-
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.env.base
More file actions
409 lines (337 loc) · 17.4 KB
/
.env.base
File metadata and controls
409 lines (337 loc) · 17.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
# ================================================================================================
# 🏰 GoFortress Base Configuration (.env.base)
# ================================================================================================
#
# Purpose: Base configuration defaults for GoFortress CI/CD workflows and tools.
# This file contains the standard configuration that works for most Go projects.
#
# Override Strategy:
# - This file (.env.base) contains DEFAULT values for all configuration
# - Project-specific overrides go in .env.custom (optional)
# - .env.custom values take precedence over .env.base values
#
# Tools:
# - GoFortress
# - go-coverage
# - go-pre-commit
# - GitHub Workflows
#
# Maintainer: @mrz1836
#
# ================================================================================================
# ================================================================================================
# 🎯 GO VERSION CONFIGURATION
# ================================================================================================
# Primary Go version for builds and primary test runner
# This version is used for coverage, benchmarks, and release builds
GO_PRIMARY_VERSION=1.24.x
# Secondary Go version for compatibility testing
# Set to same as primary to test with single version only
GO_SECONDARY_VERSION=1.24.x
# ================================================================================================
# 🖥️ RUNNER CONFIGURATION
# ================================================================================================
# Primary runner OS for most CI jobs
# Options: ubuntu-24.04, ubuntu-22.04, macos-15
# Note: macOS runners are 10x more expensive than Linux
PRIMARY_RUNNER=ubuntu-24.04
# Secondary runner for cross-platform compatibility testing
# Set identical to PRIMARY_RUNNER for single-OS testing
SECONDARY_RUNNER=ubuntu-24.04
# ================================================================================================
# 🔑 GITHUB TOKEN CONFIGURATION
# ================================================================================================
# Preferred GitHub token for API operations
# GH_PAT_TOKEN: Personal Access Token (5000 requests/hour) - requires secret
# GITHUB_TOKEN: Default workflow token (1000 requests/hour) - always available
PREFERRED_GITHUB_TOKEN=GH_PAT_TOKEN
# ================================================================================================
# ✨ FEATURE FLAGS
# ================================================================================================
# Core Features
ENABLE_BENCHMARKS=true # Run benchmark tests
ENABLE_CODE_COVERAGE=true # Generate coverage reports via go-coverage
ENABLE_FUZZ_TESTING=true # Run fuzz tests (Go 1.18+)
ENABLE_RACE_DETECTION=true # Enable Go race detector
ENABLE_STATIC_ANALYSIS=true # Run go vet analysis
ENABLE_VERBOSE_TEST_OUTPUT=false # Verbose test output (can slow CI)
# Code Quality Tools
ENABLE_GO_LINT=true # Run MAGE-X linter (golangci-lint)
ENABLE_GO_PRE_COMMIT=true # Run go-pre-commit checks
ENABLE_YAML_LINT=true # Validate YAML with prettier
# Security Scanning
ENABLE_SECURITY_SCAN_GITLEAKS=true # Scan for leaked secrets
ENABLE_SECURITY_SCAN_GOVULNCHECK=true # Go vulnerability scanning
ENABLE_SECURITY_SCAN_NANCY=true # Dependency vulnerability checks
# Documentation & Publishing
ENABLE_GODOCS_PUBLISHING=true # Publish to pkg.go.dev on tag/releases
# ================================================================================================
# ⚙️ TEST CONFIGURATION
# ================================================================================================
# Test Output Configuration
TEST_OUTPUT_MODE=SMART # Options: FULL, FAILURES_ONLY, SMART
TEST_OUTPUT_SMART_THRESHOLD=500 # Switch to failure-only mode above this test count
TEST_FAILURE_DETAIL_COUNT=50 # How many failures to show with full details
TEST_FAILURE_ANNOTATION_COUNT=10 # GitHub annotations (hard limit is 50)
TEST_OUTPUT_COMPRESS_ARTIFACTS=true # Gzip large outputs
TEST_OUTPUT_ARTIFACT_RETENTION_DAYS=7 # Keep test artifacts for debugging
# Test Execution Timeouts
TEST_TIMEOUT=30m # Go test timeout for standard tests
TEST_TIMEOUT_RACE_COVER=30m # Timeout for tests with race+coverage (most intensive)
TEST_TIMEOUT_UNIT=20m # Timeout for unit tests only
TEST_TIMEOUT_FUZZ=5m # Timeout for fuzz tests
# ================================================================================================
# 🏃 BENCHMARK CONFIGURATION
# ================================================================================================
# Benchmark execution timeout in minutes
BENCHMARK_TIMEOUT=20 # Minutes
# Benchmark mode
BENCHMARK_MODE=quick # Options: quick, full, normal
# ================================================================================================
# 📦 ARTIFACT DOWNLOAD CONFIGURATION
# ================================================================================================
# Artifact Download Resilience Settings
ARTIFACT_DOWNLOAD_RETRIES=3 # Number of retry attempts for failed downloads
ARTIFACT_DOWNLOAD_RETRY_DELAY=10 # Initial retry delay in seconds (uses exponential backoff)
ARTIFACT_DOWNLOAD_TIMEOUT=300 # Download timeout in seconds (5 minutes)
ARTIFACT_DOWNLOAD_CONTINUE_ON_ERROR=false # Continue workflow execution even if artifact download fails
# ================================================================================================
# 📊 COVERAGE SYSTEM CONFIGURATION (go-coverage)
# ================================================================================================
# Coverage Provider Selection
# Options: internal (go-coverage with GitHub Pages), codecov (external service)
# If you use codecov, set CODECOV_TOKEN in your repository secrets
GO_COVERAGE_PROVIDER=internal
# Codecov Configuration (only used when provider=codecov)
CODECOV_TOKEN_REQUIRED=false
# Go Coverage Tool Version
GO_COVERAGE_VERSION=v1.1.11 # https://github.com/mrz1836/go-coverage
GO_COVERAGE_USE_LOCAL=false # Use local version for development
# Core Coverage Settings
GO_COVERAGE_INPUT_FILE=coverage.txt
GO_COVERAGE_OUTPUT_DIR=.
GO_COVERAGE_THRESHOLD=65.0
GO_COVERAGE_ALLOW_LABEL_OVERRIDE=true
# Coverage Exclusions
GO_COVERAGE_EXCLUDE_PATHS=test/,vendor/,testdata/
GO_COVERAGE_EXCLUDE_FILES=*_test.go,*.pb.go
GO_COVERAGE_EXCLUDE_TESTS=true
GO_COVERAGE_EXCLUDE_GENERATED=true
# GitHub Integration
GO_COVERAGE_POST_COMMENTS=true
GO_COVERAGE_CREATE_STATUSES=true
GO_COVERAGE_SKIP_URL_CHECKS=false
GO_COVERAGE_FAIL_ON_URL_ERRORS=true
GO_COVERAGE_URL_CHECK_TIMEOUT=300
# Badge Configuration
GO_COVERAGE_BADGE_STYLE=flat
GO_COVERAGE_BADGE_LABEL=coverage
GO_COVERAGE_BADGE_LOGO=2fas
GO_COVERAGE_BADGE_LOGO_COLOR=white
GO_COVERAGE_BADGE_OUTPUT=coverage.svg
GO_COVERAGE_BADGE_TREND=false
# Report Configuration
GO_COVERAGE_REPORT_OUTPUT=coverage.html
GO_COVERAGE_REPORT_TITLE="Coverage Report"
GO_COVERAGE_REPORT_THEME=github-dark
GO_COVERAGE_REPORT_PACKAGES=true
GO_COVERAGE_REPORT_FILES=true
GO_COVERAGE_REPORT_MISSING=true
# History Tracking
GO_COVERAGE_HISTORY_ENABLED=true
GO_COVERAGE_HISTORY_PATH=history
GO_COVERAGE_HISTORY_RETENTION=90
GO_COVERAGE_HISTORY_MAX_ENTRIES=1000
GO_COVERAGE_HISTORY_CLEANUP=true
GO_COVERAGE_HISTORY_METRICS=true
# Storage Configuration
GO_COVERAGE_BASE_DIR=.
GO_COVERAGE_AUTO_CREATE_DIRS=true
GO_COVERAGE_FILE_MODE=644
GO_COVERAGE_DIR_MODE=755
# Logging Configuration
GO_COVERAGE_LOG_LEVEL=INFO
GO_COVERAGE_LOG_FORMAT=text
GO_COVERAGE_LOG_ENABLED=true
# ================================================================================================
# 🗄️ REDIS SERVICE CONFIGURATION
# ================================================================================================
# Redis Service Control
ENABLE_REDIS_SERVICE=false # Enable Redis service container for tests/benchmarks
REDIS_SERVICE_MODE=never # Options: auto, always, never (auto = enabled if redis tests detected)
# Redis Version Configuration
REDIS_VERSION=7-alpine # Redis Docker image version (7-alpine, 6-alpine, latest)
# Redis Connection Configuration
REDIS_HOST=localhost # Redis host (localhost for GitHub Actions service containers)
REDIS_PORT=6379 # Redis port (standard: 6379)
# Redis Health Check Configuration
REDIS_HEALTH_CHECK_RETRIES=10 # Number of health check retries
REDIS_HEALTH_CHECK_INTERVAL=10 # Health check interval in seconds
REDIS_HEALTH_CHECK_TIMEOUT=5 # Health check timeout in seconds
# ================================================================================================
# 🔧 TOOL VERSIONS
# ================================================================================================
# Security Tools
GITLEAKS_VERSION=8.28.0 # https://github.com/gitleaks/gitleaks/releases
GOVULNCHECK_VERSION=v1.1.4 # https://pkg.go.dev/golang.org/x/vuln
NANCY_VERSION=v1.0.51 # https://github.com/sonatype-nexus-community/nancy/releases
# Code Quality Tools
NODE_VERSION=20 # Node.js for prettier and other tools
PRETTIER_VERSION=3.6.2 # https://www.npmjs.com/package/prettier
# ================================================================================================
# 🪄 MAGE-X CONFIGURATION
# ================================================================================================
MAGE_X_VERSION=v1.4.0 # https://github.com/mrz1836/mage-x/releases
# Format exclusion paths (comma-separated directories to exclude from formatting)
MAGE_X_FORMAT_EXCLUDE_PATHS=vendor,node_modules,.git,.idea,.vscode
MAGE_X_AUTO_DISCOVER_BUILD_TAGS=true # Enable auto-discovery of build tags
MAGE_X_AUTO_DISCOVER_BUILD_TAGS_EXCLUDE=race,custom # Comma-separated list of tags to exclude
MAGE_X_GOLANGCI_LINT_VERSION=v2.4.0 # https://github.com/golangci/golangci-lint/releases
MAGE_X_GOFUMPT_VERSION=v0.8.0 # https://github.com/mvdan/gofumpt/releases
MAGE_X_GOVULNCHECK_VERSION=v1.1.4 # https://pkg.go.dev/golang.org/x/vuln
MAGE_X_MOCKGEN_VERSION=v0.6.0 # https://github.com/uber-go/mock/releases
MAGE_X_SWAG_VERSION=v1.16.6 # https://github.com/swaggo/swag/releases
MAGE_X_STATICCHECK_VERSION=2025.1.1 # https://github.com/dominikh/go-tools/releases
MAGE_X_NANCY_VERSION=v1.0.51 # https://github.com/sonatype-nexus-community/nancy/releases
MAGE_X_GITLEAKS_VERSION=8.28.0 # https://github.com/gitleaks/gitleaks/releases
MAGE_X_GORELEASER_VERSION=v2.12.0 # https://github.com/goreleaser/goreleaser/releases
MAGE_X_PRETTIER_VERSION=3.6.2 # https://www.npmjs.com/package/prettier
MAGE_X_GO_VERSION=1.24.x # Primary Go version for MAGE-X (also our primary)
MAGE_X_GO_SECONDARY_VERSION=1.24.x # Secondary Go version for MAGE-X (also our secondary)
# Runtime variables (set by setup-goreleaser action):
# MAGE_X_GORELEASER_PATH - Path to installed goreleaser binary
# MAGE_X_GORELEASER_INSTALLED - Set to 'true' when goreleaser is available
# MAGE_X_GORELEASER_CACHED_VERSION - Version of installed goreleaser
# Optional Overrides (uncomment to override defaults)
# MAGE_X_BINARY_NAME=magex
# MAGE_X_BUILD_TAGS=mage
# MAGE_X_DOWNLOAD_BACKOFF=2.0
# MAGE_X_DOWNLOAD_INITIAL_DELAY=300
# MAGE_X_DOWNLOAD_MAX_DELAY=1000
# MAGE_X_DOWNLOAD_RESUME=false
# MAGE_X_DOWNLOAD_RETRIES=3
# MAGE_X_DOWNLOAD_TIMEOUT=5000
# MAGE_X_DOWNLOAD_USER_AGENT=MAGE-X-Agent
# MAGE_X_PARALLEL=3
# MAGE_X_TEST_RACE=false
# MAGE_X_VERBOSE=true
# ================================================================================================
# 🔒 SECURITY CONFIGURATION
# ================================================================================================
# Gitleaks Configuration
GITLEAKS_NOTIFY_USER_LIST=@mrz1836
# Empty = use default config
GITLEAKS_CONFIG_FILE=
# Nancy CVE Exclusions (known acceptable vulnerabilities)
NANCY_EXCLUDES=CVE-2024-38513,CVE-2023-45142
# ================================================================================================
# 🪝 PRE-COMMIT SYSTEM CONFIGURATION (go-pre-commit)
# ================================================================================================
# Pre-Commit System
GO_PRE_COMMIT_VERSION=v1.1.16 # https://github.com/mrz1836/go-pre-commit
GO_PRE_COMMIT_USE_LOCAL=false # Use local version for development
# System Settings
GO_PRE_COMMIT_FAIL_FAST=false
GO_PRE_COMMIT_TIMEOUT_SECONDS=120
GO_PRE_COMMIT_PARALLEL_WORKERS=2
GO_PRE_COMMIT_LOG_LEVEL=debug
GO_PRE_COMMIT_MAX_FILE_SIZE_MB=10
GO_PRE_COMMIT_MAX_FILES_OPEN=100
# File Detection Strategy for CI
# true = Check all repository files (comprehensive but slower)
# false = Check only changed files in PR/push (faster, smart detection)
GO_PRE_COMMIT_ALL_FILES=true
# Tool Versions
GO_PRE_COMMIT_GOLANGCI_LINT_VERSION=v2.4.0 # https://github.com/golangci/golangci-lint
GO_PRE_COMMIT_FUMPT_VERSION=v0.8.0 # https://github.com/mvdan/gofumpt
GO_PRE_COMMIT_GOIMPORTS_VERSION=latest # https://github.com/golang/tools
# Build Configuration
GO_PRE_COMMIT_BUILD_TAGS= # Build tags for golangci-lint and other tools
# Individual Checks
GO_PRE_COMMIT_ENABLE_FMT=true
GO_PRE_COMMIT_ENABLE_FUMPT=true
GO_PRE_COMMIT_ENABLE_GOIMPORTS=true
GO_PRE_COMMIT_ENABLE_LINT=true
GO_PRE_COMMIT_ENABLE_MOD_TIDY=true
GO_PRE_COMMIT_ENABLE_WHITESPACE=true
GO_PRE_COMMIT_ENABLE_EOF=true
GO_PRE_COMMIT_ENABLE_AI_DETECTION=true
# Auto-staging Settings
GO_PRE_COMMIT_FMT_AUTO_STAGE=true
GO_PRE_COMMIT_FUMPT_AUTO_STAGE=true
GO_PRE_COMMIT_GOIMPORTS_AUTO_STAGE=true
GO_PRE_COMMIT_WHITESPACE_AUTO_STAGE=true
GO_PRE_COMMIT_EOF_AUTO_STAGE=true
GO_PRE_COMMIT_AI_DETECTION_AUTO_FIX=false
# Check Timeouts (seconds)
GO_PRE_COMMIT_FMT_TIMEOUT=30
GO_PRE_COMMIT_FUMPT_TIMEOUT=30
GO_PRE_COMMIT_GOIMPORTS_TIMEOUT=30
GO_PRE_COMMIT_LINT_TIMEOUT=60
GO_PRE_COMMIT_MOD_TIDY_TIMEOUT=60
GO_PRE_COMMIT_WHITESPACE_TIMEOUT=30
GO_PRE_COMMIT_EOF_TIMEOUT=30
GO_PRE_COMMIT_AI_DETECTION_TIMEOUT=30
# Path Configuration
GO_PRE_COMMIT_HOOKS_PATH=.git/hooks
GO_PRE_COMMIT_EXCLUDE_PATTERNS=vendor/,node_modules/,.git/
GO_PRE_COMMIT_COLOR_OUTPUT=false
# Plugin System Configuration
GO_PRE_COMMIT_ENABLE_PLUGINS=true
GO_PRE_COMMIT_PLUGIN_DIR=.pre-commit-plugins
GO_PRE_COMMIT_PLUGIN_TIMEOUT=60
# ================================================================================================
# 📅 STALE WORKFLOW CONFIGURATION
# ================================================================================================
STALE_DAYS_BEFORE_STALE=60
STALE_DAYS_BEFORE_CLOSE=14
STALE_LABEL=stale
STALE_EXEMPT_ISSUE_LABELS=work-in-progress,security,requires-manual-review
STALE_EXEMPT_PR_LABELS=work-in-progress,security,requires-manual-review
STALE_OPERATIONS_PER_RUN=300
# ================================================================================================
# 🏷️ SYNC LABELS CONFIGURATION
# ================================================================================================
SYNC_LABELS_FILE=.github/labels.yml
# ================================================================================================
# 🤖 DEPENDABOT AUTO-MERGE CONFIGURATION
# ================================================================================================
DEPENDABOT_MAINTAINER_USERNAME=mrz1836
DEPENDABOT_AUTO_MERGE_PATCH=true
DEPENDABOT_AUTO_MERGE_MINOR_DEV=true
DEPENDABOT_AUTO_MERGE_MINOR_PROD=true
DEPENDABOT_AUTO_MERGE_SECURITY_NON_MAJOR=true
DEPENDABOT_ALERT_ON_MAJOR=true
DEPENDABOT_ALERT_ON_MINOR_PROD=true
DEPENDABOT_MANUAL_REVIEW_LABEL=requires-manual-review
DEPENDABOT_AUTO_MERGE_LABELS=automerge,dependabot
# ================================================================================================
# ✅ AUTO-MERGE ON APPROVAL CONFIGURATION
# ================================================================================================
AUTO_MERGE_MIN_APPROVALS=1
AUTO_MERGE_REQUIRE_ALL_REQUESTED_REVIEWS=true
AUTO_MERGE_ALLOWED_MERGE_TYPES=squash
AUTO_MERGE_DELETE_BRANCH=true
AUTO_MERGE_SKIP_DRAFT=true
AUTO_MERGE_SKIP_WIP=true
AUTO_MERGE_WIP_LABELS=work-in-progress,wip,do-not-merge
AUTO_MERGE_COMMENT_ON_ENABLE=true
AUTO_MERGE_COMMENT_ON_DISABLE=true
AUTO_MERGE_LABELS_TO_ADD=auto-merge-enabled
AUTO_MERGE_SKIP_BOT_PRS=true
# ================================================================================================
# 📝 PULL REQUEST MANAGEMENT CONFIGURATION
# ================================================================================================
PR_MANAGEMENT_DEFAULT_ASSIGNEE=mrz1836
PR_MANAGEMENT_SKIP_BOT_USERS=dependabot[bot],mergify[bot],copilot[bot]
PR_MANAGEMENT_WELCOME_FIRST_TIME=true
PR_MANAGEMENT_APPLY_SIZE_LABELS=true
PR_MANAGEMENT_APPLY_TYPE_LABELS=true
PR_MANAGEMENT_CLEAN_CACHE_ON_CLOSE=true
PR_MANAGEMENT_DELETE_BRANCH_ON_MERGE=true
PR_MANAGEMENT_PROTECTED_BRANCHES=master,main,development
# PR Size Thresholds
PR_MANAGEMENT_SIZE_XS_THRESHOLD=10
PR_MANAGEMENT_SIZE_S_THRESHOLD=50
PR_MANAGEMENT_SIZE_M_THRESHOLD=200
PR_MANAGEMENT_SIZE_L_THRESHOLD=500