cleanup ci, adjust indentation, fix version comments and update hashes

Signed-off-by: cpanato <[email protected]>

.github/workflows/codeql-analysis.yaml

@@ -1,22 +1,12 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
   push:
-    branches: [ main ]
+    branches:
+      - main
   pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ main ]
+    branches:
+      - main
   schedule:
     - cron: '28 11 * * 2'
 
@@ -32,40 +22,16 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
+        language:
+          - go
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Checkout repository
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@d23060145bc9131d50558d5d4185494a20208101 # v2.2.8
+        with:
+          languages: ${{ matrix.language }}
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@d23060145bc9131d50558d5d4185494a20208101 # v2.2.8
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@d23060145bc9131d50558d5d4185494a20208101 # v2.2.8

.github/workflows/docker-image.yaml

@@ -17,26 +17,26 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v3.0.2
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           fetch-depth: 0
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 #v2.1.0
+        uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
 
       - name: Set up Docker Buildx
         id: Buildx
-        uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 #v2.2.1
+        uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0
 
       - name: Login to Docker Hub
-        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a #v2.1.0
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
         with:
           username: ${{ secrets.DOCKERHUB_USER }}
           password: ${{ secrets.DOCKERHUB_SECRET }}
-      
+
       - name: Docker Meta
         id: meta_falcoctl
-        uses: docker/metadata-action@57396166ad8aefe6098280995947635806a0e6ea #v4.1.1
+        uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96 # v4.3.0
         with:
           # list of Docker images to use as base name for tags
           images: |
@@ -46,8 +46,9 @@ jobs:
             type=semver,pattern={{ version }}
             type=semver,pattern={{ major }}
             type=semver,pattern={{ major }}.{{ minor }}
-      - name: Build and push 
-        uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 #v3.2.0
+
+      - name: Build and push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0
         with:
           context: .
           platforms: linux/amd64,linux/arm64

.github/workflows/integration.yaml

@@ -2,58 +2,63 @@ name: Integration Pipeline
 
 on:
   push:
-    branches: [main]
+    branches:
+      - main
   pull_request:
 
 jobs:
   build:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        goos: [linux, darwin, windows]
-        goarch: [arm64, amd64]
+        goos:
+          - linux
+          - darwin
+          - windows
+        goarch:
+          - arm64
+          - amd64
         exclude:
           - goarch: arm64
             goos: windows
     steps:
-    - name: Checkout commit
-      uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v3.0.2
-      with:
-        fetch-depth: 0
+      - name: Checkout commit
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
+        with:
+          fetch-depth: 0
 
-    - name: Setup Go
-      uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a #v3.2.1
-      with:
-        go-version: 1.19
+      - name: Setup Go
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
+        with:
           go-version: '1.20'
           check-latest: true
 
-    - name: Build Falcoctl
-      run: >
-        go build -ldflags="-s -w" -o falcoctl-${{ matrix.goos }}-${{ matrix.goarch }} .
-      env:
-        CGO_ENABLED: 0
-        GOOS: ${{ matrix.goos }}
-        GOARCH: ${{ matrix.goarch }}
+      - name: Build Falcoctl
+        run: >
+          go build -ldflags="-s -w" -o falcoctl-${{ matrix.goos }}-${{ matrix.goarch }} .
+        env:
+          CGO_ENABLED: 0
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
 
-    - name: Create Archives
-      run: |
-        cp falcoctl-${{ matrix.goos }}-${{ matrix.goarch }} falcoctl
-        tar -czvf falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz falcoctl LICENSE
+      - name: Create Archives
+        run: |
+          cp falcoctl-${{ matrix.goos }}-${{ matrix.goarch }} falcoctl
+          tar -czvf falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz falcoctl LICENSE
 
-    - name: Upload falcoctl artifacts
-      uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 #v3.1.0
-      with:
-        name: falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}
-        path: ./falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}
-        retention-days: 1
+      - name: Upload falcoctl artifacts
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        with:
+          name: falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}
+          path: ./falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}
+          retention-days: 1
 
-    - name: Upload falcoctl archives
-      uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 #v3.1.0
-      with:
-        name: falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
-        path: ./falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
-        retention-days: 1
+      - name: Upload falcoctl archives
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        with:
+          name: falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
+          path: ./falcoctl-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
+          retention-days: 1
 
   docker-configure:
     if: ${{ github.event_name == 'push' }}
@@ -85,10 +90,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout commit
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v3.0.2
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Setup Go
-        uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a #v3.2.1
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true

.github/workflows/lint.yaml

@@ -8,23 +8,23 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
           persist-credentials: false
 
       - name: Setup Go
-        uses: actions/setup-go@v1
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
 
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3.2.0
+        uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # v3.4.0
         with:
           only-new-issues: true
-          version: v1.48.0
+          version: v1.52
           args: --timeout=900s
 
   gomodtidy:
@@ -33,14 +33,14 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           ref: "${{ github.event.pull_request.head.sha }}"
           repository: ${{github.event.pull_request.head.repo.full_name}}
           persist-credentials: false
 
       - name: Setup Go
-        uses: actions/setup-go@v1
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -55,7 +55,7 @@ jobs:
       - name: Print a comment in case of failure
         run: |
           echo "The go.mod and/or go.sum files appear not to be correctly tidied.
-          
+
           Please, rerun go mod tidy to fix the issues."
           exit 1
         if: |

.github/workflows/release.yaml

@@ -14,25 +14,25 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v3.0.2
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           fetch-depth: 0
 
       - name: Fetch all tags
         run: git fetch --force --tags
 
       - name: Setup Go
-        uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a #v3.2.1
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@68acf3b1adf004ac9c2f0a4259e85c5f66e99bef #v3.0.0
+        uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0
         with:
           distribution: goreleaser
-          version: v1.10.3
-          args: release --rm-dist
+          version: latest
+          args: release --clean
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

.goreleaser.yml

@@ -6,16 +6,16 @@ before:
 builds:
   - id: "falcoctl"
     goos:
-    - linux
-    - darwin
-    - windows
+      - linux
+      - darwin
+      - windows
     goarch:
-    - amd64
-    - 386
-    - arm64
+      - amd64
+      - 386
+      - arm64
     ignore:
-    - goos: darwin
-      goarch: 386
+      - goos: darwin
+        goarch: 386
 
     ldflags: |
       -X github.com/falcosecurity/falcoctl/cmd/version.buildDate={{ .Date }}
@@ -38,9 +38,8 @@ snapshot:
   name_template: "{{ .ShortCommit }}"
 
 release:
-  github:
   prerelease: auto
   mode: replace
 
 changelog:
-  use: github
+  use: github-native