Updated hookz configuration

Author: djschleen

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: gomod
+  directory: /
+  schedule:
+    interval: daily
+    time: "05:00"
+    timezone: US/Pacific

.hookz.yaml

@@ -1,13 +1,43 @@
-version: 2.4.1
-hooks:
-- type: pre-commit
-  actions:
-  - name: Hello Hookz!
-    url: null
-    args:
-    - -e
-    - Hello Hookz!
-    exec: /bin/echo
-    script: null
-sources:
-- source: github.com/devops-kung-fu/hinge@latest
+  version: 2.4.0
+  sources:
+    - source: github.com/anchore/syft/cmd/syft@latest
+    - source: github.com/devops-kung-fu/hinge@latest
+    - source: github.com/kisielk/errcheck@latest      
+    - source: golang.org/x/lint/golint@latest
+    - source: github.com/fzipp/gocyclo/cmd/gocyclo@latest
+  hooks:
+    - type: pre-commit
+      actions:
+        - name: "git: Pull (Ensure there are no upstream changes that are not local)"
+          exec: git
+          args: ["pull"]  
+        - name: "go: Tidy mod file"
+          exec: go
+          args: ["mod", "tidy"]
+        - name: "go: Update all dependencies to latest"
+          exec: go
+          args: ["get", "-u", "./..."]
+        - name: "golint: Lint all go files"
+          exec: golint
+          args: ["-set_exit_status", "./..."] #to error out, add the arg "-set_exit_status"
+        - name: "errcheck: Ensure that errors are checked"
+          exec: errcheck
+          args: ["-ignoretests", "./..."]
+        - name: "gocyclo: Check cyclomatic complexities"
+          exec: gocyclo
+          args: ["-over", "1", "."]
+        - name: Hinge
+          exec: hinge
+          args: ["."]
+        - name: "go: Build (Ensure pulled modules do not break the build)"
+          exec: go
+          args: ["build", "-v", "./..."]
+        - name: "go: Run all tests"
+          exec: go
+          args: ["test", "-v", "-coverprofile=coverage.out", "./..."]
+        - name: "go: Test coverage"
+          exec: go
+          args: ["tool", "cover", "-func=coverage.out"]
+        - name: "git: Add all changed files during the pre-commit stage"
+          exec: git
+          args: ["add", "."]

coverage.out

@@ -0,0 +1 @@
+mode: set

gitkon

@@ -7,6 +7,7 @@ func main() {
 	Done()
 }
 
+// Done prints done
 func Done() {
 	fmt.Println("done")
 }

main.go

@@ -0,0 +1,22 @@
+{
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.4",
+  "serialNumber": "urn:uuid:e8d31f2b-5171-42d5-98ab-0d86a85cf677",
+  "version": 1,
+  "metadata": {
+    "timestamp": "2022-09-23T15:40:57-06:00",
+    "tools": [
+      {
+        "vendor": "anchore",
+        "name": "syft",
+        "version": "[not provided]"
+      }
+    ],
+    "component": {
+      "bom-ref": "af63bd4c8601b7f1",
+      "type": "file",
+      "name": "."
+    }
+  },
+  "components": []
+}

sbom/bomber.cyclonedx.json

@@ -0,0 +1,16 @@
+{
+ "SPDXID": "SPDXRef-DOCUMENT",
+ "name": ".",
+ "spdxVersion": "SPDX-2.2",
+ "creationInfo": {
+  "created": "2022-09-23T21:40:57.000057Z",
+  "creators": [
+   "Organization: Anchore, Inc",
+   "Tool: syft-[not provided]"
+  ],
+  "licenseListVersion": "3.18"
+ },
+ "dataLicense": "CC0-1.0",
+ "documentNamespace": "https://anchore.com/syft/dir/d5f4d7b8-8731-45e8-ad72-2ca17a99764f",
+ "packages": []
+}

sbom/bomber.spdx.json

@@ -0,0 +1,110 @@
+{
+ "artifacts": [],
+ "artifactRelationships": [],
+ "source": {
+  "type": "directory",
+  "target": "."
+ },
+ "distro": {},
+ "descriptor": {
+  "name": "syft",
+  "version": "[not provided]",
+  "configuration": {
+   "configPath": "",
+   "verbosity": 0,
+   "quiet": false,
+   "output": [
+    "json=sbom/bomber.syft.json",
+    "spdx-json=sbom/bomber.spdx.json",
+    "cyclonedx-json=sbom/bomber.cyclonedx.json"
+   ],
+   "output-template-path": "",
+   "file": "",
+   "check-for-app-update": true,
+   "anchore": {
+    "host": "",
+    "path": "",
+    "dockerfile": "",
+    "overwrite-existing-image": false,
+    "import-timeout": 30
+   },
+   "dev": {
+    "profile-cpu": false,
+    "profile-mem": false
+   },
+   "log": {
+    "structured": false,
+    "level": "warning",
+    "file-location": ""
+   },
+   "catalogers": null,
+   "package": {
+    "cataloger": {
+     "enabled": true,
+     "scope": "Squashed"
+    },
+    "search-unindexed-archives": false,
+    "search-indexed-archives": true
+   },
+   "file-metadata": {
+    "cataloger": {
+     "enabled": false,
+     "scope": "Squashed"
+    },
+    "digests": [
+     "sha256"
+    ]
+   },
+   "file-classification": {
+    "cataloger": {
+     "enabled": false,
+     "scope": "Squashed"
+    }
+   },
+   "file-contents": {
+    "cataloger": {
+     "enabled": false,
+     "scope": "Squashed"
+    },
+    "skip-files-above-size": 1048576,
+    "globs": []
+   },
+   "secrets": {
+    "cataloger": {
+     "enabled": false,
+     "scope": "AllLayers"
+    },
+    "additional-patterns": {},
+    "exclude-pattern-names": [],
+    "reveal-values": false,
+    "skip-files-above-size": 1048576
+   },
+   "registry": {
+    "insecure-skip-tls-verify": false,
+    "insecure-use-http": false,
+    "auth": []
+   },
+   "exclude": [],
+   "attest": {
+    "key": "",
+    "cert": "",
+    "noUpload": false,
+    "force": false,
+    "recursive": false,
+    "replace": false,
+    "fulcioUrl": "https://fulcio.sigstore.dev",
+    "fulcio_identity_token": "",
+    "insecure_skip_verify": false,
+    "rekorUrl": "https://rekor.sigstore.dev",
+    "oidcIssuer": "https://oauth2.sigstore.dev/auth",
+    "oidcClientId": "sigstore",
+    "OIDCRedirectURL": ""
+   },
+   "platform": ""
+  }
+ },
+ "schema": {
+  "version": "3.3.2",
+  "url": "https://raw.githubusercontent.com/anchore/syft/main/schema/json/schema-3.3.2.json"
+ }
+}