Add GitHub Actions workflow for building and releasing

Author: dankraw

.github/workflows/README.md

@@ -0,0 +1,73 @@
+# CI/CD Workflows
+
+This directory contains GitHub Actions workflows for continuous integration and deployment.
+
+## Workflows
+
+### CI (`ci.yml`)
+Runs on every push and pull request to master/main branch.
+
+**Jobs:**
+- **Lint**: Code formatting, imports, and linting checks
+- **Test**: Unit tests across multiple Go versions and OS platforms
+- **Security**: Security scanning with gosec and govulncheck
+- **Build**: Multi-platform builds (Linux, macOS, Windows)
+- **Integration**: Integration test suite
+- **Dependency Review**: Security review of dependencies (PRs only)
+
+### Release (`release.yml`)
+Runs when a version tag is pushed (e.g., `v1.0.0`).
+
+**Features:**
+- Automated packaging with `package.sh`
+- GitHub release creation
+- Binary artifact uploads
+
+## Local Development
+
+### Prerequisites
+```bash
+# Install golangci-lint
+go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
+
+# Install goimports
+go install golang.org/x/tools/cmd/goimports@latest
+```
+
+### Commands
+```bash
+# Run all checks locally
+make lint
+
+# Format code
+make fmt
+
+# Run tests
+make test
+
+# Build
+make build
+```
+
+## Configuration
+
+### golangci-lint (`.golangci.yml`)
+Comprehensive linting configuration with:
+- Code quality checks
+- Security scanning
+- Performance analysis
+- Style enforcement
+
+### Dependabot (`.github/dependabot.yml`)
+Automated dependency updates:
+- Go modules: Weekly updates
+- GitHub Actions: Weekly updates
+- Automatic PR creation with reviews
+
+## Best Practices
+
+1. **Always run `make lint` before committing**
+2. **Ensure tests pass locally before pushing**
+3. **Use conventional commit messages**
+4. **Review Dependabot PRs promptly**
+5. **Tag releases with semantic versioning (v1.0.0)**

.github/workflows/ci.yml

@@ -0,0 +1,156 @@
+name: CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  lint:
+    name: Lint and Format Check
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Install golangci-lint
+        uses: golangci/golangci-lint-action@v8
+        with:
+          version: v2.4.0
+          args: --timeout=10m
+          skip-cache: true
+          
+      - name: Install goimports
+        run: go install golang.org/x/tools/cmd/goimports@latest
+
+      - name: Check formatting
+        run: |
+          if [ "$(gofmt -l . | wc -l)" -gt 0 ]; then
+            echo "Code is not formatted. Please run 'make fmt' and commit changes."
+            gofmt -l .
+            exit 1
+          fi
+
+      - name: Check imports
+        run: |
+          if [ "$(goimports -l . | wc -l)" -gt 0 ]; then
+            echo "Imports are not properly formatted. Please run 'make fmt' and commit changes."
+            goimports -l .
+            exit 1
+          fi
+
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: [ '1.25' ]
+        os: [ ubuntu-latest, macos-latest, windows-latest ]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go ${{ matrix.go-version }}
+        uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Install dependencies
+        run: go mod download
+
+      - name: Verify dependencies
+        run: go mod verify
+
+      - name: Run tests
+        run: go test -v -race -coverprofile=coverage.out -covermode=atomic ./...
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          file: ./coverage.out
+          flags: unittests
+          name: codecov-umbrella
+          fail_ci_if_error: false
+
+  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    needs: [lint, test]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Install GoSec
+        run: |
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+
+      - name: Run GoSec
+        run: |
+          gosec -fmt sarif -out results.sarif ./...
+          
+      - name: Upload GoSec SARIF
+        uses: github/codeql-action/upload-sarif@v3
+        if: always()
+        with:
+          sarif_file: results.sarif
+
+      - name: Run govulncheck
+        run: |
+          go install golang.org/x/vuln/cmd/govulncheck@latest
+          govulncheck ./...
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: [lint, test]
+    strategy:
+      matrix:
+        goos: [linux, darwin, windows]
+        goarch: [amd64, arm64]
+        exclude:
+          - goos: windows
+            goarch: arm64
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Build for ${{ matrix.goos }}/${{ matrix.goarch }}
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+        run: |
+          go build -v -ldflags="-s -w -X main.Version=$(cat VERSION)" -o "ssh-aliases-${{ matrix.goos }}-${{ matrix.goarch }}"
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ssh-aliases-${{ matrix.goos }}-${{ matrix.goarch }}
+          path: ssh-aliases-${{ matrix.goos }}-${{ matrix.goarch }}
+
+  dependency-review:
+    name: Dependency Review
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          fail-on-severity: moderate

.github/workflows/release.yml

@@ -0,0 +1,36 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  release:
+    name: Package and Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Install dependencies
+        run: go mod download
+
+      - name: Run package.sh
+        run: |
+          chmod +x ./package.sh
+          ./package.sh ${{ github.ref_name }}
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: dist/*
+          draft: false
+          prerelease: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.golangci.yml

@@ -0,0 +1,26 @@
+version: '2'
+
+run:
+  timeout: 10m
+  go: "1.25"
+
+linters:
+  enable:
+    - govet
+    - errcheck
+    - staticcheck
+    - ineffassign
+    - unused
+    - misspell
+    - dupl
+    - gocritic
+    - revive
+    - unconvert
+    - goconst
+    - prealloc
+    - nakedret
+    - noctx
+    - paralleltest
+    - tagliatelle
+    - tparallel
+    - wastedassign

.travis.yml

@@ -1,18 +1,21 @@
 APP_NAME := ssh-aliases
 APP_VERSION := $(shell cat VERSION)
 
-PACKAGES := $(shell go list ./... | grep -v /vendor/)
+PACKAGES := $(shell go list ./...)
 BUILD_FOLDER := target
 DIST_FOLDER := dist
 
-GIT_DESC := $(shell git describe)
+GIT_DESC := $(shell git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD)
 
-SRC := $(shell find . -type f -name '*.go' -not -path "./vendor/*")
+SRC := $(shell find . -type f -name '*.go')
 
 .PHONY: all version fmt clean test build release lint lint-deps
 
-ifneq "$(APP_VERSION)" "$(GIT_DESC)"
+# Only use git describe if VERSION file doesn't exist or is empty
+ifneq "$(APP_VERSION)" ""
+    # VERSION file exists and has content, use it
+else
     APP_VERSION := $(GIT_DESC)-$(GIT_BRANCH)
 endif
 
@@ -36,12 +39,10 @@ build:
 release: clean lint build
 	@bash ./package.sh $(APP_VERSION)
 
-fmt: lint-deps
+fmt:
 	@goimports -w $(SRC)
 	@gofmt -l -s -w $(SRC)
 
-lint: lint-deps
+lint:
 	@golangci-lint run
 
-lint-deps:
-	@which golangci-lint > /dev/null || go get -u github.com/golangci/golangci-lint/cmd/golangci-lint

Makefile

@@ -1,5 +1,4 @@
 # ssh-aliases
-[![Build Status](https://travis-ci.org/dankraw/ssh-aliases.svg?branch=master)](https://travis-ci.org/dankraw/ssh-aliases) 
 [![Go Report Card](https://goreportcard.com/badge/github.com/dankraw/ssh-aliases)](https://goreportcard.com/report/github.com/dankraw/ssh-aliases)
 
 `ssh-aliases` is a command line tool that brings ease to living with `~/.ssh/config`.

README.md

@@ -1,3 +1,4 @@
+// Package command provides CLI command implementations for ssh-aliases
 package command
 
 import (
@@ -65,7 +66,7 @@ func configureCLI(version string, writer io.Writer) (*cli.App, error) {
 				Destination: &hostsFile,
 			},
 		},
-		Action: func(ctx *cli.Context) error {
+		Action: func(_ *cli.Context) error {
 			hosts, err := readHostsFile(hostsFile)
 			if err != nil {
 				return cli.NewExitError(err.Error(), 1)
@@ -103,7 +104,7 @@ func configureCLI(version string, writer io.Writer) (*cli.App, error) {
 				Destination: &hostsFile,
 			},
 		},
-		Action: func(ctx *cli.Context) error {
+		Action: func(_ *cli.Context) error {
 			var err error
 			hosts, err := readHostsFile(hostsFile)
 			if err != nil {