Standardized GitHub Actions workflows and configuration templates for AGILira projects. Designed for Go projects with professional-grade quality gates, security scanning, and automated dependency management.

This repository provides:

• GitHub Actions Workflows - Complete CI/CD pipelines
• Configuration Templates - Standardized configuration files
• Documentation - Usage guides and examples

Comprehensive continuous integration and deployment workflow:

# Copy .github/ci.yml to your project
# Provides full test suite with quality gates

Features:

• Test execution with race condition detection
• Comprehensive security scanning (gosec + govulncheck)
• Dependency verification with go mod verify
• Code coverage reporting with Codecov integration
• Static analysis with staticcheck
• Cross-platform build matrix (Linux, Windows, macOS)
• Latest stable Go version support

Fast validation workflow for pull requests:

# Quick validation including:
# - Code formatting verification
# - Go vet analysis
# - Basic test execution
# - Security scanning

Optimized for:

• Rapid developer feedback
• Essential quality checks
• Basic security validation

Intelligent automated dependency management:

# Automated merging for:
# - Patch and minor updates after CI validation
# - Manual review requirement for major updates

Capabilities:

• Automated merge for safe dependency updates
• Manual review required for major version changes
• Mandatory CI validation before merge
• Automated informational comments

Standardized dependency management configuration:

# Copy to .github/dependabot.yml
# Optimized for Go projects with AGILira standards

Configuration includes:

• Daily updates scheduled at 09:00 Europe/Rome timezone
• Intelligent dependency grouping
• Automatic assignment to AGILira team
• Pull request limits to prevent noise

Custom security scanning template:

// Optimized configuration for AGILira projects
// Excludes common false positives
// Includes custom security pattern rules

Comprehensive gitignore for Go projects:

# Complete template for AGILira Go projects
# Includes IDE, OS, and development tool exclusions

Copy workflows to your project:

# Create required directory structure
mkdir -p .github/workflows

# Copy primary workflows
cp workflow/.github/ci.yml .github/workflows/
cp workflow/.github/pr.yml .github/workflows/
cp workflow/.github/dependabot-auto-merge.yml .github/workflows/

# Copy configuration templates
cp workflow/templates/dependabot.yml .github/
cp workflow/templates/.gosec.json .
cp workflow/templates/.gitignore .

Adapt templates to your requirements:

# In ci.yml, customize if needed:
env:
  CGO_ENABLED: 1  # Modify if your project doesn't use CGO
  
# In dependabot.yml:
schedule:
  time: "09:00"  # Adjust for your timezone if necessary

For enhanced coverage reporting, add to your repository:

# .codecov.yml
coverage:
  range: "50...80"
  status:
    project:
      default:
        target: 70%

This repository includes comprehensive build and test automation:

Available development commands:

# Unix/Linux/macOS (Makefile)
make help          # Show all available commands
make check         # Run complete validation suite
make security      # Run security checks (gosec + govulncheck)
make tools         # Install all development tools
make deps          # Download and verify dependencies

# Windows (PowerShell)
.\Makefile.ps1 help          # Show all available commands
.\Makefile.ps1 check         # Run complete validation suite
.\Makefile.ps1 security      # Run security checks (gosec + govulncheck)
.\Makefile.ps1 tools         # Install all development tools
.\Makefile.ps1 deps          # Download and verify dependencies

Enhanced security validation:

# Individual security tools
make gosec         # Code vulnerability scanning
make govulncheck   # Known vulnerability database check
make security      # Complete security suite

# PowerShell equivalent
.\Makefile.ps1 gosec         # Code vulnerability scanning
.\Makefile.ps1 govulncheck   # Known vulnerability database check
.\Makefile.ps1 security      # Complete security suite

• Go: Stable version (managed automatically by workflows)
• Repository: Standard Go project structure
• Secrets: GITHUB_TOKEN (provided automatically by GitHub)
• Codecov: Optional token for advanced coverage reporting

For a typical Go project setup:

# 1. Apply base templates
cp workflow/templates/.gitignore .
cp workflow/templates/.gosec.json .

# 2. Setup essential workflows
cp workflow/.github/ci.yml .github/workflows/
cp workflow/.github/pr.yml .github/workflows/

# 3. Enable dependabot
cp workflow/templates/dependabot.yml .github/

For projects requiring full automation:

# Complete setup with auto-merge capabilities
cp workflow/.github/*.yml .github/workflows/
cp workflow/templates/* .github/

The workflows implement multiple security layers:

• Gosec: Code vulnerability scanning for security anti-patterns
• Govulncheck: Known vulnerability database scanning
• Go mod verify: Dependency integrity verification
• Dependabot: Secure automated dependency updates
• Go vet: Built-in static analysis
• Staticcheck: Advanced code analysis
• Race detection: Concurrent execution validation

To improve the templates:

1. Fork the repository
2. Create a feature branch
3. Test with real projects
4. Submit pull request with detailed description

This project is licensed under the MIT License.

workflow • An AGILira tool