From 28fc2e94f700ec6006451ee4d72ae9994e41a0ee Mon Sep 17 00:00:00 2001
From: Jake Scott <jake@jakethesnake.dev>
Date: Tue, 27 Aug 2024 17:10:57 -0400
Subject: [PATCH] Include QoP and add Github workflows

---
 .github/dependabot.yml                |  8 ++++
 .github/scripts/gofmt                 | 22 +++++++++++
 .github/workflows/checks.yml          | 57 +++++++++++++++++++++++++++
 .github/workflows/coverage-report.yml | 55 ++++++++++++++++++++++++++
 .gitignore                            |  2 +
 .testcoverage.yml                     | 27 +++++++++++++
 Makefile                              |  2 +-
 v3/names_test.go                      |  6 +--
 v3/provider.go                        |  2 +
 v3/seccontext.go                      | 20 +++++-----
 10 files changed, 187 insertions(+), 14 deletions(-)
 create mode 100644 .github/dependabot.yml
 create mode 100755 .github/scripts/gofmt
 create mode 100644 .github/workflows/checks.yml
 create mode 100644 .github/workflows/coverage-report.yml
 create mode 100644 .testcoverage.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..4e07340
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: github-actions
+  directory: /v3
+  schedule:
+    interval: weekly
+  target-branch: "staging"
+  open-pull-requests-limit: 5
diff --git a/.github/scripts/gofmt b/.github/scripts/gofmt
new file mode 100755
index 0000000..1c62b25
--- /dev/null
+++ b/.github/scripts/gofmt
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+TMPDIR=$(mktemp -d)
+
+cleanup() {
+    rm -rf "${TMPDIR}"
+}
+
+trap cleanup EXIT
+
+
+gofmt -l -d . >${TMPDIR}/fmt.out
+
+if [ -s ${TMPDIR}/fmt.out ];
+then
+  echo "The following files are not formatted correctly:"
+  cat ${TMPDIR}/fmt.out
+  exit 1
+fi
+
+echo "gofmt-output=gofmt step successful" >>$GITHUB_OUTPUT
+exit 0
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
new file mode 100644
index 0000000..41ef421
--- /dev/null
+++ b/.github/workflows/checks.yml
@@ -0,0 +1,57 @@
+name: Checks
+
+on:
+  push:
+  pull_request:
+
+permissions:
+  contents: read
+    
+jobs:
+
+  consistency-checks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+  
+      - name: Set up Go 1.22
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.22.x
+
+      - name: Code format check
+        run: ./.github/scripts/gofmt
+
+      - uses: dominikh/staticcheck-action@v1.3.1
+        with:
+          working-directory: v3
+
+  basic-tests:
+    name: Basic tests
+    strategy:
+      matrix:
+#        os: ['windows-latest', 'ubuntu-latest']
+        os: ['ubuntu-latest']
+        go-version: ['1.21.x', '1.22.x' ]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Go ${{ matrix.go-version }}
+      uses: actions/setup-go@v5
+      with:
+        go-version: ${{ matrix.go-version }}
+
+    - name: Generate test includes
+      run: |
+        echo pkgs=$(cd v3 && go list ./... | grep -v /examples/) >> "$GITHUB_ENV"
+
+    - name: Run tests
+      run: cd v3 && go test $pkgs -count 100 -coverprofile=../cover.out -covermode=atomic
+
+    - name: Check test coverage
+      uses: vladopajic/go-test-coverage@v2
+      with:
+        config: ./.testcoverage.yml
diff --git a/.github/workflows/coverage-report.yml b/.github/workflows/coverage-report.yml
new file mode 100644
index 0000000..f9bb995
--- /dev/null
+++ b/.github/workflows/coverage-report.yml
@@ -0,0 +1,55 @@
+# Simple workflow for deploying static content to GitHub Pages
+name: Deploy static content to Pages
+
+on:
+  # Runs on pushes targeting the default branch
+  push:
+    branches: ["main"]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+concurrency:
+  group: "pages"
+  cancel-in-progress: true
+
+jobs:
+  # Single deploy job since we're just deploying
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Go '1.22.x'
+        uses: actions/setup-go@v5
+        with:
+            go-version: '1.22.x'
+      - name: Generate test includes
+        run: |
+          echo pkgs=$(go list ./... | grep -v /examples/) >> "$GITHUB_ENV"
+      - name: Generate coverage profile
+        run: |
+            go test $pkgs -count 100 -coverprofile=./cover.out -covermode=atomic
+      - name: Generate report
+        run: |
+            mkdir -p ./coverage
+            go tool cover -html=cover.out -o ./coverage/coverage.html
+      - name: Setup Pages
+        uses: actions/configure-pages@v5
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: ./coverage
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4
diff --git a/.gitignore b/.gitignore
index 801aeed..554b9ae 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,5 @@ examples/go/gss-server-go
 # Dependency directories (remove the comment below to include it)
 # vendor/
 #
+#
+toolbin/
diff --git a/.testcoverage.yml b/.testcoverage.yml
new file mode 100644
index 0000000..8819f87
--- /dev/null
+++ b/.testcoverage.yml
@@ -0,0 +1,27 @@
+# (mandatory) 
+# Path to coverprofile file (output of `go test -coverprofile` command).
+#
+# For cases where there are many coverage profiles, such as when running 
+# unit tests and integration tests separately, you can combine all those
+# profiles into one. In this case, the profile should have a comma-separated list 
+# of profile files, e.g., 'cover_unit.out,cover_integration.out'.
+profile: cover.out
+
+# (optional; but recommended to set) 
+# When specified reported file paths will not contain local prefix in the output
+local-prefix: "github.com/jake-scott/go-functional"
+
+# Holds coverage thresholds percentages, values should be in range [0-100]
+threshold:
+  # (optional; default 0) 
+  # The minimum coverage that each file should have
+  file: 75
+
+  # (optional; default 0) 
+  # The minimum coverage that each package should have
+  package: 85
+
+  # (optional; default 0) 
+  # The minimum total coverage project should have
+  total: 95
+
diff --git a/Makefile b/Makefile
index 6435a92..d8ed776 100644
--- a/Makefile
+++ b/Makefile
@@ -29,7 +29,7 @@ $(src_dir)/mechs_gen.go: build-tools/gen-gss-mech-oids.go $(src_dir)/mechs.go
 .PHONY: test
 test:
 	cd $(src_dir) && ../scripts/gofmt
-	${GO} test ./... -coverprofile=./cover.out -covermode=atomic
+	cd $(src_dir) && ${GO} test ./... -coverprofile=./cover.out -covermode=atomic
 
 
 .PHONY: lint
diff --git a/v3/names_test.go b/v3/names_test.go
index be49f09..d01dce2 100644
--- a/v3/names_test.go
+++ b/v3/names_test.go
@@ -20,7 +20,7 @@ func TestNtOid(t *testing.T) {
 	assert.Equal(Oid{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x01, 0x01}, oid)
 
 	badNt := GssNameType(100)
-	assert.PanicsWithValue(ErrBadNameType, func() { badNt.Oid() })
+	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.Oid() })
 }
 
 func TestNtOidString(t *testing.T) {
@@ -36,7 +36,7 @@ func TestNtOidString(t *testing.T) {
 	assert.Equal("1.2.840.113554.1.2.1.1", oid)
 
 	badNt := GssNameType(100)
-	assert.PanicsWithValue(ErrBadNameType, func() { badNt.OidString() })
+	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.OidString() })
 }
 
 func TestNtString(t *testing.T) {
@@ -52,7 +52,7 @@ func TestNtString(t *testing.T) {
 	assert.Equal("GSS_NT_USER_NAME", oid)
 
 	badNt := GssNameType(100)
-	assert.PanicsWithValue(ErrBadNameType, func() { badNt.String() })
+	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.String() })
 }
 
 func TestNameFromOid(t *testing.T) {
diff --git a/v3/provider.go b/v3/provider.go
index 18850d2..98e8243 100644
--- a/v3/provider.go
+++ b/v3/provider.go
@@ -40,6 +40,8 @@ func NewProvider(name string) Provider {
 	return f()
 }
 
+type QoP uint
+
 type InitSecContextOptions struct {
 	Credential Credential
 	Mech       GssMech
diff --git a/v3/seccontext.go b/v3/seccontext.go
index 45adc10..af3a75d 100644
--- a/v3/seccontext.go
+++ b/v3/seccontext.go
@@ -20,16 +20,16 @@ type SecContextInfo struct {
 }
 
 type SecContext interface {
-	Delete() ([]byte, error)                 // RFC 2743 § 2.2.3
-	ProcessToken([]byte) error               // RFC 2743 § 2.2.4
-	ExpiresAt() (*time.Time, error)          // RFC 2743 § 2.2.5
-	Inquire() (*SecContextInfo, error)       // RFC 2743 § 2.2.6
-	WrapSizeLimit(bool, uint) (uint, error)  // RFC 2743 § 2.2.7
-	Export() ([]byte, error)                 // RFC 2743 § 2.2.8
-	GetMIC([]byte) ([]byte, error)           // RFC 2743 § 2.3.1
-	VerifyMIC([]byte, []byte) error          // RFC 2743 § 2.3.2
-	Wrap([]byte, bool) ([]byte, bool, error) // RFC 2743 § 2.3.3
-	Unwrap([]byte) ([]byte, bool, error)     // RFC 2743 § 2.3.4
+	Delete() ([]byte, error)                      // RFC 2743 § 2.2.3
+	ProcessToken([]byte) error                    // RFC 2743 § 2.2.4
+	ExpiresAt() (*time.Time, error)               // RFC 2743 § 2.2.5
+	Inquire() (*SecContextInfo, error)            // RFC 2743 § 2.2.6
+	WrapSizeLimit(bool, uint, QoP) (uint, error)  // RFC 2743 § 2.2.7
+	Export() ([]byte, error)                      // RFC 2743 § 2.2.8
+	GetMIC([]byte, QoP) ([]byte, error)           // RFC 2743 § 2.3.1
+	VerifyMIC([]byte, []byte) (QoP, error)        // RFC 2743 § 2.3.2
+	Wrap([]byte, bool, QoP) ([]byte, bool, error) // RFC 2743 § 2.3.3
+	Unwrap([]byte) ([]byte, bool, QoP, error)     // RFC 2743 § 2.3.4
 
 	ContinueNeeded() bool
 	Continue([]byte) ([]byte, error)