Reuse workflows and scripts

Refer CI workflows and scripts from .goassets repository
instead of copying files.

Author: at-wat

.github/workflows/codeql-analysis.reusable.yml

@@ -0,0 +1,31 @@
+name: CodeQL
+
+on:
+  workflow_call:
+
+jobs:
+  analyze:
+    name: CodeQL
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - uses: actions/checkout@v3
+
+        # The code in examples/ might intentionally do things like log credentials
+        # in order to show how the library is used, aid in debugging etc. We
+        # should ignore those for CodeQL scanning, and only focus on the package
+        # itself.
+      - name: Remove example code
+        run: rm -rf examples/
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: 'go'
+
+      - name: CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/generate-authors.reusable.yml

@@ -0,0 +1,80 @@
+name: Generate Authors
+
+on:
+  workflow_call:
+    secrets:
+      token:
+        required: true
+      goassets-ref:
+        default: master
+        required: true
+        type: string
+
+jobs:
+  check-secret:
+    name: Check secret
+    permissions:
+      contents: none
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.pull_request.head.ref, 'renovate/') == false
+    outputs:
+      is_token_set: ${{ steps.checksecret_job.outputs.is_token_set }}
+    steps:
+      - id: checksecret_job
+        env:
+          TOKEN: ${{ secrets.token }}
+        run: |
+          echo "is_token_set: ${{ env.TOKEN != '' }}"
+          echo "::set-output name=is_token_set::${{ env.TOKEN != '' }}"
+
+  generate-authors:
+    name: Generate Authors
+    permissions:
+      contents: write
+    needs: [check-secret]
+    if: needs.check-secret.outputs.is_token_set == 'true'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.head_ref }}
+        fetch-depth: 0
+        token: ${{ secrets.token }}
+      - name: Checkout .goassets
+        uses: actions/checkout@v3
+        with:
+          repository: pion/.goassets
+          path: ${{ github.workspace }}/.github/.goassets
+          ref: ${{ inputs.goassets-ref }}
+
+      - name: Generate the authors file
+        run: .github/.goassets/scripts/generate-authors.sh
+
+      - name: Add the authors file to git
+        run: git add AUTHORS.txt
+
+      - name: Get last commit message
+        id: last-commit-message
+        run: |
+          COMMIT_MSG=$(git log -1 --pretty=%B)
+          COMMIT_MSG="${COMMIT_MSG//'%'/'%25'}"
+          COMMIT_MSG="${COMMIT_MSG//$'\n'/'%0A'}"
+          COMMIT_MSG="${COMMIT_MSG//$'\r'/'%0D'}"
+          echo "::set-output name=msg::$COMMIT_MSG"
+
+      - name: Get last commit author
+        id: last-commit-author
+        run: echo "::set-output name=msg::$(git log -1 --pretty='%aN <%ae>')"
+
+      - name: Check if AUTHORS.txt file has changed
+        id: git-status-output
+        run: echo "::set-output name=msg::$(git status -s | wc -l)"
+
+      - name: Commit and push
+        if: ${{ steps.git-status-output.outputs.msg != '0' }}
+        run: |
+          git config user.email $(echo "${{ steps.last-commit-author.outputs.msg }}" | sed 's/\(.\+\) <\(\S\+\)>/\2/')
+          git config user.name $(echo "${{ steps.last-commit-author.outputs.msg }}" | sed 's/\(.\+\) <\(\S\+\)>/\1/')
+          git add AUTHORS.txt
+          git commit --amend --no-edit
+          git push --force https://github.com/${GITHUB_REPOSITORY} $(git symbolic-ref -q --short HEAD)

.github/workflows/lint.reusable.yml

@@ -0,0 +1,57 @@
+name: Lint
+on:
+  workflow_call:
+    inputs:
+      goassets-ref:
+        default: master
+        required: true
+        type: string
+
+permissions:
+  contents: read
+
+jobs:
+  lint-commit-message:
+    name: Metadata
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Checkout .goassets
+        uses: actions/checkout@v3
+        with:
+          repository: pion/.goassets
+          path: ${{ github.workspace }}/.github/.goassets
+          ref: ${{ inputs.goassets-ref }}
+
+      - name: Commit Message
+        run: .github/.goassets/scripts/lint-commit-message.sh
+
+      - name: File names
+        run: .github/.goassets/scripts/lint-filename.sh
+
+      - name: Functions
+        run: .github/.goassets/scripts/lint-disallowed-functions-in-library.sh
+
+      - name: Logging messages should not have trailing newlines
+        run: .github/.goassets/scripts/lint-no-trailing-newline-in-log-messages.sh
+
+  lint-go:
+    name: Go
+    permissions:
+      contents: read
+      pull-requests: read
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.45.2
+          args: $GOLANGCI_LINT_EXRA_ARGS

.github/workflows/lint.yml

@@ -1,19 +1,18 @@
 name: Lint
 on:
   pull_request:
-    types:
-      - opened
-      - edited
-      - synchronize
+
 jobs:
   commit-lint:
     runs-on: ubuntu-latest
     steps:
-      - name: checkout
+      - name: Checkout
         uses: actions/checkout@v3
         with:
           fetch-depth: 0
-      - name: copy scripts
-        run: cp ci/.github/*.sh .github/
-      - name: lint commit message
-        run: .github/lint-commit-message.sh
+      - name: Copy scripts
+        run: |
+          mkdir -p .github/.goassets/
+          cp -r scripts/lint-commit-message.sh .github/.goassets/
+      - name: Lint commit message
+        run: .github/.goassets/lint-commit-message.sh

.github/workflows/release.reusable.yml

@@ -0,0 +1,28 @@
+name: Release
+on:
+  workflow_call:
+    inputs:
+      go-version:
+        required: true
+        type: string
+
+jobs:
+  release:
+    name: Release
+    permissions:
+        contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-go@v3
+        with:
+          go-version: ${{ inputs.go-version }}
+      - name: Build and release
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/renovate-go-sum-fix.reusable.yml

@@ -0,0 +1,26 @@
+name: Fix go.sum
+on:
+  workflow_call:
+    secrets:
+      token:
+        required: true
+
+permissions:
+  contents: write
+
+jobs:
+  fix:
+    name: Fix go.sum
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 2
+      - name: Fix
+        uses: at-wat/go-sum-fix-action@v0
+        with:
+          git_user: Pion Bot
+          git_email: 59523206+pionbot@users.noreply.github.com
+          github_token: ${{ secrets.token }}
+          commit_style: squash
+          push: force

.github/workflows/test-i386.reusable.yml

@@ -0,0 +1,41 @@
+name: Test i386
+on:
+  workflow_call:
+    inputs:
+      go-version:
+        required: true
+        type: string
+
+permissions:
+  contents: read
+
+jobs:
+  test-i386:
+    runs-on: ubuntu-latest
+    name: Go i386 ${{ inputs.go-version }}
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/cache@v3
+        with:
+          path: |
+            ~/go/pkg/mod
+            ~/.cache
+          key: ${{ runner.os }}-i386-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-i386-go-
+
+      - name: Run test
+        run: |
+          mkdir -p $HOME/go/pkg/mod $HOME/.cache
+          docker run \
+            -u $(id -u):$(id -g) \
+            -e "GO111MODULE=on" \
+            -e "CGO_ENABLED=0" \
+            -v $GITHUB_WORKSPACE:/go/src/github.com/pion/$(basename $GITHUB_WORKSPACE) \
+            -v $HOME/go/pkg/mod:/go/pkg/mod \
+            -v $HOME/.cache:/.cache \
+            -w /go/src/github.com/pion/$(basename $GITHUB_WORKSPACE) \
+            i386/golang:${{inputs.go-version}}-alpine \
+            /usr/local/go/bin/go test \
+              ${TEST_EXTRA_ARGS:-} \
+              -v ./...

.github/workflows/test-wasm.reusable.yml

@@ -0,0 +1,61 @@
+name: Test WASM
+on:
+  workflow_call:
+    inputs:
+      go-version:
+        required: true
+        type: string
+
+permissions:
+  contents: read
+
+jobs:
+  test-wasm:
+    runs-on: ubuntu-latest
+    name: WASM
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Use Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '16.x'
+
+      - uses: actions/cache@v3
+        with:
+          path: |
+            ~/go/pkg/mod
+            ~/.cache
+          key: ${{ runner.os }}-wasm-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-wasm-go-
+
+      - name: Download Go
+        run: curl -sSfL https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz | tar -C ~ -xzf -
+        env:
+          GO_VERSION: ${{ inputs.go-version }}
+
+      - name: Set Go Root
+        run: echo "GOROOT=${HOME}/go" >> $GITHUB_ENV
+
+      - name: Set Go Path
+        run: echo "GOPATH=${HOME}/go" >> $GITHUB_ENV
+
+      - name: Set Go Path
+        run: echo "GO_JS_WASM_EXEC=${GOROOT}/misc/wasm/go_js_wasm_exec" >> $GITHUB_ENV
+
+      - name: Insall NPM modules
+        run: yarn install
+
+      - name: Run Tests
+        run: |
+          if [ -f .github/.ci.conf ]; then . .github/.ci.conf; fi
+          GOOS=js GOARCH=wasm $GOPATH/bin/go test \
+            -coverprofile=cover.out -covermode=atomic \
+            -exec="${GO_JS_WASM_EXEC}" \
+            -v ./...
+
+      - uses: codecov/codecov-action@v3
+        with:
+          name: codecov-umbrella
+          fail_ci_if_error: true
+          flags: wasm