes 🛠
+      labels:
+        - bug
+    - title: Other Changes 📚
+      labels:
+        - "*"

.github/scripts/gotest.sh

@@ -0,0 +1,89 @@
+#!/usr/bin/env bash
+
+set -e
+
+DEBUG="${DEBUG:-false}"
+GOCMD="${GOCMD:-go}"
+OUTFILE="${OUTFILE:-}"
+XUNIT_OUTFILE="${XUNIT_OUTFILE:-}"
+JSON_OUTFILE="${JSON_OUTFILE:-}"
+COVERAGE_OUTFILE="${COVERAGE_OUTFILE:-}"
+
+function echoDebug {
+  if [[ "${DEBUG}" == true ]]; then
+    echo "[gotest.sh] $@"
+  fi
+}
+
+if [[ -n "${OUTFILE}" ]]; then
+  mkdir -p "$(dirname "${OUTFILE}")"
+else
+  OUTFILE="$(mktemp)"
+fi
+if [[ -n "${XUNIT_OUTFILE}" ]]; then
+  mkdir -p "$(dirname "${XUNIT_OUTFILE}")"
+fi
+if [[ -n "${JSON_OUTFILE}" ]]; then
+  mkdir -p "$(dirname "${JSON_OUTFILE}")"
+fi
+if [[ -n "${COVERAGE_OUTFILE}" ]]; then
+  mkdir -p "$(dirname "${COVERAGE_OUTFILE}")"
+fi
+
+echoDebug "GOCMD: ${GOCMD}"
+echoDebug "Raw output file:      ${OUTFILE}"
+echoDebug "JSON output file:     ${JSON_OUTFILE}"
+echoDebug "xUnit output file:    ${XUNIT_OUTFILE}"
+echoDebug "Coverage output file: ${COVERAGE_OUTFILE}"
+
+exitCodeFile="$(mktemp)"
+echo "0" > "${exitCodeFile}"
+declare -a modargs
+GORACE="-race"
+for value in "$@"; do
+    if [ "$value" = "-norace" ]; then
+        GORACE=""
+    elif [ "$value" != "-race" ]; then
+        modargs+=("$value")
+    fi
+done
+modargs+=("$GORACE")
+
+if [[ -n "${COVERAGE_OUTFILE}" ]]; then
+    echoDebug "Collecting packages for coverage report..."
+    coverpkg=""
+    for pkg in $(go list ./...); do
+        if [[ -n "${coverpkg}" ]]; then
+            coverpkg="${coverpkg},"
+        fi
+        coverpkg="${coverpkg}${pkg}"
+    done
+    modargs+=("-coverpkg=${coverpkg}")
+    modargs+=("-coverprofile=${COVERAGE_OUTFILE}")
+fi
+
+if [[ -n "${XUNIT_OUTFILE}" ]]; then
+    # jstemmer/go-junit-report requires verbose output
+    modargs+=("-v")
+fi
+
+echoDebug "Running ${GOCMD} test ${modargs[*]}"
+# Disable log coloring (ANSI codes are invalid xml characters)
+(2>&1 DEV_DISABLE_LOG_COLORS=true ${GOCMD} test ${modargs[*]} || echo "$?" > "${exitCodeFile}") | tee "${OUTFILE}"
+exitCode="$(cat "${exitCodeFile}")"
+echoDebug "Tests Exit Code: $exitCode"
+
+if [[ -n "${JSON_OUTFILE}" ]]; then
+  echoDebug "Gernerating JSON test report at: ${JSON_OUTFILE}"
+  go tool test2json < "${OUTFILE}" > "${JSON_OUTFILE}"
+fi
+
+if [[ -n "${XUNIT_OUTFILE}" ]]; then
+  echoDebug "Ensuring jstemmer/go-junit-report is installed"
+  ${GOCMD} install github.com/jstemmer/[email protected]
+  echoDebug "Generating xUnit test report at: ${XUNIT_OUTFILE}"
+  go-junit-report < "${OUTFILE}" > "${XUNIT_OUTFILE}"
+fi
+
+echoDebug "Done"
+exit "$exitCode"

.github/workflows/analysis.yml

@@ -0,0 +1,57 @@
+name: "Static Analysis"
+on:
+  push:
+    branches:
+      - '**'
+    tags-ignore:
+      - '**'
+  pull_request:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  Go-Lint:
+    name: Lint ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu, windows, macos ]
+    runs-on: ${{ matrix.os }}-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
+      - name: Run Go vet
+        run: go vet -v ./...
+
+  Static-Check:
+    name: Static Check ubuntu-latest
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
+      - name: Run golangci linter
+        uses: jfrog/.github/actions/golangci-lint@main
+        
+  Go-Sec:
+    name: Go-Sec ubuntu-latest
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+        
+      - name: Run Go-Sec scanner
+        uses: jfrog/.github/actions/gosec-scanner@main
+

.github/workflows/cla.yml

@@ -0,0 +1,19 @@
+name: "CLA Assistant"
+on:
+  # issue_comment triggers this action on each comment on issues and pull requests
+  issue_comment:
+    types: [ created ]
+  pull_request_target:
+    types: [ opened, synchronize ]
+
+jobs:
+  CLAssistant:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run CLA Check
+        uses: jfrog/.github/actions/cla@main
+        with:
+          event_comment_body: ${{ github.event.comment.body }}
+          event_name: ${{ github.event_name }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}

.github/workflows/frogbot-scan-pull-request.yml

@@ -0,0 +1,47 @@
+name: "Frogbot Scan Pull Request"
+on:
+  pull_request_target:
+    types: [ opened, synchronize ]
+permissions:
+  pull-requests: write
+  contents: read
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token is automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Optional]
+          # Configure the SMTP server to enable Frogbot to send emails with detected secrets in pull request scans.
+          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
+          # JF_SMTP_SERVER: ${{ secrets.JF_SMTP_SERVER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The username required for authenticating with the SMTP server.
+          #JF_SMTP_USER: ${{ secrets.JF_SMTP_USER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The password associated with the username required for authentication with the SMTP server.
+          # JF_SMTP_PASSWORD: ${{ secrets.JF_SMTP_PASSWORD }}
+
+          # [Optional]
+          # List of comma separated email addresses to receive email notifications about secrets
+          # detected during pull request scanning. The notification is also sent to the email set
+          # in the committer git profile regardless of whether this variable is set or not.
+          JF_EMAIL_RECEIVERS: "[email protected]"

.github/workflows/frogbot-scan-repository.yml

@@ -0,0 +1,36 @@
+name: "Frogbot Scan Repository"
+on:
+  workflow_dispatch:
+  schedule:
+    # The repository will be scanned once a day at 00:00 GMT.
+    - cron: "0 0 * * *"
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+jobs:
+  scan-repository:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The repository scanning will be triggered periodically on the following branches.
+        branch: [ "main" ]
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token is automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Mandatory]
+          # The name of the branch on which Frogbot will perform the scan
+          JF_GIT_BASE_BRANCH: ${{ matrix.branch }}