Skip to content

Commit 85caa8d

Browse files
author
Nathan Gillett
committed
chore(sdk-go): add repository scaffold, CI, and DCO
Apache 2.0 Tier-1 Go SDK shell matching Node/Python SDK repos. No implementation yet; CI skips tests until Go sources land. Signed-off-by: Nathan Gillett <nathan@intentproof.io>
0 parents  commit 85caa8d

10 files changed

Lines changed: 469 additions & 0 deletions

File tree

.github/workflows/ci.yml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
name: ci
2+
3+
on:
4+
push:
5+
branches: [main]
6+
pull_request:
7+
branches: [main]
8+
9+
jobs:
10+
build-test:
11+
name: "IntentProof CI: Build and Test"
12+
runs-on: ubuntu-latest
13+
steps:
14+
- uses: actions/checkout@v4
15+
16+
- uses: actions/setup-go@v5
17+
with:
18+
go-version: '1.25'
19+
20+
- name: Verify module metadata
21+
run: go mod verify
22+
23+
- name: Run tests
24+
run: |
25+
if [ -z "$(find . -name '*.go' -not -path './.git/*')" ]; then
26+
echo "No Go source files found (project scaffold only)"
27+
exit 0
28+
fi
29+
go test ./...

.github/workflows/dco.yml

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
name: dco
2+
3+
on:
4+
pull_request:
5+
6+
jobs:
7+
check:
8+
name: "IntentProof CI: DCO"
9+
runs-on: ubuntu-latest
10+
steps:
11+
- uses: actions/checkout@v4
12+
with:
13+
fetch-depth: 0
14+
15+
- name: Require Signed-off-by trailer on every commit
16+
run: |
17+
base="${{ github.event.pull_request.base.sha }}"
18+
head="${{ github.event.pull_request.head.sha }}"
19+
fail=0
20+
for sha in $(git rev-list "$base".."$head"); do
21+
body=$(git log -1 --format=%B "$sha")
22+
author_email=$(git log -1 --format=%ae "$sha")
23+
soby=$(echo "$body" | grep -oE '^Signed-off-by: .+ <.+@.+>$' || true)
24+
if [ -z "$soby" ]; then
25+
echo "Commit $sha is missing a Signed-off-by trailer." >&2
26+
fail=1
27+
else
28+
soby_email=$(echo "$soby" | grep -oE '<.+@.+>' | tr -d '<>')
29+
if [ "$soby_email" != "$author_email" ]; then
30+
echo "Commit $sha: Signed-off-by email ($soby_email) does not match author email ($author_email)." >&2
31+
fail=1
32+
fi
33+
fi
34+
done
35+
if [[ $fail -ne 0 ]]; then
36+
echo "" >&2
37+
echo "All commits in this PR must be signed off via the DCO." >&2
38+
echo "See CONTRIBUTING.md. Use 'git commit -s' or amend with 'git commit --amend -s'." >&2
39+
exit 1
40+
fi
41+
echo "PASS: all commits carry Signed-off-by trailers."
Lines changed: 82 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,82 @@
1+
name: release signing dry run
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
release_version:
7+
description: SemVer version to place in dry-run attestations.
8+
required: true
9+
default: 0.0.0-dryrun
10+
type: string
11+
release_ref:
12+
description: Git ref to check out for the dry run.
13+
required: true
14+
default: refs/heads/main
15+
type: string
16+
17+
jobs:
18+
build-go-module:
19+
name: "IntentProof Release: Build Go Module Archive"
20+
permissions:
21+
contents: read
22+
runs-on: ubuntu-latest
23+
outputs:
24+
artifact_paths: ${{ steps.archive.outputs.artifact_paths }}
25+
steps:
26+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
27+
with:
28+
ref: ${{ inputs.release_ref }}
29+
30+
- uses: actions/setup-go@40b3466c64957d331b6193b26c7cd62c6e411fd6
31+
with:
32+
go-version: '1.25'
33+
34+
- name: Verify module metadata
35+
run: go mod verify
36+
37+
- name: Run tests
38+
run: |
39+
if [ -z "$(find . -name '*.go' -not -path './.git/*')" ]; then
40+
echo "No Go source files found (project scaffold only)"
41+
exit 0
42+
fi
43+
go test ./...
44+
45+
- name: Package module source archive
46+
run: |
47+
mkdir -p dist
48+
tar czf "dist/intentproof-sdk-go-${{ inputs.release_version }}.tar.gz" \
49+
go.mod LICENSE NOTICE README.md CONTRIBUTING.md SECURITY.md
50+
51+
- name: Export archive paths
52+
id: archive
53+
run: |
54+
{
55+
echo 'artifact_paths<<EOF'
56+
find dist -maxdepth 1 -type f | sort
57+
echo 'EOF'
58+
} >> "$GITHUB_OUTPUT"
59+
60+
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
61+
with:
62+
name: go-release-dry-run
63+
path: dist/*
64+
65+
sign-go-module:
66+
name: "IntentProof Release: Sign Go Module Archive"
67+
needs: build-go-module
68+
permissions:
69+
attestations: write
70+
contents: write
71+
id-token: write
72+
packages: write
73+
uses: IntentProof/intentproof-tools/.github/workflows/release-build-sign.yml@317387a9724787e4ac484f39de46d7e559b6c98d
74+
with:
75+
artifact_kind: generic
76+
subject_name: intentproof-sdk-go
77+
release_version: ${{ inputs.release_version }}
78+
release_ref: ${{ inputs.release_ref }}
79+
artifact_paths: ${{ needs.build-go-module.outputs.artifact_paths }}
80+
artifact_download_name: go-release-dry-run
81+
artifact_download_path: dist
82+
attest_to_rekor: false

.gitignore

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
# Binaries
2+
*.exe
3+
*.exe~
4+
*.dll
5+
*.so
6+
*.dylib
7+
8+
# Test / coverage
9+
*.test
10+
*.out
11+
coverage.out
12+
coverage.html
13+
14+
# Build output
15+
/bin/
16+
/dist/
17+
18+
# Editor / OS
19+
.DS_Store

CONTRIBUTING.md

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
# Contributing to intentproof-sdk-go
2+
3+
Thanks for your interest in IntentProof.
4+
5+
## Issues welcome
6+
7+
Please report bugs, API gaps, and conformance findings via
8+
[GitHub Issues](https://github.com/IntentProof/intentproof-sdk-go/issues).
9+
That is the primary way to help right now.
10+
11+
We do **not** accept unsolicited pull requests from outside the
12+
maintainer team. If you are a customer or partner with a change that
13+
must land upstream, contact IntentProof, Inc. before opening a PR.
14+
15+
Maintainer commits use the Developer Certificate of Origin (DCO) below.
16+
17+
## Developer Certificate of Origin (DCO)
18+
19+
Merged commits in this repository use the
20+
[Developer Certificate of Origin 1.1](https://developercertificate.org/).
21+
22+
Every commit must carry a `Signed-off-by:` trailer matching the
23+
author email. The easiest way to do this is to pass `-s` to `git
24+
commit`:
25+
26+
```bash
27+
git commit -s -m "..."
28+
```
29+
30+
You can also retroactively sign off the last commit with:
31+
32+
```bash
33+
git commit --amend --no-edit -s
34+
```
35+
36+
Then force-push the amended branch:
37+
38+
```bash
39+
git push --force-with-lease
40+
```
41+
42+
Commits that do not include a valid `Signed-off-by` trailer will
43+
be rejected by CI.
44+
45+
## License
46+
47+
By contributing as a maintainer, you agree your commits are licensed
48+
under the Apache License 2.0 (see `LICENSE`).

0 commit comments

Comments
 (0)