Added go linting

[dependabot]

what

• Added go linting

why

• Port go linting from atmos

References

• https://linear.app/cloudposse/issue/DEV-3115/consistent-lintcoverage-checks-in-go-repos

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds new CI workflows (autofix, CodeQL, pre-commit) and tooling configs (golangci-lint, pre-commit, Aqua, Codecov). Performs minor formatting in issue/PR templates and docs. Bumps actions/checkout to v5 in select workflows. Makes small Go source edits (variable declarations, build tag). Adds checksums and registry configs for Aqua.

Changes

Cohort / File(s)	Summary of changes
Issue & PR templates .github/ISSUE_TEMPLATE/bug_report.md, .github/ISSUE_TEMPLATE/bug_report.yml, .github/ISSUE_TEMPLATE/config.yml, .github/ISSUE_TEMPLATE/feature_request.md, .github/ISSUE_TEMPLATE/feature_request.yml, .github/PULL_REQUEST_TEMPLATE.md	Whitespace and minor markdown formatting adjustments (trailing spaces, blank lines, punctuation in links); no behavioral changes.
GitHub Actions workflows .github/workflows/autofix.yml, .github/workflows/codeql.yml, .github/workflows/pre-commit.yml, .github/workflows/test.yml, .github/workflows/validate-codeowners.yml	Adds new workflows for autofix, CodeQL analysis, and pre-commit; updates actions/checkout to v5 in existing workflows; configures Go linting and SARIF uploads.
Linting & pre-commit config .golangci.yml, .pre-commit-config.yaml, .vscode/launch.json	Introduces comprehensive golangci-lint configuration; adds pre-commit hooks for Go and hygiene; adds trailing newline to VS Code launch config.
Aqua tooling aqua/aqua.yaml, aqua/aqua-checksums.json, aqua/imports/gofumpt.yaml	Adds Aqua config, checksums manifest, and gofumpt package import for tool management with checksums enforced.
Coverage reporting codecov.yml	Adds Codecov configuration for project and patch coverage thresholds, file ignores, PR comments, and GitHub checks.
Docs and examples formatting docs/index.md, examples/README.md, templates/index.md.tmpl, examples/tests/.../providers_override.tf.json, examples/tests/.../invalid-schema-7.yaml	Cosmetic formatting fixes (code fence closure, newline at EOF, line reflow, trailing blank line removal); no content or logic changes.
Go source tweaks internal/provider/data_source_deep_merge_json.go, main.go, tools/tools.go	Minor refactors to variable declarations; adds modern //go:build tools tag alongside legacy build tag; no behavioral change.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Out of Scope Changes Check	⚠️ Warning	In addition to linting infrastructure, the PR introduces numerous formatting edits to issue and pull request templates, documentation, example files, and unrelated code style tweaks in internal/provider and main.go that are not part of the linked issue’s focus on lint and coverage setup. These extraneous changes diverge from the objectives of DEV-3115 and complicate the review by mixing formatting and unrelated code adjustments with the linting improvements.	Please separate formatting and unrelated code style changes into a different pull request so that this PR remains focused solely on adding the required linting and coverage infrastructure.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title “Added go linting” succinctly and accurately summarizes the primary change in the pull request, which is the addition of Go linting infrastructure and workflows. It is concise, free of extraneous details, and clearly communicates the main purpose of the PR to reviewers scanning the history. The phrasing directly reflects the core objective without ambiguity.
Linked Issues Check	✅ Passed	The pull request adds standardized linting and coverage configurations—including golangci-lint setup, CodeQL workflows, pre-commit hooks, and Codecov integration—that mirror the atmos repository’s setup and directly fulfill the DEV-3115 objective of consistent lint and coverage checks across Go projects. These changes align with the linked issue’s requirements by replicating the established lint/coverage infrastructure. All coding-related tasks specified in DEV-3115 are addressed by the new configuration and workflow files.
Description Check	✅ Passed	The description outlines what was added (Go linting), why it was ported from the atmos repository, and provides a relevant reference link, all of which directly relate to the changeset. It is not off-topic and gives reviewers sufficient context about the purpose of the PR. Although brief, it adequately describes the change without being misleading.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/github_actions/actions/checkout-5

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mergify]

Important

Cloud Posse Engineering Team Review Required

This pull request modifies files that require Cloud Posse's review. Please be patient, and a core maintainer will review your changes.

To expedite this process, reach out to us on Slack in the #pr-reviews channel.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[Benbentwo]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/autofix.yml (1)

14-16: Consider upgrading to checkout v5 for consistency.

This workflow uses actions/[email protected], while other workflows in this PR (test.yml, validate-codeowners.yml) have been upgraded to actions/checkout@v5. Consider updating this for consistency across all workflows.

Apply this diff to align with other workflows:

-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v5.2.2
         with:
           persist-credentials: false

Note: Update the commit hash to match the v5.2.2 release if upgrading.

.github/workflows/pre-commit.yml (1)

35-43: Pin the Go tool versions for reproducible CI.

Installing gofumpt at @latest (and golangci-lint without matching the lint job) makes every run depend on the momentary state of upstream releases, which is brittle. Please pin the versions here to the same ones declared via Aqua/golangci to keep CI reproducible.

-          go install mvdan.cc/gofumpt@latest
+          go install mvdan.cc/[email protected]
@@
-          go install github.com/golangci/golangci-lint/v2/cmd/[email protected]
+          go install github.com/golangci/golangci-lint/v2/cmd/[email protected]

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 762b3bd and 296e76a.

📒 Files selected for processing (26)

• .github/ISSUE_TEMPLATE/bug_report.md (2 hunks)
• .github/ISSUE_TEMPLATE/bug_report.yml (1 hunks)
• .github/ISSUE_TEMPLATE/config.yml (1 hunks)
• .github/ISSUE_TEMPLATE/feature_request.md (1 hunks)
• .github/ISSUE_TEMPLATE/feature_request.yml (2 hunks)
• .github/PULL_REQUEST_TEMPLATE.md (1 hunks)
• .github/workflows/autofix.yml (1 hunks)
• .github/workflows/codeql.yml (1 hunks)
• .github/workflows/pre-commit.yml (1 hunks)
• .github/workflows/test.yml (2 hunks)
• .github/workflows/validate-codeowners.yml (1 hunks)
• .golangci.yml (1 hunks)
• .pre-commit-config.yaml (1 hunks)
• .vscode/launch.json (1 hunks)
• aqua/aqua-checksums.json (1 hunks)
• aqua/aqua.yaml (1 hunks)
• aqua/imports/gofumpt.yaml (1 hunks)
• codecov.yml (1 hunks)
• docs/index.md (1 hunks)
• examples/README.md (1 hunks)
• examples/tests/components/terraform/test/test-component/providers_override.tf.json (1 hunks)
• examples/tests/stacks/catalog/invalid-yaml-and-schema/invalid-schema-7.yaml (0 hunks)
• internal/provider/data_source_deep_merge_json.go (1 hunks)
• main.go (1 hunks)
• templates/index.md.tmpl (1 hunks)
• tools/tools.go (1 hunks)

💤 Files with no reviewable changes (1)

• examples/tests/stacks/catalog/invalid-yaml-and-schema/invalid-schema-7.yaml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Summary

🔇 Additional comments (13)

tools/tools.go (1)

1-2: Go build tag addition looks good

The modern //go:build tools constraint alongside the legacy tag keeps the helper file consistent across Go versions. Nice and tidy.

templates/index.md.tmpl (1)

16-16: Consistent schema placeholder formatting retained.
The preserved trimspace usage keeps tfplugindocs output stable—nothing else to flag.

docs/index.md (1)

21-21: Schema section heading restored.
Bringing back the heading keeps the docs aligned with tfplugindocs output—looks good.

.github/workflows/test.yml (1)

29-29: LGTM!

The upgrade to actions/checkout@v5 is appropriate and aligns with the PR's broader CI modernization efforts.

Also applies to: 69-69

examples/README.md (1)

5-6: LGTM!

The text reflow improves readability without changing the semantic content.

internal/provider/data_source_deep_merge_json.go (1)

64-64: LGTM!

The change to use short variable declaration (:=) is more idiomatic for function-scoped variables in Go and likely aligns with the newly added linter rules.

.github/workflows/validate-codeowners.yml (1)

12-12: LGTM!

The upgrade to actions/checkout@v5 is consistent with other workflow updates in this PR.

main.go (1)

12-12: LGTM!

The simplified single-line variable declaration is cleaner and likely aligns with the newly added linter rules.

.github/workflows/autofix.yml (4)

21-22: LGTM!

The aqua upc -prune command correctly updates and prunes the checksum file, ensuring only necessary checksums are maintained.

---

31-43: LGTM!

The conditional execution of gofumpt based on changed Go files is efficient. The shellcheck disable for SC2086 is justified, as word splitting is intentional for passing multiple files to gofumpt.

---

50-54: LGTM!

The use of || true for pre-commit hooks is appropriate in an autofix workflow, as the hooks may report issues while still fixing them. The autofix-ci/action will commit any changes made.

---

1-5: LGTM!

The comment clearly documents the strict naming requirement for Autofix CI, which is critical for developers to understand.

codecov.yml (1)

1-35: LGTM!

The Codecov configuration is well-structured with appropriate defaults:

• Project and patch coverage targets are reasonable for a Go project.
• The 1% threshold accounts for Codecov's rounding behavior.
• Marking patch coverage as informational: true (line 17) is appropriate for initial rollout, preventing it from blocking PRs while teams adjust to coverage expectations.
• The ignore patterns correctly exclude mocks and test helpers from coverage calculations.