Merge pull request #228

Merge Feature/dev to development

.github/CODEOWNERS

@@ -1 +1,2 @@
-*       @bsrinivas8687
+# Primary repo maintainers
+*       @bsrinivas8687 @dheerajkd30

.github/workflows/build.yml

@@ -3,22 +3,23 @@ on:
   push:
     branches:
       - development
+      - feature/dev
   release:
     types: [created]
 jobs:
-   sonar:
-     name: Sonarqube
-     runs-on: ubuntu-latest
-     steps:
-       - uses: actions/checkout@v2
-         with:
-           fetch-depth: 0
-       - uses: sonarsource/sonarqube-scan-action@master
-         env:
-           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-           
-   build:
+  sonar:
+    name: Sonarqube
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+  build:
     name: Build
     runs-on: ubuntu-latest
     steps:
@@ -34,8 +35,5 @@ jobs:
       - name: Get dependencies
         run: go get -v -t -d ./...
 
-      - name: Verify
-        run: make verify
-
       - name: Build Release
         run: make build

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,51 @@
+name: "CodeQL"
+
+on:
+  pull_request:
+      paths:
+        - "**.go"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    - uses: actions/setup-go@v3
+      with:
+        go-version: 1.18
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: 'go'
+        queries: crypto-com/cosmos-sdk-codeql@main,security-and-quality
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/dependency.yml

@@ -0,0 +1,16 @@
+name: 'Dependency Review'
+# Dependency Review workflow action scans pull requests for dependency changes and
+# will raise an error if any new dependencies have existing vulnerabilities.
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v3
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v1

.github/workflows/gosec.yml

@@ -0,0 +1,22 @@
+name: Run Gosec
+on:
+  push:
+    branches:
+      - feature/dev
+      - development
+  pull_request:
+    branches:
+      - feature/dev
+      - development
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v2
+      - name: Run Gosec Security Scanner
+        uses: informalsystems/gosec@master
+        with:
+          args: ./...

.github/workflows/lint.yml

@@ -0,0 +1,62 @@
+name: Lint
+on:
+  pull_request:
+  push:
+    branches:
+      - development
+      - feature/dev
+
+jobs:
+  golangci:
+    name: Run golangci-lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.18
+      - uses: technote-space/[email protected]
+        with:
+          PATTERNS: |
+            **/**.go
+            go.mod
+            go.sum
+      - name: Get data from build cache
+        uses: actions/cache@v2
+        with:
+          # In order:
+          # * Module download cache
+          # * Linter cache (Linux)
+          # * Build cache (Linux)
+          # * Build cache (Mac)
+          # * Build cache (Windows)
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/golangci-lint
+            ~/.cache/go-build
+            ~/Library/Caches/go-build
+            ~\AppData\Local\go-build
+          key: ${{ runner.os }}-go-linter-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-linter-${{ matrix.go-version }}-
+      - name: Run golangci-lint
+        run: make lint
+        if: env.GIT_DIFF
+
+  documentation-linter:
+    name: Run super-linter
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+        with:
+          # Full git history is needed to get a proper list of changed files
+          # within `super-linter`.
+          fetch-depth: 0
+      - name: Run documentation linter
+        uses: github/super-linter@v4
+        env:
+          VALIDATE_ALL_CODEBASE: false
+          VALIDATE_MARKDOWN: true
+          DEFAULT_BRANCH: development
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/test.yml

@@ -0,0 +1,67 @@
+name: Tests & Code Coverage
+
+on:
+  pull_request:
+    branches:
+      - "**"
+  push:
+    branches:
+      - "development"
+      - "feature/dev"
+  workflow_dispatch:
+
+jobs:
+  should_run_go_test:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      -
+        id: skip_check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          cancel_others: "true" # workflow-runs from outdated commits will be cancelled.
+          concurrent_skipping: "same_content"
+          skip_after_successful_duplicate: "true"
+          paths: '["**/*.go", "**/*.mod", "**/*.sum"]'
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
+      -
+        name: Skipping test
+        run: echo Should I skip tests? ${{ steps.skip_check.outputs.should_skip }}
+
+  go_test:
+    needs: should_run_go_test
+    if: ${{ needs.should_run_test.outputs.should_skip != 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Check out repository code
+        uses: actions/checkout@v2
+      -
+        name: Setup Golang
+        uses: actions/[email protected]
+        with:
+          go-version: 1.18
+      -
+        name: Display go version
+        run: go version
+      -
+        name: Get data from build cache
+        uses: actions/cache@v2
+        with:
+          # In order:
+          # * Module download cache
+          # * Build cache (Linux)
+          # * Build cache (Mac)
+          # * Build cache (Windows)
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/go-build
+            ~/Library/Caches/go-build
+            ~\AppData\Local\go-build
+          key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-${{ matrix.go-version }}-
+      -
+        name: Run all tests
+        run: make test-unit

.gitignore

@@ -3,4 +3,5 @@
 /.idea/
 /target/
 /release/
-/build/
+/build/
+/cover.out