Add standard go-openapi monorepo infrastructure

.github/dependabot.yaml

@@ -0,0 +1,65 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+    open-pull-requests-limit: 2          # <- default is 5
+    allow:
+      - dependency-type: all
+    groups:                              # <- group all github actions updates in a single PR
+      # 1. development-dependencies are auto-merged
+      development-dependencies:
+        patterns:
+          - '*'
+    assignees:
+      - fredbi
+
+  - package-ecosystem: "gomod"
+    # We define 4 groups of dependencies to regroup update pull requests:
+    # - development (e.g. test dependencies)
+    # - go-openapi updates
+    # - golang.org (e.g. golang.org/x/... packages)
+    # - other dependencies (direct or indirect)
+    #
+    # * All groups are checked once a week and each produce at most 1 PR.
+    # * All dependabot PRs are auto-approved
+    #
+    # Auto-merging policy, when requirements are met:
+    # 1. development-dependencies are auto-merged
+    # 2. golang.org-dependencies are auto-merged
+    # 3. go-openapi patch updates are auto-merged. Minor/major version updates require a manual merge.
+    # 4. other dependencies require a manual merge
+    directories:
+      - "**/*"
+    schedule:
+      interval: "weekly"
+      day: "friday"
+    open-pull-requests-limit: 4
+    groups:
+      development-dependencies:
+        patterns:
+          - "github.com/stretchr/testify"
+          - "github.com/go-openapi/testify"
+
+      golang-org-dependencies:
+        patterns:
+          - "golang.org/*"
+
+      go-openapi-dependencies:
+        patterns:
+          - "github.com/go-openapi/*"
+        exclude-patterns:
+          - "github.com/go-openapi/testify"
+
+      other-dependencies:
+        exclude-patterns:
+          - "github.com/go-openapi/*"
+          - "github.com/stretchr/testify"
+          - "github.com/go-openapi/testify"
+          - "golang.org/*"
+    allow:
+      - dependency-type: all
+    assignees:
+      - fredbi

.github/workflows/auto-merge.yml

@@ -0,0 +1,15 @@
+name: Dependabot auto-merge
+
+permissions:
+  contents: read
+
+on:
+  pull_request:
+
+jobs:
+  dependabot:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: go-openapi/ci-workflows/.github/workflows/auto-merge.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    secrets: inherit

.github/workflows/bump-release.yml

@@ -0,0 +1,40 @@
+name: Bump Release
+
+permissions:
+  contents: read
+
+
+on:
+  workflow_dispatch:
+    inputs:
+      bump-type:
+        description: Type of bump (patch, minor, major)
+        type: choice
+        options:
+        - patch
+        - minor
+        - major
+        default: patch
+        required: false
+      tag-message-title:
+        description: Tag message title to prepend to the release notes
+        required: false
+        type: string
+      tag-message-body:
+        description: |
+          Tag message body to prepend to the release notes.
+          (use "|" to replace end of line).
+        required: false
+        type: string
+
+jobs:
+  bump-release:
+    permissions:
+      contents: write
+      pull-requests: write
+    uses: go-openapi/ci-workflows/.github/workflows/bump-release-monorepo.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    with:
+      bump-type: ${{ inputs.bump-type }}
+      tag-message-title: ${{ inputs.tag-message-title }}
+      tag-message-body: ${{ inputs.tag-message-body }}
+    secrets: inherit

.github/workflows/codeql.yml

@@ -0,0 +1,22 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+    paths-ignore: # remove this clause if CodeQL is a required check
+      - '**/*.md'
+  schedule:
+    - cron: '39 19 * * 5'
+
+permissions:
+  contents: read
+
+jobs:
+  codeql:
+    permissions:
+      contents: read
+      security-events: write
+    uses: go-openapi/ci-workflows/.github/workflows/codeql.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    secrets: inherit

.github/workflows/contributors.yml

@@ -0,0 +1,18 @@
+name: Contributors
+
+on:
+  schedule:
+    - cron: '18 4 * * 6'
+
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  contributors:
+    permissions:
+      pull-requests: write
+      contents: write
+    uses: go-openapi/ci-workflows/.github/workflows/contributors.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    secrets: inherit

.github/workflows/go-test.yml

@@ -0,0 +1,17 @@
+name: go test
+
+permissions:
+  pull-requests: read
+  contents: read
+
+on:
+  push:
+    branches:
+      - master
+
+  pull_request:
+
+jobs:
+  test:
+    uses: go-openapi/ci-workflows/.github/workflows/go-test-monorepo.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    secrets: inherit

.github/workflows/monitor-bot-pr.yml

@@ -0,0 +1,18 @@
+name: Monitor bot PRs
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '18 6 * * *'
+
+permissions:
+  contents: read
+
+jobs:
+  monitor-pr:
+    permissions:
+      contents: write
+      pull-requests: write
+      statuses: read
+    uses: go-openapi/ci-workflows/.github/workflows/monitor-bot-pr.yml@cd9849915b4f8b6ceeeaf24e02e8f8e24202c8f6 # v0.3.3
+    secrets: inherit

.github/workflows/scanner.yml

@@ -0,0 +1,19 @@
+name: Vulnerability scans
+
+on:
+  branch_protection_rule:
+  push:
+    branches: ["master"]
+  schedule:
+    - cron: "18 4 * * 3"
+
+permissions:
+  contents: read
+
+jobs:
+  scanners:
+    permissions:
+      contents: read
+      security-events: write
+    uses: go-openapi/ci-workflows/.github/workflows/scanner.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    secrets: inherit

.github/workflows/tag-release.yml

@@ -0,0 +1,20 @@
+name: Release on tag
+
+permissions:
+  contents: read
+
+on:
+  push:
+    tags:
+      - v[0-9]+*
+
+jobs:
+  gh-release:
+    name: Create release
+    permissions:
+      contents: write
+    uses: go-openapi/ci-workflows/.github/workflows/release.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4
+    with:
+      tag: ${{ github.ref_name }}
+      is-monorepo: true
+    secrets: inherit

.golangci.yml

@@ -0,0 +1,78 @@
+version: "2"
+linters:
+  default: all
+  disable:
+    - cyclop
+    - depguard
+    - errchkjson
+    - errorlint
+    - exhaustruct
+    - forcetypeassert
+    - funlen
+    - gochecknoglobals
+    - gochecknoinits
+    - gocognit
+    - godot
+    - godox
+    - gomoddirectives
+    - gosmopolitan
+    - inamedparam
+    - intrange
+    - ireturn
+    - lll
+    - musttag
+    - modernize
+    - nestif
+    - nlreturn
+    - nonamedreturns
+    - noinlineerr
+    - paralleltest
+    - recvcheck
+    - testpackage
+    - thelper
+    - tagliatelle
+    - tparallel
+    - unparam
+    - varnamelen
+    - whitespace
+    - wrapcheck
+    - wsl
+    - wsl_v5
+  settings:
+    dupl:
+      threshold: 200
+    goconst:
+      min-len: 2
+      min-occurrences: 3
+    gocyclo:
+      min-complexity: 45
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
+    - gofmt
+    - goimports
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+issues:
+  # Maximum issues count per one linter.
+  # Set to 0 to disable.
+  # Default: 50
+  max-issues-per-linter: 0
+  # Maximum count of issues with the same text.
+  # Set to 0 to disable.
+  # Default: 3
+  max-same-issues: 0

LICENSE

@@ -1,3 +1,4 @@
+
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/