senzing-factory/build-resources#15 update go workflow permissions (#40)

.github/workflows/add-to-project-garage-dependabot.yaml

@@ -1,21 +1,14 @@
-name: add-to-project-garage-dependabot.yaml
+name: 'add to project garage dependabot'
+
 on:
   pull_request:
-    types:
-      - opened
-      - reopened
-env:
-  CREATOR: ${{ github.event.pull_request.user.login }}
+    branches: [main]
+
 jobs:
-  add-to-project:
-    name: Add dependabot pull request to project
-    runs-on: ubuntu-latest
-    steps:
-      - name: Assign pull request to project
-        env:
-          BOOL: ${{ contains( env.CREATOR, 'dependabot' ) }}
-        if: ${{ env.BOOL == 'true' }}
-        uses: actions/add-to-project@v0.5.0
-        with:
-          project-url: https://github.com/orgs/senzing-garage/projects/3
-          github-token: ${{ secrets.SENZING_GITHUB_ACCESS_TOKEN }}
+
+  add-to-project-dependabot:
+    secrets:
+      SENZING_GITHUB_PROJECT_RW_TOKEN: ${{ secrets.SENZING_GITHUB_PROJECT_RW_TOKEN }}
+    uses: senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml@main
+    with:
+      project: ${{ vars.SENZING_PROJECT_GARAGE }}

.github/workflows/add-to-project-garage.yaml

@@ -1,9 +1,11 @@
-name: add-to-project-garage.yaml
+name: 'add to project garage'
+
 on:
   issues:
     types:
-      - reopened
       - opened
+      - reopened
+
 jobs:
   add-to-project:
     name: Add issue to project
@@ -12,5 +14,5 @@ jobs:
       - name: Assign issue to project
         uses: actions/add-to-project@v0.5.0
         with:
-          project-url: https://github.com/orgs/senzing-garage/projects/3
+          project-url: https://github.com/orgs/${{ vars.SENZING_GITHUB_ACCOUNT_NAME }}/projects/${{ vars.SENZING_PROJECT_GARAGE }}
           github-token: ${{ secrets.SENZING_GITHUB_ACCESS_TOKEN }}

.github/workflows/dependabot-approve-and-merge.yaml

@@ -1,12 +1,14 @@
-name: dependabot-approve-and-merge.yaml
+name: 'dependabot approve and merge'
+
 on:
   pull_request:
     branches: [main]
+
 jobs:
   dependabot-approve-and-merge:
     permissions:
       contents: write
       pull-requests: write
-    uses: senzing-factory/build-resources/.github/workflows/dependabot-approve-and-merge.yaml@main
     secrets:
       SENZING_GITHUB_CODEOWNER_PR_RW_TOKEN: ${{ secrets.SENZING_GITHUB_CODEOWNER_PR_RW_TOKEN }}
+    uses: senzing-factory/build-resources/.github/workflows/dependabot-approve-and-merge.yaml@v1

.github/workflows/docker-build-container.yaml

@@ -1,15 +1,17 @@
-name: docker-build-container.yaml
+name: 'docker build container'
+
 on:
   pull_request:
     branches:
       - main
   workflow_dispatch:
+
 jobs:
   docker-build-container:
     runs-on: ubuntu-latest
     steps:
       - name: Build docker image
-        uses: senzing-factory/github-action-docker-buildx-build@latest
+        uses: senzing-factory/github-action-docker-buildx-build@v1
         with:
           image-repository: senzing/load
           password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}

.github/workflows/go-proxy-pull.yaml

@@ -1,14 +1,13 @@
-# Based on
-# - https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
-# - https://github.com/marketplace/actions/go-proxy-warming
-# - https://github.com/andrewslotin/go-proxy-pull-action
-# - https://futurestud.io/tutorials/github-actions-run-a-workflow-when-creating-a-tag
+name: 'go proxy pull'
 
-name: go-proxy-pull.yaml
 on:
   push:
     tags:
       - "v[0-9]+.[0-9]+.[0-9]+"
+
+permissions:
+  contents: write
+
 jobs:
   go-proxy-pull:
     runs-on: ubuntu-latest

.github/workflows/go-test-darwin.yaml

@@ -1,12 +1,15 @@
-# Based on
-# - https://github.com/marketplace/actions/setup-go-environment
+name: 'go test darwin'
 
-name: go-test-darwin.yaml
 on: [push]
+
 env:
   DYLD_LIBRARY_PATH: /opt/senzing/g2/lib:/opt/senzing/g2/lib/macos
   LD_LIBRARY_PATH: /opt/senzing/g2/lib:/opt/senzing/g2/lib/macos
   SENZING_TOOLS_DATABASE_URL: "sqlite3://na:na@/tmp/sqlite/G2C.db"
+
+permissions:
+  contents: read
+
 jobs:
   go-test-darwin:
     runs-on: ${{ matrix.os }}
@@ -21,17 +24,22 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Setup go
         uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go }}
+
       - name: Install Senzing API
         uses: Senzing/github-action-install-senzing-api@latest
         with:
           senzingapi-version: ${{ matrix.senzingapi-version }}
+
       - name: Copy /etc files
         run: sudo cp testdata/senzing-license/g2.lic /opt/senzing/g2/etc/g2.lic
+
       - name: Copy test database files
         run: mkdir /tmp/sqlite && cp testdata/sqlite/G2C.db /tmp/sqlite/G2C.db
+
       - name: Run go test
         run: go test -exec /Users/runner/work/load/load/bin/macos_exec_dyld.sh -v -p 1 ./...

.github/workflows/go-test-linux.yaml

@@ -1,36 +1,44 @@
-# Based on
-# - https://github.com/marketplace/actions/setup-go-environment
+name: 'go test linux'
 
-name: go-test-linux.yaml
 on: [push]
+
 env:
   LD_LIBRARY_PATH: /opt/senzing/g2/lib
   SENZING_TOOLS_DATABASE_URL: "sqlite3://na:na@/tmp/sqlite/G2C.db"
+
+permissions:
+  contents: read
+
 jobs:
   go-test-linux:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
         go: ["1.21"]
         os: [ubuntu-latest]
-        senzingapi-version: [staging]
+        senzingapi-version: [latest]
     name: "go test with Senzing: ${{ matrix.senzingapi-version }}; OS: ${{ matrix.os }}; Go: ${{ matrix.go }}"
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Setup go
         uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go }}
+
       - name: Install Senzing API
         uses: Senzing/github-action-install-senzing-api@latest
         with:
           senzingapi-version: ${{ matrix.senzingapi-version }}
+
       - name: Copy /etc files
         run: sudo cp testdata/senzing-license/g2.lic /etc/opt/senzing/g2.lic
+
       - name: Copy test database files
         run: mkdir /tmp/sqlite && cp testdata/sqlite/G2C.db /tmp/sqlite/G2C.db
+
       - name: Run go test
         run: go test -v -p 1 ./...

.github/workflows/go-test-windows.yaml

@@ -1,10 +1,13 @@
-# Based on
-# - https://github.com/marketplace/actions/setup-go-environment
+name: 'go test windows'
 
-name: go-test-windows.yaml
 on: [push]
+
 env:
   SENZING_TOOLS_DATABASE_URL: 'sqlite3://na:na@nowhere/C:\Temp\sqlite\G2C.db'
+
+permissions:
+  contents: read
+
 jobs:
   go-test-windows:
     runs-on: ${{ matrix.os }}
@@ -19,19 +22,25 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Setup go
         uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go }}
+
       - name: Install Senzing API
         uses: Senzing/github-action-install-senzing-api@latest
         with:
           senzingapi-version: ${{ matrix.senzingapi-version }}
+
       - name: Add to "Path" environment variable
         run: echo "C:\Program Files\Senzing\g2\lib" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+
       - name: Copy /etc files
         run: copy testdata/senzing-license/g2.lic "C:\Program Files\Senzing\g2\etc\g2.lic"
+
       - name: Copy test database files
         run: mkdir "C:\Temp\sqlite" && copy testdata/sqlite/G2C.db "C:\Temp\sqlite\G2C.db"
+
       - name: Run go test
         run: go test -v -p 1 ./...

.github/workflows/gofmt.yaml

@@ -1,7 +1,12 @@
-name: gofmt.yaml
+name: 'gofmt'
+
 on:
   pull_request:
     branches: [main]
+
+permissions:
+  contents: read
+
 jobs:
   gofmt:
-    uses: senzing-factory/build-resources/.github/workflows/gofmt.yaml@main
+    uses: senzing-factory/build-resources/.github/workflows/gofmt.yaml@v1

.github/workflows/gosec.yaml

@@ -1,14 +1,16 @@
-# Based on
-# - https://github.com/securego/gosec
+name: 'gosec'
 
-name: gosec.yaml
 on:
   push:
     branches:
       - main
   pull_request:
     branches:
       - main
+
+permissions:
+  contents: read
+
 jobs:
   gosec:
     runs-on: ubuntu-latest
@@ -17,7 +19,8 @@ jobs:
     steps:
       - name: Checkout Source
         uses: actions/checkout@v4
+
       - name: Run Gosec Security Scanner
-        uses: securego/gosec@master
+        uses: securego/gosec@v2.18.2
         with:
           args: ./...

.github/workflows/make-go-github-file.yaml

@@ -1,13 +1,18 @@
-name: make-go-github-file.yaml
+name: 'make go github file'
+
 on:
   push:
     tags:
       - "[0-9]+.[0-9]+.[0-9]+"
-permissions: write-all
+
+permissions:
+  contents: write
+  pull-requests: write
+
 jobs:
   make-go-github-file:
-    uses: senzing-factory/build-resources/.github/workflows/make-go-github-file.yaml@main
+    uses: senzing-factory/build-resources/.github/workflows/make-go-github-file.yaml@v1
     secrets:
-      SENZING_GITHUB_GPG_PRIVATE_KEY: ${{ secrets.SENZING_GITHUB_GPG_PRIVATE_KEY }}
-      SENZING_GITHUB_GPG_PASSPHRASE: ${{ secrets.SENZING_GITHUB_GPG_PASSPHRASE }}
       SENZING_GITHUB_ACTOR: ${{ secrets.SENZING_GITHUB_ACTOR }}
+      SENZING_GITHUB_GPG_PASSPHRASE: ${{ secrets.SENZING_GITHUB_GPG_PASSPHRASE }}
+      SENZING_GITHUB_GPG_PRIVATE_KEY: ${{ secrets.SENZING_GITHUB_GPG_PRIVATE_KEY }}

.github/workflows/make-go-tag.yaml

@@ -1,15 +1,20 @@
-name: make-go-tag.yaml
+name: 'make go tag'
+
 on:
   push:
     tags:
       - "[0-9]+.[0-9]+.[0-9]+"
-permissions: write-all
+
+permissions:
+  contents: write
+
 jobs:
   make-go-tag:
     name: Make a vM.m.P tag
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
+
       - name: Make go version tag
-        uses: senzing-factory/github-action-make-go-tag@main
+        uses: senzing-factory/github-action-make-go-tag@v1

CHANGELOG.md

@@ -10,6 +10,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 -
 
+## [0.1.1] - 2024-01-29
+
+### Changed in 0.1.1
+
+- Update dependencies
+  - github.com/senzing-garage/g2-sdk-go v0.9.0
+  - github.com/senzing-garage/go-queueing v0.2.1
+  - github.com/senzing-garage/go-sdk-abstract-factory v0.6.0
+
 ## [0.1.0] - 2024-01-03
 
 ### Changed in 0.1.0

README.md

@@ -15,7 +15,7 @@ Heck, it may not even be appropriate for your application of Senzing!
 ## Synopsis
 
 `load` is a command in the
-[senzing-tools](https://github.com/Senzing/senzing-tools)
+[senzing-tools](https://github.com/senzing-garage/senzing-tools)
 suite of tools.
 This command can pull records from a variety of sources and insert into the Senzing database.