gomsvc/Taskfile.yml at main · sandrolain/gomsvc · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
version: "3"

vars:
  GO_FILES:
    sh: find . -type f -name '*.go' -not -path "./vendor/*"
  GO_PKGS:
    sh: go list ./pkg/... | grep -v "example" | grep -v "pkg/grpclib/test"

tasks:
  default:
    cmds:
      - task: test

  test:
    desc: Run tests with coverage
    cmds:
      - go test -v -race -coverprofile=coverage.out -covermode=atomic $(go list ./pkg/... | grep -v "example" | grep -v "pkg/grpclib/test")
      - go tool cover -html=coverage.out -o coverage.html

  gen-grpc:
    desc: Generate gRPC code
    cmds:
      - buf mod update
      - buf generate

  fmt:
    desc: Format Go code with simplification
    cmds:
      - gofmt -s -l -w .

  lint:
    desc: Run linters
    cmds:
      - golangci-lint run

  vet:
    desc: Run go vet for static analysis
    cmds:
      - go vet ./pkg/...

  build:
    desc: Build the project
    cmds:
      - go build -v ./pkg/...

  clean:
    desc: Clean build artifacts
    cmds:
      - go clean
      - rm -rf bin/
      - rm -rf dist/
      - rm -f coverage.out
      - rm -f coverage.html
      - rm -f security-report.json

  gosec:
    desc: Run security checks with gosec
    vars:
      GOSEC_INSTALLED:
        sh: command -v gosec || echo "not_found"
    cmds:
      - |
        if [ "{{.GOSEC_INSTALLED}}" = "not_found" ]; then
          echo "gosec is not installed. Installing..."
          go install github.com/securego/gosec/v2/cmd/gosec@latest
        fi
      - echo "Running gosec security scanner..."
      - gosec -fmt=json -out=security-report.json ./pkg/...

  trivy:
    desc: Run Trivy vulnerability scanner
    vars:
      TRIVY_INSTALLED:
        sh: command -v trivy || echo "not_found"
    cmds:
      - |
        if [ "{{.TRIVY_INSTALLED}}" = "not_found" ]; then
          echo "Trivy is not installed. Installing..."
          brew install aquasecurity/trivy/trivy
        fi
      - echo "Running Trivy vulnerability scanner..."
      - trivy fs --scanners vuln,secret,misconfig .
      - trivy fs --format json --output trivy-results.json .

  check:
    desc: Run all checks (fmt, lint, vet, test, security, trivy)
    cmds:
      - task: fmt
      - task: lint
      - task: vet
      - task: test
      - task: gosec
      - task: trivy

  install-deps:
    desc: Install project dependencies
    cmds:
      - go mod download
      - go mod tidy

  docs:
    desc: Start godoc server for project documentation
    cmds:
      - cmd: |
          echo "Starting godoc server at http://localhost:6060"
          echo "View the documentation by navigating to http://localhost:6060/pkg/github.com/sandrolain/gomsvc/"
          godoc -http=:6060