{"id":29354323,"url":"https://github.com/kemadev/ci-cd","last_synced_at":"2025-07-09T03:13:16.016Z","repository":{"id":303104483,"uuid":"1013016341","full_name":"kemadev/ci-cd","owner":"kemadev","description":"CI/CD for repositories","archived":false,"fork":false,"pushed_at":"2025-07-05T18:41:18.000Z","size":120,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-05T18:59:49.598Z","etag":null,"topics":["cd","ci","go","runner"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kemadev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["kemadev"]}},"created_at":"2025-07-03T08:27:49.000Z","updated_at":"2025-07-05T18:41:20.000Z","dependencies_parsed_at":"2025-07-05T19:00:24.724Z","dependency_job_id":"c7807cd3-2d67-4d0d-880d-96e4a07e17a8","html_url":"https://github.com/kemadev/ci-cd","commit_stats":null,"previous_names":["kemadev/ci-cd"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/kemadev/ci-cd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kemadev%2Fci-cd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kemadev%2Fci-cd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kemadev%2Fci-cd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kemadev%2Fci-cd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kemadev","download_url":"https://codeload.github.com/kemadev/ci-cd/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kemadev%2Fci-cd/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263897992,"owners_count":23526834,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cd","ci","go","runner"],"created_at":"2025-07-09T03:13:10.558Z","updated_at":"2025-07-09T03:13:16.011Z","avatar_url":"https://github.com/kemadev.png","language":"Go","funding_links":["https://github.com/sponsors/kemadev"],"categories":[],"sub_categories":[],"readme":"# ci-cd\n\n\u003c!-- Brief description of the project --\u003e\n\n## Welcome\n\n\u003c!-- Project presentation, motivation, and main features --\u003e\n\n## Demo\n\n\u003c!-- If applicable, project demo (video, screenshots, asciicinema, ...) --\u003e\n\n## Getting Started\n\n\u003c!-- Basic usage and main commands --\u003e\n\n## Contributing\n\n### Global Guidelines\n\n- You can find contributing guidelines in [CONTRIBUTING.md](CONTRIBUTING.md)\n- Feeling like something could be improved? Let's do it together! From code to documentation, services to use, or linter rules, everything is discussable and improvable, make a PR! Let's move forward together.\n\n### Concepts\n\n- A repository such as this one is representing a project\n- A project is basically an application\n- An application is a microservice that works with other microservices to to achieve project's goals\n- Microservices are small, loosely coupled, and independently deployable and scalable\n- Each microservice should be agnostic of it downstreams. However, it should expose a clear and well-defined API to its downstreams for them to consume (that is, the microservice itself uses its upstreams' API)\n\n### Development Guidelines and Conventions\n\n- All major directories contain a `PURPOSE.md` file with a brief description of directory's content and instructions on how to use it\n- You are encouraged to create your own `README.md` files in subdirectories to provide project-specific instructions, and to document more-widely scoped topics in [doc](./doc) directory\n- Code sharing is encouraged, such code should be placed in [pkg](pkg) and [internal/pkg](internal/pkg) directories, as-per Go's conventions\n- Importing other applications libraries and packages is encouraged, following code sharing encouragement\n- First class code documentation (following [Go doc comment guidelines](https://go.dev/doc/comment)) as well as project documentation is encouraged\n- Following [Learn Go with tests](https://github.com/quii/learn-go-with-tests) is encouraged\n- Following [Effective Go](https://go.dev/doc/effective_go) and [Google's styleguide](https://google.github.io/styleguide/go/) is encouraged\n- Following [locality of behaviour](https://htmx.org/essays/locality-of-behaviour/) and [principle of least astonishment](https://en.wikipedia.org/wiki/Principle_of_least_astonishment) is encouraged\n- Variables, functions, methods, ... should be named in a short and descriptive way\n\n### Project development\n\n- Deploy `dev` stacks of [the layers](./deploy), in ascending order of layer number (`XX-` prefix)\n- Make changes and enjoy hot reloading!\n- Once you are happy with your changes, create a PR!\n\n#### Prerequisites\n\n- [Docker](https://github.com/docker/cli) to run applications in containers. You should configure your credentials store and credential helpers for Docker to work with your container registry\n- [Go](https://github.com/golang/go) to install applications dependencies as needed\n- [Pulumi](https://github.com/pulumi/pulumi) to manage Cloud resources\n- [kind](https://github.com/kubernetes-sigs/kind) to run Kubernetes clusters locally\n- [Kubectl](https://github.com/kubernetes/kubectl) to manage Kubernetes resources (not strictly required but quite handy)\n- Very few other CLI tools such as [git](https://github.com/git/git), [bash](https://www.gnu.org/software/bash/), ... that are most likely already installed on your system\n\n#### Running the project\n\n- Common tasks such as running, testing, creating new IaC components, updating Cloud resources, ... are done by using [kemutil](https://github.com/kemadev/ci-cd/tree/main/tool/kemutil). You are encouraged to install and use it!\n\n#### CI / CD\n\n##### Locally\n\n- CI pipelines can be mimicked locally using `ci-cd` image, mounting project's directory as a volume in `/src`, and running the same commands as in the CI pipeline\n- That is, you can run the following command to run the whole CI pipeline locally:\n\n  ```bash\n  kemutil ci [--fix] [--hot] ci\n  ```\n\n- When using `--hot`, your need to export `GIT_TOKEN` environment variable to propagate your git credentials to the container, so that it can fetch private dependencies. This is typically done by running:\n\n  ```bash\n  export GIT_TOKEN=$(gh auth token)\n  ```\n\n- Other commands are available, feel free to run `kemutil help` to see the list of available commands and their usage\n\n##### False positives\n\n- CI Pipelines can sometime report false positives. Here is what you can do to remediate (be as specific as possible on silences to avoid shadowing real issues):\n  - `golangci-lint`: Add a `nolint:\u003clinter\u003e[,\u003clinter\u003e] // \u003cexplanation\u003e` comment. See [this doc](https://golangci-lint.run/usage/false-positives/)\n  - `semgrep`: Add a `nosemgrep: \u003crule-id\u003e` comment. See [this doc](https://semgrep.dev/docs/ignoring-files-folders-code)\n  - `gitleaks`: Add finding fingerprint to [.gitleaksignore](config/gitleaks/.gitleaksignore). See [this doc](https://github.com/gitleaks/gitleaks#additional-configuration). Please note that **any leaked secret should be revoked and replaced as soon as possible**\n  - `markdownlint`: Add a `markdownlint-disable \u003crule\u003e` comment. See [this doc](https://github.com/DavidAnson/markdownlint/blob/main/README.md#configuration)\n  - `shellcheck`: Add a `shellcheck disable=\u003crule\u003e` comment. See [this doc](https://github.com/koalaman/shellcheck/wiki/Ignore)\n  - `hadolint`: Add a `hadolint ignore=\u003crule\u003e` comment. See [this doc](https://github.com/hadolint/hadolint/blob/master/README.md#ignoring-rules)\n  - `actionlint`: In case of a `shellcheck` error, refer to the `shellcheck` section. Otherwise, you can pass arguments to the linting action to ignore specific rules. See [this doc](https://github.com/rhysd/actionlint/blob/main/docs/usage.md#ignore-some-errors)\n  - `grype`: Add an ignore in upstream [repo-template .grype.yaml](https://github.com/kemadev/repo-template/blob/main/config/grype/.grype.yaml). See [this doc](https://github.com/anchore/grype#specifying-matches-to-ignore). Please note that **any vulnerability should be remediated as soon as possible**, only add true false positives to the ignore list. Prefer deploying with a non-exploitable vulnerability reported rather than ignoring it.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkemadev%2Fci-cd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkemadev%2Fci-cd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkemadev%2Fci-cd/lists"}