feat: Go support (#992)

* feat: Go support * ci: remove ssh publishing * Update .projenrc.js Co-authored-by: Eli Polonsky <Eli.polonsky@gmail.com> * chore: self mutation Signed-off-by: github-actions <github-actions@github.com> Signed-off-by: github-actions <github-actions@github.com> Co-authored-by: Eli Polonsky <Eli.polonsky@gmail.com> Co-authored-by: github-actions <github-actions@github.com>
cdklabs · Aug 29, 2022 · 32754b4 · 32754b4
1 parent 3a447be
commit 32754b4
Show file tree

Hide file tree

Showing 7 changed files with 117 additions and 32 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
diff --git a/.mergify.yml b/.mergify.yml
diff --git a/.projen/tasks.json b/.projen/tasks.json
diff --git a/.projenrc.js b/.projenrc.js
@@ -29,6 +29,11 @@ const project = new awscdk.AwsCdkConstructLibrary({
     mavenArtifactId: 'cdknag',
     mavenEndpoint: 'https://s01.oss.sonatype.org',
   },
+  publishToGo: {
+    moduleName: 'github.com/cdklabs/cdk-nag-go',
+    gitUserName: 'cdklabs-automation',
+    gitUserEmail: 'cdklabs-automation@amazon.com',
+  },
   projenUpgradeSecret: 'PROJEN_GITHUB_TOKEN',
   autoApproveOptions: {
     allowedUsernames: ['cdklabs-automation'],

diff --git a/README.md b/README.md
@@ -9,12 +9,15 @@ SPDX-License-Identifier: Apache-2.0
 [![npm version](https://img.shields.io/npm/v/cdk-nag)](https://www.npmjs.com/package/cdk-nag)
 [![Maven version](https://img.shields.io/maven-central/v/io.github.cdklabs/cdknag)](https://search.maven.org/search?q=a:cdknag)
 [![NuGet version](https://img.shields.io/nuget/v/Cdklabs.CdkNag)](https://www.nuget.org/packages/Cdklabs.CdkNag)
+[![Go version](https://img.shields.io/github/go-mod/go-version/cdklabs/cdk-nag-go?color=blue&filename=cdknag%2Fgo.mod)](https://github.com/cdklabs/cdk-nag-go)
+
+[![View on Construct Hub](https://constructs.dev/badge?package=cdk-nag)](https://constructs.dev/packages/cdk-nag)
 
 Check CDK applications or [CloudFormation templates](#using-on-cloudformation-templates) for best practices using a combination of available rule packs. Inspired by [cfn_nag](https://github.com/stelligent/cfn_nag).
 
 Check out [this blog post](https://aws.amazon.com/blogs/devops/manage-application-security-and-compliance-with-the-aws-cloud-development-kit-and-cdk-nag/) for a guided overview!
 
-![](cdk_nag.gif)
+![demo](cdk_nag.gif)
 
 ## Available Packs
 
@@ -261,7 +264,6 @@ You would see the following error on synth/deploy
 
 ## Suppressing `aws-cdk-lib/pipelines` Violations
 
-
 The [aws-cdk-lib/pipelines.CodePipeline](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodePipeline.html) construct and its child constructs are not guaranteed to be "Visited" by `Aspects`, as they are not added during the "Construction" phase of the [cdk lifecycle](https://docs.aws.amazon.com/cdk/v2/guide/apps.html#lifecycle). Because of this behavior, you may experience problems such as rule violations not appearing or the inability to suppress violations on these constructs.
 
 You can remediate these rule violation and suppression problems by forcing the pipeline construct creation forward by calling `.buildPipeline()` on your `CodePipeline` object. Otherwise you may see errors such as:
@@ -286,44 +288,46 @@ const app = new App();
 new ExamplePipeline(app, 'example-cdk-pipeline');
 Aspects.of(app).add(new AwsSolutionsChecks({ verbose: true }));
 app.synth();
-  ```
-
-  `example-pipeline.ts`
-
-  ```ts
+
+````
+
+`example-pipeline.ts`
+
+```ts
 import { Stack, StackProps } from 'aws-cdk-lib';
 import { Repository } from 'aws-cdk-lib/aws-codecommit';
 import { CodePipeline, CodePipelineSource, ShellStep } from 'aws-cdk-lib/pipelines';
 import { NagSuppressions } from 'cdk-nag';
 import { Construct } from 'constructs';
 
 export class ExamplePipeline extends Stack {
-  constructor(scope: Construct, id: string, props?: StackProps) {
-    super(scope, id, props);
-
-    const exampleSynth = new ShellStep('ExampleSynth', {
-      commands: ['yarn build --frozen-lockfile'],
-      input: CodePipelineSource.codeCommit(new Repository(this, 'ExampleRepo', { repositoryName: 'ExampleRepo' }), 'main'),
-    });
-
-    const ExamplePipeline = new CodePipeline(this, 'ExamplePipeline', {
-      synth: exampleSynth,
-    });
-
-    // Force the pipeline construct creation forward before applying suppressions.
-    // @See https://github.com/aws/aws-cdk/issues/18440
-    ExamplePipeline.buildPipeline();
-
-    // The path suppression will error if you comment out "ExamplePipeline.buildPipeline();""
-    NagSuppressions.addResourceSuppressionsByPath(this, '/example-cdk-pipeline/ExamplePipeline/Pipeline/ArtifactsBucket/Resource', [
-      {
-        id: 'AwsSolutions-S1',
-        reason: 'Because I said so',
-      },
-    ]);
-  }
+constructor(scope: Construct, id: string, props?: StackProps) {
+  super(scope, id, props);
+
+  const exampleSynth = new ShellStep('ExampleSynth', {
+    commands: ['yarn build --frozen-lockfile'],
+    input: CodePipelineSource.codeCommit(new Repository(this, 'ExampleRepo', { repositoryName: 'ExampleRepo' }), 'main'),
+  });
+
+  const ExamplePipeline = new CodePipeline(this, 'ExamplePipeline', {
+    synth: exampleSynth,
+  });
+
+  // Force the pipeline construct creation forward before applying suppressions.
+  // @See https://github.com/aws/aws-cdk/issues/18440
+  ExamplePipeline.buildPipeline();
+
+  // The path suppression will error if you comment out "ExamplePipeline.buildPipeline();""
+  NagSuppressions.addResourceSuppressionsByPath(this, '/example-cdk-pipeline/ExamplePipeline/Pipeline/ArtifactsBucket/Resource', [
+    {
+      id: 'AwsSolutions-S1',
+      reason: 'Because I said so',
+    },
+  ]);
 }
-  ```
+}
+````
+
 </details>
 
 ## Rules and Property Overrides

diff --git a/package.json b/package.json