diff --git a/.github/workflows/pr-title-lint.yml b/.github/workflows/pr-title-lint.yml new file mode 100644 index 00000000..367d1d4c --- /dev/null +++ b/.github/workflows/pr-title-lint.yml @@ -0,0 +1,52 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT license. + +name: PR Title Lint + +on: + pull_request_target: + types: [opened, edited, synchronize, reopened] + +permissions: + pull-requests: read + statuses: write + +jobs: + pr-title-lint: + name: Validate PR Title + runs-on: ubuntu-latest + steps: + # Pinned to commit SHA for supply chain security (CWE-829) + # Verify: gh api repos/amannn/action-semantic-pull-request/git/ref/tags/v5.5.3 --jq '.object.sha' + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # Configure which types are allowed (see https://github.com/commitizen/conventional-commit-types) + types: | + feat + fix + docs + style + refactor + perf + test + build + ci + chore + revert + deps + # Configure which scopes are allowed (empty means all scopes are allowed) + scopes: | + # Configure whether a scope must be provided (false means scopes are optional) + requireScope: false + # For work-in-progress PRs you can typically use draft pull requests + # Instead of allowing WIP in the title + wip: true + # Configure validation of the subject line (title after type/scope) + subjectPattern: ^(?![A-Z]).+$ + subjectPatternError: | + The subject "{subject}" found in the pull request title "{title}" + must start with a lowercase letter. + # If the PR contains only a single commit, validate that its message matches the PR title + validateSingleCommit: false diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 00000000..48ea6db2 --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,22 @@ +name: Release Please + +on: + push: + branches: + - main + +permissions: + contents: write + pull-requests: write + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + # Pinned to commit SHA for supply chain security (CWE-829) + # Verify: gh api repos/google-github-actions/release-please-action/git/ref/tags/v4.1.1 --jq '.object.sha' + - uses: google-github-actions/release-please-action@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee # v4.1.1 + with: + command: manifest + config-file: release-please-config.json + manifest-file: .release-please-manifest.json diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 00000000..e18ee077 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "0.0.0" +} diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 00000000..5c845fda --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,12 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Unreleased] + +### Added +- Implemented automated versioning with Release Please + +This changelog will be automatically updated by Release Please based on conventional commits merged to the main branch. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..e4ddb25c --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,158 @@ +# Contributing to go-sqlcmd + +Thank you for your interest in contributing to go-sqlcmd! This document provides guidelines for contributing to the project. + +## Development Setup + +### Prerequisites + +- Go 1.24 or later +- Git + +### Building the Project + +```bash +# Clone the repository +git clone https://github.com/microsoft/go-sqlcmd.git +cd go-sqlcmd + +# Build sqlcmd +./build/build.sh # Linux/macOS +.\build\build.cmd # Windows +``` + +### Running Tests + +```bash +# Run all tests +go test ./... + +# Run tests with verbose output +go test -v ./... + +# Run tests for a specific package +go test -v ./pkg/sqlcmd/... +``` + +## Release Process + +This project uses [Release Please](https://github.com/googleapis/release-please) for automated version management and releases. Release Please analyzes commits since the last release and automatically creates a Release PR that: + +- Bumps the version based on [Conventional Commits](https://www.conventionalcommits.org/) +- Updates the CHANGELOG.md with changes +- Creates a GitHub release when the PR is merged + +### Conventional Commits + +All commits should follow the [Conventional Commits](https://www.conventionalcommits.org/) specification. This enables automated version bumping and changelog generation. + +#### Commit Message Format + +``` +[optional scope]: + +[optional body] + +[optional footer(s)] +``` + +#### Types and Version Bumping + +| Type | Version Bump | Description | Example | +|------|--------------|-------------|---------| +| `feat:` | Minor (0.X.0) | New feature | `feat: add query timeout option` | +| `fix:` | Patch (0.0.X) | Bug fix | `fix: resolve connection timeout issue` | +| `feat!:` or `BREAKING CHANGE:` | Major (X.0.0) | Breaking change | `feat!: change default port to 1433` | +| `docs:` | No bump | Documentation only | `docs: update README with examples` | +| `chore:` | No bump | Maintenance tasks | `chore: update dependencies` | +| `ci:` | No bump | CI/CD changes | `ci: add workflow for linting` | +| `test:` | No bump | Test changes | `test: add unit tests for parser` | +| `refactor:` | No bump | Code refactoring | `refactor: simplify connection logic` | +| `perf:` | No bump | Performance improvements | `perf: optimize query execution` | +| `build:` | No bump | Build system changes | `build: update build script` | + +#### Examples + +**Feature (Minor bump):** +``` +feat: add support for Azure AD authentication + +Adds new authentication method for connecting to Azure SQL +databases using Azure Active Directory credentials. +``` + +**Bug fix (Patch bump):** +``` +fix: correct handling of null values in output + +Previously, null values were displayed as empty strings. +Now they are properly displayed as "NULL". +``` + +**Breaking change (Major bump):** +``` +feat!: change default encryption to mandatory + +BREAKING CHANGE: The default encryption setting has changed +from optional to mandatory. Users must explicitly set +encryption to optional if needed. +``` + +**Non-version-bumping changes:** +``` +docs: add examples for container commands +chore: update go-mssqldb dependency +ci: add codeql security scanning +test: add integration tests for query command +``` + +### How Releases Work + +1. **Make changes** following conventional commit guidelines +2. **Create PR** with your changes +3. **Merge PR to main** - Release Please will analyze commits +4. **Release Please creates/updates a Release PR** that: + - Bumps version in relevant files + - Updates CHANGELOG.md + - Tags the release +5. **Review and merge the Release PR** - This triggers: + - Creation of a GitHub Release + - Publishing of release artifacts + +### Manual Release Process (if needed) + +If you need to create a release manually: + +1. Update the version in `.release-please-manifest.json` +2. Update CHANGELOG.md manually +3. Create and push a git tag: + ```bash + git tag v1.0.0 + git push origin v1.0.0 + ``` +4. Create a GitHub release from the tag + +## Pull Request Guidelines + +- Follow the conventional commit format in PR titles +- Keep PRs focused on a single feature or fix +- Add tests for new functionality +- Ensure all tests pass locally before submitting +- Update documentation if needed + +## Code Style + +- Follow standard Go conventions and idioms +- Use `gofmt` for formatting +- Run `golangci-lint` before submitting + +## Questions? + +If you have questions, feel free to: +- Open an issue for discussion +- Check existing issues and discussions +- Review the [README](README.md) for more information + +## License + +By contributing, you agree that your contributions will be licensed under the MIT License. diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 00000000..9bf5fb14 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,14 @@ +{ + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", + "packages": { + ".": { + "release-type": "go", + "package-name": "sqlcmd", + "changelog-path": "CHANGELOG.md", + "bump-minor-pre-major": true, + "bump-patch-for-minor-pre-major": false, + "draft": false, + "prerelease": false + } + } +}