chore:Fix the yaml files and ignore more things.

.gitignore

@@ -19,6 +19,8 @@ report.json
 
 # for releases
 .ignore/
+dist/
+.goreleaser.yml
 
 # vendor package
 vendor/
@@ -27,4 +29,4 @@ vendor/
 deploy/docker-compose/
 
 # misc
-coverage.txt
+coverage.txt

.golangci.yaml

@@ -28,4 +28,3 @@ issues:
       linters:
         - dupl
         - funlen
-

.release/docker/argus_spruce.yaml

@@ -70,7 +70,7 @@ servers:
       X-Xmidt-Version:
         - development
 
-store: 
+store:
   # dynamo is the configuration block to communicate with dynamoDB.
   dynamo:
 
@@ -109,7 +109,7 @@ store:
   #  # If the opTimeout is set to 0, it defaults to 10s.
   #  # (Optional) defaults to 10s
   #  opTimeout: 100ms
-  
+
   #  # username is the username to use when connecting to the database.
   #  # (Optional)
   #  username: "cassandra"
@@ -142,7 +142,7 @@ store:
 # userInputValidation groups options around validating data on incoming requests.
 # (Optional) The default values are those listed above the fields below.
 userInputValidation:
-  # itemMaxTTL defines the limit for TTL values provided by users of the API. 
+  # itemMaxTTL defines the limit for TTL values provided by users of the API.
   # refer to https://golang.org/pkg/time/#ParseDuration for valid strings.
   # (Optional) default: 24h (a day)
   itemMaxTTL: (( grab $ITEM_MAX_TTL || "24h" ))
@@ -156,7 +156,7 @@ userInputValidation:
   ownerFormatRegex: (( grab $OWNER_FORMAT_REGEX || "^.{4,60}$" ))
 
   # itemDataMaxDepth is the max allowed depth of the Item JSON data field.
-  # If your DB supports up to N nested objects, itemDataMaxDepth should be set to 
+  # If your DB supports up to N nested objects, itemDataMaxDepth should be set to
   # N-1. The value of itemDataMaxDepth must be > 0, otherwise the default value will
   # be used.
   # (Optional) default: 30
@@ -170,21 +170,21 @@ jwtValidator:
     Resolve:
       Template: (( grab $THEMIS_ENDPOINT || "http://themis:6500/keys/{keyID}" ))
 
-# can we remove all of this section?  
+# can we remove all of this section?
 authx:
   inbound:
     # basic is a list of Basic Auth credentials intended to be used for local testing purposes.
     # WARNING! Be sure to remove this from your production config.
     basic:
       - (( grab $AUTH_HEADER || "dXNlcjpwYXNz" ))
 
-        
+
     # accessLevel defines config around the injection of an attribute to bascule tokens
     # which application code can leverage to decide if a given request is allowed to execute some operation.
-    # Note that accessLevel differs from capabilityCheck in that it allows more complex access hierarchy. 
-    # That is, while capabilityCheck verifies whether a user is allowed to use an API endpoint, accessLevel 
+    # Note that accessLevel differs from capabilityCheck in that it allows more complex access hierarchy.
+    # That is, while capabilityCheck verifies whether a user is allowed to use an API endpoint, accessLevel
     # assigns a number to the user's request which application code can use for security purposes.
-    # An access level is defined as a non-negative number and the higher the number, the higher the access the 
+    # An access level is defined as a non-negative number and the higher the number, the higher the access the
     # request has for the target application.
     # (Optional). If section is not provided, the lowest access level value of 0 will be assigned to the attribute.
     accessLevel:
@@ -201,7 +201,7 @@ authx:
         # If this value is found in the list, the access level assigned to the request will be 1. Otherwise, it will be 0.
         # (Optional) defaults to 'xmidt:svc:admin'
         name:  (( grab $ACCESS_LEVEL_CAPABILITY || "xmidt:svc:admin" ))
-    
+
         # path is the list of nested keys to get to the claim which contains the capabilities.
         # For example, if your JWT payload looks like this:
         # ```
@@ -211,24 +211,24 @@ authx:
         #   "my_company": {
         #     "capabilities": ["capability0", "capability1"]
         #   }
-        # } 
-        # ```  
+        # }
+        # ```
         # you'll want to set path to ["my_company", "capabilities"]
          # (Optional) default: ["capabilities"]
-        path: 
+        path:
           - (( grab $ACCESS_LEVEL_CAPABILITIES_PATH  || "capabilities" ))
 
     # # capabilityCheck provides the details needed for checking an incoming JWT's
     # # capabilities.  If the type of check isn't provided, no checking is done.  The
-    # # type can be "monitor" or "enforce". If "monitor" is provided, the capabilities 
-    # # are checked but the request isn't rejected when there isn't a valid capability 
-    # # for the request. Instead, a message is logged.  When "enforce" is provided, a 
+    # # type can be "monitor" or "enforce". If "monitor" is provided, the capabilities
+    # # are checked but the request isn't rejected when there isn't a valid capability
+    # # for the request. Instead, a message is logged.  When "enforce" is provided, a
     # # request that doesn't have the needed capability is rejected.
-    
+
     # # The capability is expected to have the format:
-    
+
     # # {prefix}{endpoint}:{method}
-    
+
     # # The prefix can be a regular expression.  If it's empty, no capability check
     # # is done.  The endpoint is a regular expression that should match the endpoint
     # # the request was sent to. The method is usually the method of the request, such as
@@ -262,4 +262,3 @@ tracing:
 
   # endpoint is where trace information should be routed. Applies to zipkin and jaegar.
   endpoint: (( grab $TRACING_PROVIDER_ENDPOINT || "http://zipkin:9411/api/v2/spans" ))
-

.yamllint.yml

@@ -0,0 +1,38 @@
+# SPDX-FileCopyrightText: 2024 Comcast Cable Communications Management, LLC
+# SPDX-License-Identifier: Apache-2.0
+---
+
+extends: default
+
+ignore:
+  - .release/helm/argus/templates/argus.yaml
+
+rules:
+  braces:
+    level: warning
+    max-spaces-inside: 1
+  brackets:
+    level: warning
+    max-spaces-inside: 1
+  colons:
+    level: warning
+    max-spaces-after: -1
+  commas:
+    level: warning
+  comments: disable
+  comments-indentation: disable
+  document-start:
+    present: true
+  empty-lines:
+    max: 2
+  hyphens:
+    max-spaces-after: 1
+  indentation:
+    level: error
+    indent-sequences: consistent
+  line-length:
+    level: warning
+    max: 90
+    allow-non-breakable-words: true
+    allow-non-breakable-inline-mappings: true
+  truthy: disable

argus.yaml

@@ -1,5 +1,6 @@
 ## SPDX-FileCopyrightText: 2021 Comcast Cable Communications Management, LLC
 ## SPDX-License-Identifier: Apache-2.0
+---
 prometheus:
   defaultNamespace: xmidt
   defaultSubsystem: argus
@@ -56,24 +57,24 @@ store:
     # endpoint is used to set a custom aws endpoint.
     # (Optional)
     endpoint: "http://localhost:8000"
-  
+
     # table is the name of the table that is already configured with bucket and id as the key.
     table: "gifnoc"
-  
+
     # region is where request should go to.
     region: "us-east-2"
-  
+
     # maxRetires is the maximum times the application will retry the request to the db.
     # (Optional) default: 3
     maxRetries: 3
 
     # getAllLimit is the maximum number of items to get at a time.
     # (Optional) defaults to no limit
     getAllLimit: 50
-  
+
     # accessKey is the AWS accessKey to access dynamodb.
     accessKey: "accessKey"
-  
+
     # secretKey is the AWS secretKey to go with the accessKey to access dynamodb.
     secretKey: "secretKey"
 
@@ -90,7 +91,7 @@ store:
   #  # If the opTimeout is set to 0, it defaults to 10s.
   #  # (Optional) defaults to 10s
   #  opTimeout: 100ms
-  
+
   #  # username is the username to use when connecting to the database.
   #  # (Optional)
   #  username: "cassandra"
@@ -124,10 +125,10 @@ store:
 # userInputValidation groups options around validating data on incoming requests.
 # (Optional) The default values are those listed above the fields below.
 userInputValidation:
-  # itemMaxTTL defines the limit for TTL values provided by users of the API. 
+  # itemMaxTTL defines the limit for TTL values provided by users of the API.
   # refer to https://golang.org/pkg/time/#ParseDuration for valid strings.
   # (Optional) default: 24h (a day)
-  itemMaxTTL: "24h" 
+  itemMaxTTL: "24h"
 
   # bucketFormatRegex helps define the validity of a bucket through a regular expression.
   # (Optional) default: ^[0-9a-z][0-9a-z-]{1,61}[0-9a-z]$
@@ -138,7 +139,7 @@ userInputValidation:
   ownerFormatRegex: "^.{4,60}$"
 
   # itemDataMaxDepth is the max allowed depth of the Item JSON data field.
-  # If your DB supports up to N nested objects, itemDataMaxDepth should be set to 
+  # If your DB supports up to N nested objects, itemDataMaxDepth should be set to
   # N-1. The value of itemDataMaxDepth must be > 0, otherwise the default value will
   # be used.
   # (Optional) default: 30
@@ -170,7 +171,7 @@ authx:
     basic: ["dXNlcjpwYXNz"]
 
     # bearer contains all the configuration needed for a JWT validator.
-    bearer: 
+    bearer:
       key:
         factory:
           uri: "http://localhost:6500/keys/docker"
@@ -179,10 +180,10 @@ authx:
 
     # accessLevel defines config around the injection of an attribute to bascule tokens
     # which application code can leverage to decide if a given request is allowed to execute some operation.
-    # Note that accessLevel differs from capabilityCheck in that it allows more complex access hierarchy. 
-    # That is, while capabilityCheck verifies whether a user is allowed to use an API endpoint, accessLevel 
+    # Note that accessLevel differs from capabilityCheck in that it allows more complex access hierarchy.
+    # That is, while capabilityCheck verifies whether a user is allowed to use an API endpoint, accessLevel
     # assigns a number to the user's request which application code can use for security purposes.
-    # An access level is defined as a non-negative number and the higher the number, the higher the access the 
+    # An access level is defined as a non-negative number and the higher the number, the higher the access the
     # request has for the target application.
     # (Optional). If section is not provided, the lowest access level value of 0 will be assigned to the attribute.
     accessLevel:
@@ -199,7 +200,7 @@ authx:
         # If this value is found in the list, the access level assigned to the request will be 1. Otherwise, it will be 0.
         # (Optional) defaults to 'xmidt:svc:admin'
         name:  "xmidt:svc:admin"
-        
+
         # path is the list of nested keys to get to the claim which contains the capabilities.
         # For example, if your JWT payload looks like this:
         # ```
@@ -209,24 +210,24 @@ authx:
         #   "my_company": {
         #     "capabilities": ["capability0", "capability1"]
         #   }
-        # } 
-        # ```  
+        # }
+        # ```
         # you'll want to set path to ["my_company", "capabilities"]
         # (Optional) default: ["capabilities"]
         path: ["capabilities"]
 
 
     # # capabilities provides the details needed for checking an incoming JWT's
     # # capabilities.  If the type of check isn't provided, no checking is done.  The
-    # # type can be "monitor" or "enforce". If "monitor" is provided, the capabilities 
-    # # are checked but the request isn't rejected when there isn't a valid capability 
-    # # for the request. Instead, a message is logged.  When "enforce" is provided, a 
+    # # type can be "monitor" or "enforce". If "monitor" is provided, the capabilities
+    # # are checked but the request isn't rejected when there isn't a valid capability
+    # # for the request. Instead, a message is logged.  When "enforce" is provided, a
     # # request that doesn't have the needed capability is rejected.
-    
+
     # # The capability is expected to have the format:
-    
+
     # # {prefix}{endpoint}:{method}
-    
+
     # # The prefix can be a regular expression.  If it's empty, no capability check
     # # is done.  The endpoint is a regular expression that should match the endpoint
     # # the request was sent to. The method is usually the method of the request, such as
@@ -261,4 +262,3 @@ tracing:
   # endpoint is where trace information should be routed. Applies to otlp, zipkin, and jaegar. OTLP/gRPC uses port 4317 by default.
   # OTLP/HTTP uses port 4318 by default.
   # endpoint: "http://localhost:9411/api/v2/spans"
-

integtests/dynamodb/docker-compose.yml

@@ -8,4 +8,4 @@ services:
     hostname: dynamodb-local
     container_name: dynamodb-local
     ports:
-      - "8042:8000"
+      - "8042:8000"