Add basic bits

.github/pull_request_template.md

@@ -0,0 +1,42 @@
+<!--
+Thanks for contributing!
+
+About this template:
+The following template aims to help contributors write a good description
+for their pull requests.
+We'd like you to provide a description of the changes in your pull request 
+(i.e. bugs fixed or features added), motivation behind the changes, and 
+complete the checklist below before opening a pull request.
+
+Feel free to discard it if you need to (e.g. when you just fix a typo). -->
+
+# Motivation / Background
+
+<!--
+Describe why this Pull Request needs to be merged. What bug have you fixed? 
+What feature have you added? Why is it important?
+If you are fixing a specific issue, include "Fixes #ISSUE" (replace 
+with the issue number, remove the quotes) and the issue will be linked
+to this PR.
+-->
+
+This Pull Request has been created because...
+
+## Additional information
+
+<!-- Provide additional information such as benchmarks, reference to 
+other repositories or alternative 
+solutions. -->
+
+# Checklist
+
+Before submitting the PR, make sure the following are checked:
+
+- [ ] Version file (/.version) is updated according to the
+[Semantic Version](https://semver.org/) rules.
+- [ ] This Pull Request is related to one change.
+Changes that are unrelated should be opened in separate PRs.
+- [ ] Commit message has a detailed description of what changed and why.
+If this PR fixes a related issue, include it in the commit message.
+Ex: _[Fixes #issue-number]_.
+- [ ] Tests are added or updated if you fix a bug or add a feature.

.github/workflows/cd.yml

@@ -0,0 +1,133 @@
+# When a PR is merged, or when run manually, this workflow will create a
+# release and publish the container image to the GitHub Container Registry. Both
+# will be labeled with the version specified in the manifest file.
+name: Continuous Delivery
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  CONTAINER_REGISTRY: ghcr.io
+  CONTAINER_REGISTRY_USERNAME: danielgospodinow
+  CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GH_DANIELGOSPODINOW_PACKAGES_ACCESS_TOKEN }}
+  MANIFEST_PATH: .version
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  release:
+    name: Create Release
+    runs-on: ubuntu-latest
+
+    # Ignore Dependabot pull requests.
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.pull_request.merged == true &&
+      github.event.pull_request.user.login != 'dependabot[bot]')
+
+    outputs:
+      # Semantic version to use for tagging container images.
+      # E.g. `1.2.3` or `1.2.3-alpha.4`
+      version: ${{ steps.tag.outputs.version }}
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+          ref: main
+
+      - name: Tag Version
+        id: tag
+        uses: issue-ops/[email protected]
+        with:
+          manifest-path: ${{ env.MANIFEST_PATH }}
+          ref: main
+          workspace: ${{ github.workspace }}
+
+      - name: Create Release
+        id: release
+        uses: issue-ops/[email protected]
+        with:
+          tag: v${{ steps.tag.outputs.version }}
+
+  publish:
+    name: Publish Container Image
+    runs-on: ubuntu-latest
+
+    needs: release
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+          ref: main
+
+      # Create the list of image tags that will be published. If a prerelease is
+      # being published (e.g. `1.2.3-alpha.4`), only the prerelease tag will be
+      # published (`v1.2.3-alpha.4`). Otherwise, the following tags will be
+      # published:
+      # - `latest`
+      # - `v1.2.3`
+      # - `v1.2`
+      # - `v1`
+      - name: Set Image Tags
+        id: tags
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const version = '${{ needs.release.outputs.version }}'
+
+            // Check if prerelease (e.g. 1.2.3-alpha.4)
+            if (version.includes('-')) {
+              // Only output the prerelease tag
+              core.setOutput('tags', `type=raw,value=v${version}`)
+            } else {
+              // Output all the tags
+              let tags = [
+                'type=raw,value=latest',
+                `type=raw,value=v${version}`,
+                `type=raw,value=v${version.split('.').slice(0, 2).join('.')}`,
+                `type=raw,value=v${version.split('.')[0]}`
+              ]
+              core.setOutput('tags', tags.join('\n'))
+            }
+
+      # Get metadata to apply to image
+      - name: Extract Metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.CONTAINER_REGISTRY }}/${{ github.repository }}
+          tags: ${{ steps.tags.outputs.tags }}
+
+      # Authenticate to the container registry
+      - name: Authenticate to Container Registry
+        id: login
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ env.CONTAINER_REGISTRY_USERNAME }}
+          password: ${{ env.CONTAINER_REGISTRY_PASSWORD }}
+
+      # Publish the container image
+      - name: Publish Container Image
+        id: publish
+        uses: docker/build-push-action@v5
+        env:
+          LABELS: ${{ steps.meta.outputs.labels }}
+          TAGS: ${{ steps.meta.outputs.tags }}
+        with:
+          labels: ${{ env.LABELS }}
+          push: true
+          tags: ${{ env.TAGS }}

.github/workflows/ci.yml

@@ -10,8 +10,8 @@ permissions:
   contents: read
 
 jobs:
-  test-docker:
-    name: Docker Tests
+  test:
+    name: Test Container Image
     runs-on: ubuntu-latest
 
     # Run a local registry to push to
@@ -22,7 +22,7 @@ jobs:
           - 5001:5000
 
     env:
-      TEST_TAG: localhost:5001/actions/container-action:latest
+      TEST_TAG: localhost:5001/qbaware/nilaway-action:latest
 
     steps:
       - name: Checkout
@@ -47,27 +47,10 @@ jobs:
       - name: Run the Container
         id: run
         env:
-          INPUT_WHO_TO_GREET: Mona Lisa Octocat
+          RENDER_API_KEY: 123456789
+          RENDER_SERVICE_ID: 123456789
         run: |
           docker run \
-            --env INPUT_WHO_TO_GREET="${{ env.INPUT_WHO_TO_GREET }}" \
-            --rm ${{ env.TEST_TAG }}
-
-  test-action:
-    name: GitHub Actions Test
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        id: checkout
-        uses: actions/checkout@v4
-
-      - name: Test Local Action
-        id: test-action
-        uses: ./
-        with:
-          who-to-greet: Mona Lisa Octocat
-
-      - name: Print Output
-        id: output
-        run: echo "${{ steps.test-action.outputs.greeting }}"
+            --env RENDER_API_KEY="${{ env.RENDER_API_KEY }}" \
+            --env RENDER_SERVICE_ID="${{ env.RENDER_SERVICE_ID }}" \
+            --rm ${{ env.TEST_TAG }} || true

.github/workflows/version-check.yml

@@ -0,0 +1,40 @@
+# This workflow checks the version of the container image that is being built
+# in the current pull request. If the version has already been published, the
+# workflow fails to prevent PRs from being merged until the version has been
+# incremented in the manifest file.
+name: Version Check
+
+on:
+  pull_request:
+    branches:
+      - main
+
+env:
+  MANIFEST_PATH: .version
+
+permissions:
+  checks: write
+  contents: read
+  pull-requests: write
+
+jobs:
+  check-version:
+    name: Version Check
+    runs-on: ubuntu-latest
+
+    if: ${{ github.actor != 'dependabot[bot]' }}
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+          fetch-depth: 0
+
+      - name: Check Version
+        id: check-version
+        uses: issue-ops/[email protected]
+        with:
+          check-only: true
+          manifest-path: ${{ env.MANIFEST_PATH }}

.version

@@ -0,0 +1 @@
+0.0.1

CODEOWNERS

@@ -1,3 +1,5 @@
 # Repository CODEOWNERS
 
-* @actions/actions-oss-maintainers
+@danielgospodinow
+
+@qbaware/nilaway-action

Dockerfile

@@ -1,11 +1,9 @@
-# Set the base image to use for subsequent instructions
-FROM alpine:3.19
+FROM golang:1.21
 
-# Set the working directory inside the container
-WORKDIR /usr/src
+ENV PACKAGE_TO_SCAN=$PACKAGE_TO_SCAN
 
-# Copy any source file(s) required for the action
-COPY entrypoint.sh .
+WORKDIR /github/workspace
 
-# Configure the container to be run as an executable
-ENTRYPOINT ["/usr/src/entrypoint.sh"]
+RUN go install go.uber.org/nilaway/cmd/nilaway@latest
+
+ENTRYPOINT nilaway ${PACKAGE_TO_SCAN}