init repo

Author: Eikykun

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,68 @@
+<!-- Thank you for contributing to Karbour!
+
+Note: 
+
+1. With pull requests:
+
+    - Open your pull request against "main"
+    - Your pull request should have no more than three commits, if not you should squash them.
+    - It should pass all tests in the available continuous integration systems such as GitHub Actions.
+    - You should add/modify tests to cover your proposed code changes.
+    - If your pull request contains a new feature, please document it on the README.
+
+2. Please create an issue first to describe the problem.
+
+    We recommend that link the issue with the PR in the following question.
+    For more info, check https://kusionstack.io/docs/governance/contribute/
+-->
+
+## What type of PR is this?
+
+<!--
+Add one of the following kinds:
+/kind bug
+/kind cleanup
+/kind documentation
+/kind feature
+/kind chore
+-->
+
+## What this PR does / why we need it:
+
+## Which issue(s) this PR fixes:
+
+<!--
+*Automatically closes linked issue when PR is merged.
+Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
+_If PR is about `failing-tests or flakes`, please post the related issues/tests in a comment and do not use `Fixes`_*
+-->
+
+Fixes #
+
+## Special notes for your reviewer:
+
+### Does this PR introduce a user-facing change?
+
+<!--
+If no, just write "NONE" in the release-note block below.
+If yes, a release note is required:
+Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
+
+-->
+
+```release-note
+
+```
+
+### Additional documentation e.g., design docs, usage docs, etc.:
+
+<!--
+Please use the following format for linking documentation:
+- [Design]: <link>
+- [Usage]: <link>
+- [Other doc]: <link>
+-->
+
+```docs
+
+```

.github/workflows/check.yaml

@@ -0,0 +1,133 @@
+# Reference from:
+# https://github.com/c-bata/go-prompt/blob/master/.github/workflows/test.yml
+name: Check
+on:
+  pull_request:
+    branches:
+      - main
+  push:
+    branches:
+      - main
+jobs:
+  Test:
+    name: Unit Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up Go 1.19
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.19
+
+      - run: go build ./...
+      - run: go vet ./...
+
+      - name: Running go tests with coverage
+        env:
+          GO111MODULE: on
+        run: make cover
+      # - name: Send coverage
+      #   uses: shogo82148/actions-goveralls@v1
+      #   with:
+      #     path-to-profile: coverage.out
+
+  GolangLint:
+    name: Golang Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Set up Go 1.19
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.19
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
+          version: latest
+
+  # Lints Pull Request commits with commitlint.
+  #
+  # Rules can be referenced:
+  # https://github.com/conventional-changelog/commitlint/tree/master/%40commitlint/config-conventional
+#  CommitLint:
+#    name: Commit Lint
+#    runs-on: ubuntu-latest
+#    if: contains(fromJSON('["pull_request"]'), github.event_name)
+#    steps:
+#      - name: Checkout
+#        uses: actions/checkout@v3
+#        with:
+#          fetch-depth: 0
+#      - uses: wagoid/commitlint-github-action@v5
+
+  # Lints Pull Request title, because the title will be used as the
+  # commit message in branch main.
+  #
+  # Configuration detail can be referenced:
+  # https://github.com/marketplace/actions/pull-request-title-rules
+
+#  PullRequestTitleLint:
+#    name: Pull Request Title Lint
+#    runs-on: ubuntu-latest
+#    if: contains(fromJSON('["pull_request"]'), github.event_name)
+#    steps:
+#      - uses: deepakputhraya/action-pr-title@master
+#        with:
+#          allowed_prefixes: 'build,chore,ci,docs,feat,fix,perf,refactor,revert,style,test' # title should start with the given prefix
+#          disallowed_prefixes: 'WIP,[WIP]' # title should not start with the given prefix
+#          prefix_case_sensitive: false # title prefix are case insensitive
+#          min_length: 5 # Min length of the title
+#          max_length: 80 # Max length of the title
+#          github_token: ${{ github.token }} # Default: ${{ github.token }}
+
+  LicenseCheck:
+    name: License Check
+    runs-on: ubuntu-latest
+    env:
+      TERM: xterm
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: apache/skywalking-eyes@main
+
+  # The TruffleHog OSS Github Action can be used to scan a range of commits for leaked credentials. The action will fail if any results are found.
+  # More see: https://github.com/marketplace/actions/trufflehog-oss
+  SecretScan:
+    name: Secret Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: TruffleHog OSS
+        uses: trufflesecurity/trufflehog@main
+        with:
+          path: ./
+          base: ${{ github.event.repository.default_branch }}
+          head: HEAD
+          extra_args: --debug --json
+
+  # TODO: Uncomment when the repository is publicly.
+  # DependencyReview:
+  #   permissions:
+  #     actions: read
+  #     contents: read
+  #     security-events: write
+  #   name: Dependency Review
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #       with:
+  #         fetch-depth: 0
+  #     - uses: actions/dependency-review-action@v3
+  #       with:
+  #         fail-on-severity: critical

.github/workflows/ci.yaml

@@ -0,0 +1,40 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+  pull_request: {}
+  workflow_dispatch: {}
+
+env:
+  # Common versions
+  GO_VERSION: '1.18'
+  GOLANGCI_VERSION: 'v1.42'
+
+jobs:
+
+  ci-build-test:
+    name: ci-build
+    runs-on: ubuntu-18.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: true
+      - name: Setup Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ env.GO_VERSION }}
+      - name: Install Protoc
+        uses: arduino/setup-protoc@v1
+        with:
+          version: '3.15.x'
+      - name: Build and Test
+        run: |
+          make build test
+      - name: Check diff
+        run: |
+          git status
+          [[ -z $(git status -s) ]] || (git status; printf "Existing modified/untracked files.\nPlease run \"make generate manifests\" and push again.\n"; exit 1)

.gitignore

@@ -0,0 +1,19 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+/bin/
+/testbin/
+bin/
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+.idea/

.licenserc.yaml

@@ -0,0 +1,60 @@
+header:
+  license:
+    spdx-id: Apache-2.0
+    copyright-owner: The KusionStack Authors
+    content: |
+      Licensed under the Apache License, Version 2.0 (the "License");
+      you may not use this file except in compliance with the License.
+      You may obtain a copy of the License at
+      
+      http://www.apache.org/licenses/LICENSE-2.0
+      
+      Unless required by applicable law or agreed to in writing, software
+      distributed under the License is distributed on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+      See the License for the specific language governing permissions and
+      limitations under the License.
+  paths:
+    - '**'
+  paths-ignore:
+    - '**/*.conf'
+    - '**/*.DS_Store'
+    - '**/*.json'
+    - '**/*.lock'
+    - '**/*.Dockerfile'
+    - '**/*.sh'
+    - '**/*.yaml'
+    - '**/*.md'
+    - '**/*.mk'
+    - '**/*.svg'
+    - '**/*.txt'
+    - '**/*.xlf'
+    - '**/.husky/**'
+    - '**/node_modules/**'
+    - '**/.babelrc'
+    - '**/.browserslistrc'
+    - '**/.editorconfig'
+    - '**/.jsbeautifyrc'
+    - '**/.yarnrc.yml'
+    - '**/config_repos'
+    - '**/go.mod'
+    - '**/go.sum'
+    - '**/go.work'
+    - '**/go.work.sum'
+    - '**/lcov.info'
+    - '**/Makefile'
+    - '**/OWNERS'
+    - '.github/**'
+    - '.idea/**'
+    - '.vscode/**'
+    - '.dist/**'
+    - '.husky/**'
+    - 'hack/**'
+    - 'LICENSE'
+    - 'OWNERS_ALIASES'
+    - 'SECURITY_CONTACTS'
+    - 'vendor/**'
+    - '.gitignore'
+    - '.licenserc'
+  comment: never
+  license-location-threshold: 80