diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..fcca882
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,3 @@
+# These owners will be the default owners for everything in
+# the repo. Unless a later match takes precedence,
+* @cloudoperators/Administrators
diff --git a/.github/ISSUE_TEMPLATE/bug-report.yaml b/.github/ISSUE_TEMPLATE/bug-report.yaml
new file mode 100644
index 0000000..3526f39
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug-report.yaml
@@ -0,0 +1,66 @@
+name: "đ Bug Report"
+description: Create a new ticket for a bug experienced in Greenhouse.
+title: "đ [BUG] -
"
+labels: [
+ "bug",
+]
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Thanks for reporting an issue you experienced with the Greenhouse platform.
+
+ Please complete the below form to ensure we have the necessary details to assist you.
+ - type: dropdown
+ id: priority
+ attributes:
+ label: Priority
+ description: Let us know how this issue is affecting you
+ options:
+ - (Low) Something is a little off
+ - (Medium) I'm annoyed but I'll live
+ - (Urgent) I can't use Greenhouse
+ - type: textarea
+ id: description
+ attributes:
+ label: "Description"
+ description: Please enter an explicit description of your issue
+ placeholder: Short and explicit description of your incident...
+ validations:
+ required: true
+ - type: textarea
+ id: reprod
+ attributes:
+ label: "Reproduction steps"
+ description: Please enter an explicit description of your issue
+ value: |
+ 1. Go to '...'
+ 2. Click on '....'
+ 3. Scroll down to '....'
+ 4. See error
+ render: bash
+ validations:
+ required: true
+ - type: textarea
+ id: manifests
+ attributes:
+ label: "Manifests"
+ description: If applicable, add manifests to help reproduce your problem.
+ value: |
+ ```yaml
+ apiVersion: greenhouse.sap/v1alpha1
+ kind: ...
+ ```
+ render: yaml
+ validations:
+ required: false
+ - type: textarea
+ id: screenshot
+ attributes:
+ label: "Screenshots"
+ description: If applicable, add screenshots to help explain your problem.
+ value: |
+ ![DESCRIPTION](LINK.png)
+ render: bash
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/config.yaml b/.github/ISSUE_TEMPLATE/config.yaml
new file mode 100644
index 0000000..0086358
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yaml
@@ -0,0 +1 @@
+blank_issues_enabled: true
diff --git a/.github/ISSUE_TEMPLATE/feature-request.yaml b/.github/ISSUE_TEMPLATE/feature-request.yaml
new file mode 100644
index 0000000..06d8baa
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature-request.yaml
@@ -0,0 +1,38 @@
+name: "đĄ Feature Request"
+description: Create a ticket requesting a new feature
+title: "[FEAT] - "
+labels: [
+ "feature"
+]
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Thanks for requesting an awesome new feature!
+
+ Your input means a lot to us, and we're excited to explore the possibilities and see how we can make it happen.
+ - type: dropdown
+ id: priority
+ attributes:
+ label: Priority
+ description: Let us know how the lack of this feature is affecting you
+ options:
+ - (Low) Something is a little off
+ - (Medium) I'm annoyed but I'll live
+ - (Urgent) I can't use the Greenhouse without
+ - type: textarea
+ id: description
+ attributes:
+ label: "Description"
+ description: Provide a clear and concise description of the feature you're requesting
+ placeholder: Short and explicit description of your feature.
+ validations:
+ required: true
+ - type: textarea
+ id: reference_issues
+ attributes:
+ label: "Reference Issues"
+ description: Common issues
+ placeholder: "#Issues IDs"
+ validations:
+ required: false
diff --git a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
new file mode 100644
index 0000000..cff99e6
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
@@ -0,0 +1,59 @@
+## Description
+
+
+Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.
+
+## What type of PR is this? (check all applicable)
+
+- [ ] đ Feature
+- [ ] đ Bug Fix
+- [ ] đ Documentation Update
+- [ ] đ¨ Style
+- [ ] đ§âđģ Code Refactor
+- [ ] đĨ Performance Improvements
+- [ ] â
Test
+- [ ] đ¤ Build
+- [ ] đ CI
+- [ ] đĻ Chore (Release)
+- [ ] ⊠Revert
+
+## Related Tickets & Documents
+
+
+- Related Issue # (issue)
+- Closes # (issue)
+- Fixes # (issue)
+
+> Remove if not applicable
+
+## Added tests?
+
+- [ ] đ yes
+- [ ] đ
no, because they aren't needed
+- [ ] đ no, because I need help
+- [ ] Separate ticket for tests # (issue/pr)
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
+
+## Added to documentation?
+
+- [ ] đ README.md
+- [ ] đ¤ Documentation pages updated
+- [ ] đ
no documentation needed
+- [ ] (if applicable) generated OpenAPI docs for CRD changes
+
+## Checklist
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
diff --git a/.github/licenserc.yaml b/.github/licenserc.yaml
new file mode 100644
index 0000000..2d24f56
--- /dev/null
+++ b/.github/licenserc.yaml
@@ -0,0 +1,54 @@
+header:
+ license:
+ spdx-id: Apache-2.0
+ content: |
+ SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+ SPDX-License-Identifier: Apache-2.0
+
+ paths: # `paths` are the path list that will be checked (and fixed) by license-eye, default is ['**'].
+ - '**'
+
+ paths-ignore:
+ - '.github/**'
+ - '.reuse/dep5'
+ - 'LICENSES/*.txt'
+ - 'grafana/*.json'
+ - 'website/scripts/**'
+ - 'hack/**'
+ - 'hack/openapi-generator/openapi-info.yaml'
+ - 'hack/boilerplate.go.txt'
+ - 'docs/**'
+ - '**/*.md'
+ - 'LICENSE'
+ - 'NOTICE'
+ - 'PROJECT'
+ - '**/*.gitignore'
+ - '**/*.helmignore'
+ - '**/*.tpl'
+ - '**/go.mod'
+ - '**/go.sum'
+ - '**/*.lock'
+ - '**/*.json'
+ - '**/.gitkeep'
+ - '**/*.txt'
+ - '*Dockerfile*'
+ - 'Makefile'
+ - 'pkg/idproxy/web/**'
+ - 'pkg/apis/scheme_builder.go' # Belongs to the Kubernetes authors
+ - 'cmd/tcp-proxy/main.go' # MIT License
+ - 'pkg/tcp-proxy/proxy/*.go' # MIT License
+ - '**/zz_generated.deepcopy.go' # Generated by Kubebuilder
+ - 'charts/**/templates/*.yaml' # license headers on helm templates are causing issues
+
+
+ comment: on-failure
+
+ # license-location-threshold specifies the index threshold where the license header can be located,
+ # after all, a "header" cannot be TOO far from the file start.
+ license-location-threshold: 80
+
+ language:
+ JSX:
+ extensions:
+ - ".jsx"
+ comment_style_id: SlashAsterisk
diff --git a/.github/renovate.json b/.github/renovate.json
new file mode 100644
index 0000000..1a60123
--- /dev/null
+++ b/.github/renovate.json
@@ -0,0 +1,86 @@
+{
+ "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+ "assigneesFromCodeOwners": true,
+ "extends": [
+ "config:recommended"
+ ],
+ "constraints": {
+ "go": "1.21"
+ },
+ "packageRules": [
+ {
+ "groupName": "github actions",
+ "matchManagers": ["github-actions"],
+ "matchUpdateTypes": ["major", "minor"],
+ "extends": [
+ "helpers:pinGitHubActionDigests"
+ ],
+ "minimumReleaseAge": "14 days"
+ },
+ {
+ "groupName": "npm dependencies",
+ "matchDatasources": [
+ "npm"
+ ],
+ "minimumReleaseAge": "14 days"
+ },
+ {
+ "groupName": "golang",
+ "matchDatasources": ["docker", "go-version"],
+ "matchPackagePatterns": ["golang"],
+ "minimumReleaseAge": "14 days"
+ },
+ {
+ "groupName": "kubernetes packages",
+ "groupSlug": "kubernetes-go",
+ "matchDatasources": [
+ "go"
+ ],
+ "matchUpdateTypes": ["major", "minor"],
+ "matchPackagePrefixes": [
+ "k8s.io/api",
+ "k8s.io/apiextensions-apiserver",
+ "k8s.io/apimachinery",
+ "k8s.io/apiserver",
+ "k8s.io/cli-runtime",
+ "k8s.io/client-go",
+ "k8s.io/cloud-provider",
+ "k8s.io/cluster-bootstrap",
+ "k8s.io/code-generator",
+ "k8s.io/component-base",
+ "k8s.io/controller-manager",
+ "k8s.io/cri-api",
+ "k8s.io/csi-translation-lib",
+ "k8s.io/kube-aggregator",
+ "k8s.io/kube-controller-manager",
+ "k8s.io/kube-proxy",
+ "k8s.io/kube-scheduler",
+ "k8s.io/kubectl",
+ "k8s.io/kubelet",
+ "k8s.io/legacy-cloud-providers",
+ "k8s.io/metrics",
+ "k8s.io/mount-utils",
+ "k8s.io/pod-security-admission",
+ "k8s.io/sample-apiserver",
+ "k8s.io/sample-cli-plugin",
+ "k8s.io/sample-controller",
+ "sigs.k8s.io/controller-runtime"
+ ],
+ "minimumReleaseAge": "14 days"
+ }
+ ],
+ "postUpdateOptions": [
+ "gomodTidy",
+ "gomodUpdateImportPaths"
+ ],
+ "separateMinorPatch": true,
+ "customManagers": [
+ {
+ "customType": "regex",
+ "fileMatch": ["Makefile$", "\\.sh$"],
+ "matchStrings": [
+ "# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[^\\s]+?))?(?: extractVersion=(?[^\\s]+?))?(?: registryUrl=(?[^\\s]+?))?\\s.+?_(VERSION|version) *[?:]?= *\"?(?.+?)\"?\\s"
+ ]
+ }
+ ]
+}
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 0000000..b25e5fc
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,79 @@
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ types: [ opened, synchronize, reopened ]
+ schedule:
+ - cron: '20 08 * * 1'
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: [ default ]
+ timeout-minutes: 360
+ permissions:
+ # required for all workflows
+ security-events: write
+ # only required for workflows in private repositories
+ actions: read
+ contents: read
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'go' ]
+ # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+ # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
+ # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+ # node-version: [ node ]
+ go-version: [ '1.21' ]
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Set up Go
+ uses: actions/setup-go@v5
+ with:
+ go-version: ${{ matrix.go-version }}
+
+ # - name: Use Node.js ${{ matrix.node-version }}
+ # uses: actions/setup-node@v4
+ # with:
+ # node-version: ${{ matrix.node-version }}
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+
+ # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ # queries: security-extended,security-and-quality
+
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v3
+
+ # âšī¸ Command-line programs to run using the OS shell.
+ # đ See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+ # If the Autobuild fails above, remove it and uncomment the following three lines.
+ # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+ # - run: |
+ # echo "Run, Build Application using script"
+ # ./location_of_script_within_repo/buildscript.sh
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
+ with:
+ category: "/language:${{matrix.language}}"
\ No newline at end of file
diff --git a/.github/workflows/license.yaml b/.github/workflows/license.yaml
new file mode 100644
index 0000000..9b8baf9
--- /dev/null
+++ b/.github/workflows/license.yaml
@@ -0,0 +1,32 @@
+name: Check & Fix License Header
+on:
+ pull_request:
+ types: [opened, synchronize, reopened]
+
+jobs:
+ build-license-eye:
+ name: Build LicenseEye
+ runs-on: [ default ]
+ permissions:
+ contents: write
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Check License Header
+ uses: apache/skywalking-eyes/header@v0.6.0
+ with:
+ config: .github/licenserc.yaml
+ mode: fix
+
+ - name: Apply Changes
+ uses: EndBug/add-and-commit@v9
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ with:
+ author_name: License Bot
+ author_email: license_bot@github.com
+ message: 'Automatic application of license header'
diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml
new file mode 100644
index 0000000..3fc4437
--- /dev/null
+++ b/.github/workflows/stale.yaml
@@ -0,0 +1,28 @@
+name: Close inactive issues
+on:
+ schedule:
+ - cron: "35 1 * * *"
+
+jobs:
+ close-issues:
+ runs-on: [ default ]
+ permissions:
+ issues: write
+ pull-requests: write
+ steps:
+ - uses: actions/stale@v9
+ with:
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ days-before-issue-stale: 90
+ days-before-issue-close: 14
+ days-before-pr-stale: 45
+ days-before-pr-close: 14
+ stale-issue-label: "stale"
+ stale-issue-message: "This issue is stale because it has been open for 90 days with no activity."
+ close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale."
+ stale-pr-label: 'stale'
+ stale-pr-message: "This PR is stale because it has been open for 45 days with no activity."
+ close-pr-message: "This PR was closed because it has been inactive for 14 days since being marked as stale."
+ exempt-issue-labels: "pinned,security,backlog,bug"
+ exempt-pr-labels: "pinned,security,backlog,bug"
+ exempt-draft-pr: true
\ No newline at end of file