.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,6 +1,6 @@
 ---
 name: Bug report
-about: Create a bug report to help us solve the issue
+about: Create a bug report to help us solve the issue.
 title: "[BUG]"
 labels: bug
 assignees: ''
@@ -11,12 +11,12 @@ assignees: ''
 A clear and concise description of what the bug is.
 
 **To Reproduce**
-Steps to reproduce the behavior, ideally a minimal working working example `main.go`.
+Steps to reproduce the behavior, ideally a minimal working example `main.go`.
 
 **Expected behavior**
 A clear and concise description of what you expected to happen.
 
-**System details (please complete the following information):**
+**System details (please complete the following information)**
  - OS (with version): [e.g. OS X 14.2.1, Ubuntu 22.04]
  - SDK Version [e.g. v1.0.2]
 

.github/ISSUE_TEMPLATE/config.yml

@@ -2,4 +2,4 @@ blank_issues_enabled: false
 contact_links:
   - name: Nobl9 Support
     url: https://www.nobl9.com/contact/support
-    about: If you need help related to the whole Nobl9 platform or want to problem to remain private, contact us here.
+    about: If you need help related to the whole Nobl9 platform or want the problem to remain private, contact us here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,6 +1,6 @@
 ---
 name: Feature request
-about: Suggest an idea to help us improve the SDK
+about: Suggest an idea to help us improve the SDK.
 title: "[FEAT]"
 labels: enhancement
 assignees: ''

.github/pull_request_template.md

@@ -1,6 +1,7 @@
 ## Motivation
 
-Describe what is the motivation behind the proposed changes. If possible reference the current solution/state of affairs.
+Describe what is the motivation behind the proposed changes.
+If possible reference the current solution/state of affairs.
 
 ## Summary
 
@@ -13,13 +14,13 @@ List related changes from other PRs (if any).
 ## Testing
 
 - Describe how to check introduced code changes manually. Simple `main.go` which takes advantage of the introduced changes is preferred (if possible and useful).
-- Take care of test coverage on unit, integration or even end-to-end tests level.
+- Take care of test coverage on unit, integration or even end-to-end levels.
 
-## Checklist
+## Release Notes
 
-- [ ] Include this change in Release Notes?
-  - If yes, write 1-3 sentences about the changes here and explicitly list all changes that can surprise our users.
-- [ ] Are these changes required to be in sync with the API? Example of such can be extending a `manifest.Object` with a new field.
-      It won't be usable until Nobl9 platform version is rolled out which can handle this field.
-  - If yes, **MUST NOT** create an official release, use a pre-release version, like `v1.1.0-rc1` instead.
-  - If the changes are independent of Nobl9 platform version, you can release an offical version, like `v1.1.0`.
+If this change should be part of the Release Notes,
+**replace this entire paragraph** with 1-3 sentences about the changes.
+Otherwise, you **MUST** remove this section entirely.
+
+Does this PR contain any breaking changes?
+If so, add `## Breaking Changes` header and list the introduced changes there.

.github/release-drafter.yml

@@ -0,0 +1,85 @@
+name-template: "v$RESOLVED_VERSION"
+tag-template: "v$RESOLVED_VERSION"
+categories:
+  - title: ⚠️  Breaking Changes
+    labels:
+      - breaking-change
+  - title: 🚀 Features
+    labels:
+      - enhancement
+  - title: 💻 Fixed Vulnerabilities
+    labels:
+      - security
+  - title: 🐞 Bug Fixes
+    labels:
+      - bug
+  - title: 🧰 Maintenance
+    collapse-after: 3
+    labels:
+      - chore
+      - infrastructure
+      - dependencies
+change-template: "- $TITLE (#$NUMBER) @$AUTHOR"
+change-title-escapes: '\<*_&' # You can add # and @ to disable mentions, and add ` to disable code blocks.
+version-resolver:
+  major:
+    labels:
+      - major
+  minor:
+    labels:
+      - minor
+  patch:
+    labels:
+      - patch
+  default: patch
+autolabeler:
+  # Pull requests scope.
+  - label: enhancement
+    title:
+      - "/^feat:/i"
+  - label: chore
+    title:
+      - "/^chore:/i"
+  - label: infrastructure
+    title:
+      - "/^infra:/i"
+  - label: security
+    title:
+      - "/^sec:/i"
+  - label: bug
+    title:
+      - "/^fix:/i"
+  - label: documentation
+    title:
+      - "/^doc:/i"
+  # Version labels.
+  - label: minor
+    title:
+      - "/^feat:/i"
+  - label: patch
+    title:
+      - "/^fix:/i"
+      - "/^sec:/i"
+      - "/^chore:/i"
+    branch:
+      - '/^renovate_/'
+  # Languages detection.
+  - label: go
+    files:
+      - '*.go'
+      - 'go.mod'
+      - 'go.sum'
+  - label: python
+    files:
+      - '*.py'
+  - label: javascript
+    files:
+      - '*.js'
+replacers:
+  # Remove unlabeled or uncategorized PRs.
+  - search: "/# What's Changed.*?\\n## /s"
+    replace: "# What's Changed\n\n## "
+template: |
+  # What's Changed
+
+  $CHANGES

.github/renovate.json5

@@ -5,6 +5,10 @@
     ":enableVulnerabilityAlertsWithLabel(security)", // https://docs.renovatebot.com/presets-default/#enablevulnerabilityalertswithlabelarg0
     "group:recommended", // https://docs.renovatebot.com/presets-group/#grouprecommended
     "workarounds:all", // https://docs.renovatebot.com/presets-workarounds/#workaroundsall
+    // Automerge configuration.
+    ":automergeMinor",
+    ":automergePr",
+    ":automergeRequireAllStatusChecks",
   ],
   "reviewersFromCodeOwners": true,
   "dependencyDashboard": true,
@@ -15,6 +19,9 @@
   "rebaseWhen": "conflicted",
   "rangeStrategy": "pin",
   "branchPrefix": "renovate_",
+  "commitMessagePrefix": "chore:",
+  // This will run go mod tidy after each go.mod update.
+  "postUpdateOptions": ["gomodTidy"],
   "packageRules": [
     // Groups:
     {
@@ -39,8 +46,6 @@
       "addLabels": ["javascript"],
     },
   ],
-  // This will run go mod tidy after each go.mod update.
-  "postUpdateOptions": ["gomodTidy"],
   // Custom version extraction from Makefile.
   "regexManagers": [
     {

.github/scripts/release-notes.sh

@@ -0,0 +1,78 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+if [ "$#" -ne 1 ]; then
+	echo "Provide a single argument with a version of the release draft to use." >&2
+	echo "Usage: $0 <VERSION>"
+	exit 1
+fi
+
+VERSION="$1"
+
+RELEASE_NOTES=$(gh release view "$VERSION" --json body --jq .body)
+
+BREAKING_CHANGES_HEADER="Breaking Changes"
+RELEASE_NOTES_HEADER="Release Notes"
+
+commit_message_re="-\s(.*)\s(\(#[0-9]+\)\s@.*)"
+rls_header_re="^##.*(Features|$BREAKING_CHANGES_HEADER|Bug Fixes|Fixed Vulnerabilities)"
+
+extract_header() {
+	local commit="$1"
+	local header_name="$2"
+	awk "
+    /^\s?$/ {next}
+    /^## $header_name/ {rn=1}
+    rn && !/^##/ && !/^--+/ {print};
+    /^--+/ {rn=0};
+    /^##/ && !/^## $header_name/ {rn=0}" <<<"$commit"
+}
+
+indent() {
+	while IFS= read -r line; do
+		printf "  %s\n" "${line%"${line##*[![:space:]]}"}"
+	done <<<"$1"
+}
+
+new_notes=""
+rls_header=""
+while IFS= read -r line; do
+	new_notes+="$line\n"
+	if [[ $line == \##* ]]; then
+		if ! [[ $line =~ $rls_header_re ]]; then
+			rls_header=""
+			continue
+		fi
+		rls_header="${BASH_REMATCH[1]}"
+	fi
+	if [[ $rls_header == "" ]] || [[ $line != -* ]] || [[ $line == *"@renovate"* ]]; then
+		continue
+	fi
+	if ! [[ $line =~ $commit_message_re ]]; then
+		continue
+	fi
+	commit_msg="${BASH_REMATCH[1]}"
+	commit_body=$(git log -F --grep "$commit_msg" -n1 --pretty="%b")
+
+	add_notes() {
+		local notes="$1"
+		if [[ $notes != "" ]]; then
+			new_notes+=$(indent "> $notes")
+			new_notes+="\n"
+		fi
+	}
+
+	rn=$(extract_header "$commit_body" "$RELEASE_NOTES_HEADER")
+	bc=$(extract_header "$commit_body" "$BREAKING_CHANGES_HEADER")
+
+	case $rls_header in
+	"$BREAKING_CHANGES_HEADER") add_notes "$bc" ;;
+	*) add_notes "$rn" ;;
+	esac
+
+done <<<"$RELEASE_NOTES"
+
+echo "Uploading release notes for $VERSION"
+# shellcheck disable=2059
+printf "$new_notes" | gh release edit "$VERSION" --verify-tag -F -

.github/workflows/checks.yml

@@ -24,7 +24,7 @@ jobs:
       - name: Set up yarn cache
         id: yarn-cache
         run: echo "::set-output name=dir::$(yarn cache dir)"
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: ${{ steps.yarn-cache.outputs.dir }}
           key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}

.github/workflows/pr-title.yml

@@ -0,0 +1,13 @@
+on:
+  pull_request:
+    types: [opened, reopened, edited, synchronize]
+  merge_group:
+name: pr-title
+jobs:
+  pr-title-check:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: Slashgear/action-check-pr-title@v4.3.0
+      with:
+        regexp: "(feat|fix|sec|infra|test|chore|doc): .{5,}"
+        helpMessage: "Example: 'feat: new pr title check BE-143' <- prefix, colon, space, PR title of at least 5 chars (with ticket number strongly suggested, but not mandatory)"

.github/workflows/release-drafter.yml

@@ -0,0 +1,37 @@
+name: Release Drafter
+
+on:
+  push:
+    branches:
+      - main
+  # pull_request event is required only for autolabeler
+  # 'edited' event is required to account for initial invalid PR names
+  pull_request:
+    types: [opened, reopened, synchronize, edited]
+
+permissions:
+  contents: read
+
+jobs:
+  update_release_draft:
+    permissions:
+      # write permission is required to create a github release
+      contents: write
+      # write permission is required for autolabeler
+      # otherwise, read permission is required at least
+      pull-requests: write
+    runs-on: ubuntu-latest
+    env:
+      GITHUB_TOKEN: ${{ secrets.RELEASE_LABELER_TOKEN }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: main
+          fetch-depth: 0
+      # Drafts your next Release notes as Pull Requests are merged into "main"
+      - id: drafter
+        uses: release-drafter/release-drafter@v6
+      - name: Add release notes to the draft
+        if: github.event_name == 'push'
+        run: .github/scripts/release-notes.sh ${{ steps.drafter.outputs.tag_name }}

.markdownlint.yaml

@@ -0,0 +1,10 @@
+MD010:
+  code_blocks: false
+  spaces_per_tab: 1
+MD013:
+  line_length: 80
+  heading_line_length: 80
+  code_block_line_length: 120
+  code_blocks: true
+MD024:
+  siblings_only: true

Makefile

@@ -6,13 +6,13 @@ BIN_DIR := ./bin
 # renovate datasource=github-releases depName=abice/go-enum
 GO_ENUM_VERSION := v0.6.0
 # renovate datasource=github-releases depName=securego/gosec
-GOSEC_VERSION := v2.18.2
+GOSEC_VERSION := v2.19.0
 # renovate datasource=github-releases depName=golangci/golangci-lint
-GOLANGCI_LINT_VERSION := v1.55.2
+GOLANGCI_LINT_VERSION := v1.56.0
 # renovate datasource=go depName=golang.org/x/vuln/cmd/govulncheck
-GOVULNCHECK_VERSION := v1.0.1
+GOVULNCHECK_VERSION := v1.0.4
 # renovate datasource=go depName=golang.org/x/tools/cmd/goimports
-GOIMPORTS_VERSION := v0.16.1
+GOIMPORTS_VERSION := v0.18.0
 
 # Check if the program is present in $PATH and install otherwise.
 # ${1} - oneOf{binary,yarn}
@@ -81,7 +81,7 @@ check/trailing:
 check/markdown:
 	$(call _print_check_step,Verifying Markdown files)
 	$(call _ensure_installed,yarn,markdownlint)
-	yarn --silent markdownlint '*.md' --disable MD010 # MD010 does not handle code blocks well.
+	yarn --silent markdownlint '**/*.md' --ignore node_modules
 
 ## Check for potential vulnerabilities across all Go dependencies.
 check/vulns:

cspell.yaml

@@ -39,6 +39,8 @@ words:
   - auseg9kiegwketjzc416
   - authdata
   - awsiam
+  - budgetadjustment
+  - byday
   - clientcreds
   - codeowners
   - consumergroup
@@ -98,7 +100,9 @@ words:
   - rolebinding
   - rollup
   - rollups
+  - rrule
   - rtmp
+  - serdeutil
   - serviceruntime
   - slis
   - sloctl
@@ -111,6 +115,7 @@ words:
   - stimeslice
   - strconv
   - structs
+  - submatches
   - sumologic
   - testutils
   - timeseries