initial commit

Signed-off-by: Massimiliano Giovagnoli <[email protected]>

.github/workflows/integration.yaml

@@ -0,0 +1,20 @@
+name: Integration
+
+on:
+  push:
+    branches: [ "*" ]
+  pull_request:
+    branches: [ "*" ]
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Run golangci-lint
+        uses: golangci/[email protected]
+        with:
+          version: v1.50.0
+          only-new-issues: false
+          args: --config .golangci.yml --timeout=5m

.github/workflows/release.yaml

@@ -0,0 +1,48 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - v*
+
+permissions:
+  contents: write # needed to write releases
+  id-token: write # needed for keyless signing
+  packages: write # needed for ghcr access
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-22.04
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v3.0.2
+        with:
+          fetch-depth: 0
+
+      - name: Fetch
+        run: git fetch --prune --force --tags
+
+      - name: Setup Go
+        uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a #v3.2.1
+        with:
+          go-version: '1.20'
+
+      - uses: sigstore/cosign-installer@c3667d99424e7e6047999fb6246c0da843953c65 #v3.0.1
+
+      - uses: anchore/sbom-action/download-syft@448520c4f19577ffce70a8317e619089054687e3 #v0.13.4
+
+      - uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish release
+        uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b #4.2.0
+        with:
+          version: latest
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+

.gitignore

@@ -0,0 +1,3 @@
+.idea
+.*.swp
+/wfind

.golangci.yml

@@ -0,0 +1,44 @@
+linters-settings:
+  govet:
+    check-shadowing: true
+  maligned:
+    suggest-new: true
+  goconst:
+    min-len: 2
+    min-occurrences: 3
+  gci:
+    sections:
+      - standard # Captures all standard packages if they do not match another section.
+      - default # Contains all imports that could not be matched to another section type.
+      - prefix(github.com/maxgio92/wfind) # Groups all imports with the specified Prefix.
+  tagliatelle:
+    case:
+      rules:
+        json: snake
+
+linters:
+  enable-all: true
+  disable:
+    - interfacer
+    - godox
+    - golint
+    - scopelint
+    - maligned
+    - gochecknoglobals
+    - gochecknoinits
+    - exhaustivestruct
+    - exhaustruct
+    - ireturn
+    - lll
+    - nonamedreturns
+    - wrapcheck
+    - varnamelen
+
+issues:
+  exclude-rules:
+  - path: /
+    linters:
+    - typecheck
+
+run:
+  skip-dirs: []

.goreleaser.yaml

@@ -0,0 +1,78 @@
+project_name: wfind
+
+before:
+  hooks:
+  - go mod tidy
+
+builds:
+- env:
+  - CGO_ENABLED=0
+  - GO111MODULE=on
+  goos:
+  - linux
+  goarch:
+  - amd64
+  - arm64
+  ldflags: |
+    -X main.buildVersion={{ .Version }}
+    -s
+    -w
+
+checksum:
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+
+changelog:
+  sort: asc
+
+# creates SBOMs of all archives and the source tarball using syft
+# https://goreleaser.com/customization/sbom
+sboms:
+- id: archive
+  artifacts: archive
+- id: source
+  artifacts: source
+
+# signs the checksum file
+# all files (including the sboms) are included in the checksum, so we don't need to sign each one if we don't want to
+# https://goreleaser.com/customization/sign
+signs:
+- cmd: cosign
+  env:
+  - COSIGN_EXPERIMENTAL=1
+  certificate: '${artifact}.pem'
+  args:
+  - sign-blob
+  - '--output-certificate=${certificate}'
+  - '--output-signature=${signature}'
+  - '${artifact}'
+  - "--yes" # needed on cosign 2.0.0+
+  artifacts: all
+  output: true
+
+kos:
+- base_image: cgr.dev/chainguard/static
+  repository: ghcr.io/maxgio92/wfind
+  bare: true
+  tags:
+  - '{{ .Version }}'
+  - '{{ .Major }}.{{ .Minor }}'
+  - latest
+  platforms:
+  - linux/amd64
+  - linux/arm64
+  sbom: spdx
+
+# signs our docker image
+# https://goreleaser.com/customization/docker_sign
+docker_signs:
+- cmd: cosign
+  env:
+  - COSIGN_EXPERIMENTAL=1
+  artifacts: all
+  output: true
+  args:
+  - 'sign'
+  - '${artifact}'
+  - "--yes" # needed on cosign 2.0.0+
+

Dockerfile

@@ -0,0 +1,4 @@
+FROM scratch
+COPY wfind /wfind
+ENTRYPOINT ["/wfind"]
+

Makefile

@@ -0,0 +1,80 @@
+APP := wfind
+VERSION := 0.1.0
+
+user := maxgio92
+oci_image := quay.io/$(user)/$(APP)
+
+bins := docker git go gofumpt golangci-lint
+
+PACKAGE_NAME          := github.com/$(user)/$(APP)
+GOLANG_CROSS_VERSION  ?= v$(shell sed -nE 's/go[[:space:]]+([[:digit:]]\.[[:digit:]]+)/\1/p' go.mod)
+
+GIT_HEAD_COMMIT ?= $$($(git) rev-parse --short HEAD)
+GIT_TAG_COMMIT  ?= $$($(git) rev-parse --short $(VERSION))
+GIT_MODIFIED_1  ?= $$($(git) diff $(GIT_HEAD_COMMIT) $(GIT_TAG_COMMIT) --quiet && echo "" || echo ".dev")
+GIT_MODIFIED_2  ?= $$($(git) diff --quiet && echo "" || echo ".dirty")
+GIT_MODIFIED    ?= $$(echo "$(GIT_MODIFIED_1)$(GIT_MODIFIED_2)")
+GIT_REPO        ?= $$($(git) config --get remote.origin.url)
+BUILD_DATE      ?= $$($(git) log -1 --format="%at" | xargs -I{} date -d @{} +%Y-%m-%dT%H:%M:%S)
+
+define declare_binpaths
+$(1) = $(shell command -v 2>/dev/null $(1))
+endef
+
+$(foreach bin,$(bins),\
+	$(eval $(call declare_binpaths,$(bin)))\
+)
+
+.PHONY: doc
+doc:
+	@go run doc/doc.go
+
+.PHONY: build
+build:
+	@$(go) build .
+
+.PHONY: run
+run:
+	@$(go) run .
+
+.PHONY: test
+test:
+	@$(go) test -v -cover -gcflags=-l ./...
+
+.PHONY: lint
+lint: golangci-lint
+	@$(golangci-lint) run ./...
+
+.PHONY: golangci-lint
+golangci-lint:
+	@$(go) install github.com/golangci/golangci-lint/cmd/[email protected]
+
+.PHONY: gofumpt
+gofumpt:
+	@$(go) install mvdan.cc/[email protected]
+
+.PHONY: oci/build
+oci/build: test
+	@$(docker) build . -t $(oci_image):$(VERSION) -f Dockerfile \
+		--build-arg GIT_HEAD_COMMIT=$(GIT_HEAD_COMMIT) \
+ 		--build-arg GIT_TAG_COMMIT=$(GIT_TAG_COMMIT) \
+ 		--build-arg GIT_MODIFIED=$(GIT_MODIFIED) \
+ 		--build-arg GIT_REPO=$(GIT_REPO) \
+ 		--build-arg GIT_LAST_TAG=$(VERSION) \
+ 		--build-arg BUILD_DATE=$(BUILD_DATE)
+
+.PHONY: oci/push
+oci/push: oci/build
+	@$(docker) push $(oci_image):$(VERSION)
+
+.PHONY: clean
+clean:
+	@rm -f $(APP)
+
+.PHONY: help
+help: list
+
+.PHONY: list
+list:
+	@LC_ALL=C $(MAKE) -pRrq -f $(lastword $(MAKEFILE_LIST)) : 2>/dev/null | awk -v RS= -F: '/^# File/,/^# Finished Make data base/ {if ($$1 !~ "^[#.]") {print $$1}}' | sort | egrep -v -e '^[^[:alnum:]]' -e '^$@$$'
+

README.md

@@ -0,0 +1,32 @@
+# wfind: like find but for web sites
+
+`wfind` (world wide web find) search for files in a web site directory hierarchy over HTTP and HTTPS, through HTML references.
+
+The tool is inspired by GNU `find(1)` and `wget(1)`.
+
+### Usage
+
+```
+wfind URL [flags]
+```
+
+#### Options
+
+```
+  -h, --help          help for wfind
+  -n, --name string   Base of file name (the path with the leading directories removed) pattern.
+  -r, --recursive     Whether to examine entries recursing into directories. Disable to behave like GNU find -maxdepth=0 option. (default true)
+  -t, --type string   The file type
+  -v, --verbose       Enable verbosity to log all visited HTTP(s) files
+```
+
+### In action
+
+```shell
+$ wfind https://mirrors.edge.kernel.org/debian/dists/ -t f -n Release
+https://mirrors.edge.kernel.org/debian/dists/bullseye/Release
+https://mirrors.edge.kernel.org/debian/dists/buster/Release
+https://mirrors.edge.kernel.org/debian/dists/sid/Release
+https://mirrors.edge.kernel.org/debian/dists/stretch/Release
+...
+```