projectdiscovery · ehsandeep · Feb 9, 2022 · Feb 9, 2022 · Feb 9, 2022
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -15,16 +15,20 @@ updates:
     commit-message:
       prefix: "chore"
       include: "scope"
+    labels:
+      - "Type: Maintenance"
 
   # Maintain dependencies for go modules
   - package-ecosystem: "gomod"
     directory: "/"
     schedule:
-      interval: "weekly"
+      interval: "daily"
     target-branch: "dev"
     commit-message:
       prefix: "chore"
       include: "scope"
+    labels:
+      - "Type: Maintenance"
 
   # Maintain dependencies for docker
   - package-ecosystem: "docker"
@@ -34,4 +38,6 @@ updates:
     target-branch: "dev"
     commit-message:
       prefix: "chore"
-      include: "scope"
+      include: "scope"
+    labels:
+      - "Type: Maintenance"
diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml
@@ -4,23 +4,37 @@ on:
   pull_request:
   workflow_dispatch:
 
-
 jobs:  
   build:
     name: Test Builds
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest, macOS-latest]
     steps:
-      - uses: actions/setup-go@v2
+      - name: Set up Go
+        uses: actions/setup-go@v2
         with:
           go-version: 1.17
 
       - name: Check out code
         uses: actions/checkout@v2
 
+      - name: Build
+        run: go build ./...
+        working-directory: v2/
+
       - name: Test
-        run: go test .
-        working-directory: v2/cmd/subfinder/
+        run: go test ./...
+        working-directory: v2/
 
-      - name: Build
-        run: go build .
-        working-directory: v2/cmd/subfinder/
+      # Todo
+      # - name: Integration Tests
+      #   env:
+      #     GH_ACTION: true
+      #   run: bash run.sh
+      #   working-directory: integration_tests/
+
+      - name: Race Condition Tests
+        run: go build -race ./...
+        working-directory: v2/
diff --git a/.github/workflows/release-binary.yml b/.github/workflows/release-binary.yml
@@ -8,17 +8,21 @@ jobs:
   release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-
-      - uses: actions/setup-go@v2
-        with:
+      - name: "Check out code"
+        uses: actions/checkout@v2
+        with: 
+          fetch-depth: 0
+
+      - name: "Set up Go"
+        uses: actions/setup-go@v2
+        with: 
           go-version: 1.17
-      -
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-        name: "Create release on GitHub"
+
+      - name: "Create release on GitHub"
         uses: goreleaser/goreleaser-action@v2
         with:
           args: "release --rm-dist"
           version: latest
           workdir: v2/
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -0,0 +1,40 @@
+name: 👮🏼‍♂️ Sonarcloud
+on:
+  push:
+    branches:
+      - master
+      - dev
+  pull_request:
+    types: [opened, synchronize, reopened]
+  workflow_dispatch:
+
+jobs:
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: "Set up Go"
+        uses: actions/setup-go@v2
+        with: 
+          go-version: 1.17
+
+      - name: Run unit Tests
+        working-directory: v2/
+        run: |
+          go test -coverprofile=./cov.out ./...
+
+      - name: Run Gosec Security Scanner
+        working-directory: v2/
+        run: |
+          go install github.com/securego/gosec/cmd/gosec@latest
+          gosec -no-fail -fmt=sonarqube -out report.json ./...
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,16 @@
+sonar.projectKey=projectdiscovery_subfinder
+sonar.organization=projectdiscovery
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=dnsx
+#sonar.projectVersion=1.0
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+sonar.sources=v2/
+sonar.tests=v2/
+sonar.test.inclusions=**/*_test.go
+sonar.go.coverage.reportPaths=v2/cov.out
+sonar.externalIssuesReportPaths=v2/report.json
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8