Pull Makefile-initiated linting checks *or* move to a monthly schedule

[atc0005]

Overview

The recent bug with the v2.17.0 release of the gosec linter (bundled with golangci-lint v1.54.2) triggered false-positive linting failures across several projects using the workflows from this repo.

The go-ci based containers were updated to rollback golangci-lint to v1.54.1 which resolved the container based linting false-positives.

The linting jobs using project Makefiles however continue to fail. This is because of two reasons:

1. The project Makefiles install the latest stable release of golangci-lint
2. The upstream project does not appear to (quickly?) rollback bundled linters when a confirmed problem exists
   • the project appears to primarily wait on their upstream sources to resolve the problem before generating a new release

I originally intended for the Makefiles to serve two purposes:

• allow me to easily orchestrate common development tasks (linting, building)
• allow others to (somewhat easily) generate builds

I still use project Makefiles to generate assets (mostly using containers now), but no longer use Makefiles for local linting tasks.

As noted in the GH issue title, it's probably worth first dropping the Makefile linting checks as regular CI jobs. To begin with I'd add them to the monthly scheduled tasks, but might end up dropping them entirely, leaving them in the Makefile but generally disused.

TODO

• [x] Disable Lint codebase using Makefile job by default
• [x] Enable Lint codebase using Makefile job as monthly task
• [x] Wait a sufficient length of time to observe changes
• [ ] Consider removing CI Makefile-initiated linting tasks
  • rely on container-based linting only
  • would need to update workflow to lint using go-ci container-provided linting settings and then as a separate task (or job) lint using the project-specific linting configuration
  • might be worth dropping project-specific linting configuration?

Projects to update

Drop branch protection rule requirement for the Makefile / Lint codebase using Makefile status check:

• [x] atc0005/brick
• [x] atc0005/bridge
• [x] atc0005/check-cert
• [x] atc0005/check-illiad
• [x] atc0005/check-mail
• [x] atc0005/check-ntpt
• [x] atc0005/check-path
• [x] atc0005/check-process
• [x] atc0005/check-restart
• [x] atc0005/check-rsat
• [x] atc0005/check-ssh
• [x] atc0005/check-statuspage
• [x] atc0005/check-vmware
• [x] atc0005/check-whois
• [x] atc0005/dnsc
• [x] atc0005/elbow
• [x] atc0005/go-ci
• [x] atc0005/go-ezproxy
• [x] atc0005/go-lockss
• [x] atc0005/go-template
• [x] atc0005/hello-world
• [x] atc0005/mysql2sqlite
• [x] atc0005/go-nagios
• [x] atc0005/go-teams-notify
• [x] atc0005/nagios-debug
• [x] atc0005/query-meta
• [x] atc0005/safelinks
• [x] atc0005/send2teams
• [x] atc0005/tsm-pass

[atc0005]

Looking over the current setup the easiest path forward is to mark the job as optional just like the Makefile / Build codebase using Makefile all recipe has been marked. That job is then explicitly enabled for the monthly scheduled workflow.

[atc0005]

• Consider removing CI Makefile-initiated linting tasks

I'm thinking that by keeping this limited to a monthly schedule it remains useful as a proof against Makefiles "degrading" and no longer properly running the linting tasks.

• might be worth dropping project-specific linting configuration?

This is worth considering. Since we're using the go-ci project images which bundle a standardized golangci-lint config file we don't necessarily need project-specific config files unless those config files apply stricter linting standards than the standardized linter config.

Said another way, if we remove the linter config file from each project we should probably also remove the Makefile-initiated linting tasks from CI (currently a monthly schedule).

For now, it's probably worth leaving everything as it is until I think on this further.

[atc0005]

So to recap, next steps would include (if at all):

• dependent projects
  • remove .golangci.yml file from all projects using this repo
  • keep .markdownlint.yml file within each project
  • some projects may need to override default settings
• this project
  • remove lint_code_with_makefile job from .github/workflows/lint-and-build-using-make.yml
  • rename .github/workflows/lint-and-build-using-make.yml
  • option 1: .github/workflows/build-using-make.yml
  • option 2: .github/workflows/makefile-tasks.yml
    • currently linting and builds are the two tasks, but it might be that we introduce further tasks later
    • downside is that the filename becomes less self-documenting at a glance