chore(deps): Bump github/codeql-action from 4.31.2 to 4.31.4 (#537)

* chore(deps): Bump github/codeql-action from 4.31.2 to 4.31.4

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.2 to 4.31.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@0499de3...e12f017)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* remove nix

Signed-off-by: Bence Csati <bence.csati@axoflow.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Bence Csati <bence.csati@axoflow.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bence Csati <bence.csati@axoflow.com>

Author: dependabot[bot]

.dockerignore

@@ -1,5 +1,3 @@
-/.devenv/
-/.direnv/
 /.github/
 /bin/
 /build/

.envrc

@@ -188,7 +188,7 @@ jobs:
           retention-days: 5
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5
+        uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v3.29.5
         with:
           sarif_file: trivy-results.sarif
 
@@ -323,6 +323,6 @@ jobs:
           retention-days: 5
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5
+        uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v3.29.5
         with:
           sarif_file: trivy-results.sarif

.github/renovate.json

@@ -19,13 +19,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
+      - name: Set up Go
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+          go-version-file: '.go-version'
 
       - name: Set up Go cache
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -37,11 +36,8 @@ jobs:
           restore-keys: |
             ${{ github.job }}-${{ runner.os }}-go-
 
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
-
       - name: Build
-        run: nix develop --impure .#ci -c make build
+        run: make build
 
   test:
     name: Test
@@ -51,11 +47,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
+      - name: Set up Go
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+          go-version-file: '.go-version'
 
       - name: Set up Go cache
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -67,11 +62,8 @@ jobs:
           restore-keys: |
             ${{ github.job }}-${{ runner.os }}-go-
 
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
-
       - name: Test
-        run: nix develop --impure .#ci -c make test
+        run: make test
 
   lint:
     name: Lint
@@ -81,11 +73,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
+      - name: Set up Go
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+          go-version-file: '.go-version'
 
       - name: Set up Go cache
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -97,11 +88,25 @@ jobs:
           restore-keys: |
             ${{ github.job }}-${{ runner.os }}-go-
 
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
+      - name: Make deps
+        run: make deps
 
-      - name: Lint
-        run: nix develop --impure .#ci -c make lint -j
+      - name: Lint Go code
+        run: make lint-go
+
+      - name: Lint Helm charts
+        run: make lint-helm
+
+      - name: Run Hadolint
+        uses: hadolint/hadolint-action@v3.3.0
+        with:
+          dockerfile: Dockerfile
+          config: .hadolint.yaml
+
+      - name: Run Yamllint
+        run: |
+          pip install --user yamllint
+          yamllint .
 
   license-check:
     name: License check
@@ -111,11 +116,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
+      - name: Set up Go
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+          go-version-file: '.go-version'
 
       - name: Set up Go cache
         uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
@@ -137,39 +141,19 @@ jobs:
             licensei-v1-main
             licensei-v1
 
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
+      - name: Make deps
+        run: make deps
 
       - name: Populate license cache
-        run: nix develop --impure .#ci -c licensei cache
+        run: make license-cache
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Check licenses
-        run: nix develop --impure .#ci -c make license-check
+        run: make license-check
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-  dev:
-    name: Developer environment
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
-        with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-
-      - name: Check
-        run: nix flake check --impure
-
-      - name: Dev shell
-        run: nix develop --impure
-
   artifacts:
     name: Artifacts
     uses: ./.github/workflows/artifacts.yaml
@@ -207,14 +191,10 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
-      - name: Set up Nix
-        uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
+      - name: Set up Go
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-
-      - name: Prepare Nix shell
-        run: nix develop --impure .#ci
+          go-version-file: '.go-version'
 
       - name: Download docker image
         uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
@@ -227,7 +207,7 @@ jobs:
           name: "[helm-chart] package"
 
       - name: Test
-        run: nix develop --impure .#ci -c make test-e2e
+        run: make test-e2e
         env:
           KIND_K8S_VERSION: ${{ matrix.k8s_version }}
           LOAD_IMAGE_ARCHIVE: ${{ github.workspace }}/docker.tar

.github/workflows/artifacts.yaml

@@ -1,6 +1,3 @@
-/.devenv/
-/.direnv/
-/.pre-commit-config.yaml
 /bin/
 /build/
 /tmp/

.github/workflows/ci.yaml

@@ -0,0 +1 @@
+1.24.1

.gitignore

@@ -25,7 +25,7 @@ ignored = [
 
 [header]
 authors = ["Cisco", "Bank-Vaults Maintainers"]
-ignorePaths = [".direnv", ".devenv", "vendor"]
+ignorePaths = ["vendor"]
 ignoreFiles = ["zz_generated.*.go"]
 template = """// Copyright © :YEAR: :AUTHOR:
 //

.go-version

@@ -123,6 +123,10 @@ lint-yaml:
 fmt: ## Run go fmt against code
 	$(GOLANGCI_LINT_BIN) run --fix
 
+.PHONY: license-cache
+license-cache: ## Populate license cache
+	$(LICENSEI_BIN) cache
+
 .PHONY: license-check
 license-check: ## Run license check
 	$(LICENSEI_BIN) check

.licensei.toml

@@ -62,11 +62,8 @@ file](https://github.com/bank-vaults/vault-secrets-reloader/blob/main/e2e/deploy
 
 ## Development
 
-**For an optimal developer experience, it is recommended to install [Nix](https://nixos.org/download.html) and
-[direnv](https://direnv.net/docs/installation.html).**
-
-_Alternatively, install [Go](https://go.dev/dl/) on your computer then run `make deps` to install the rest of the
-dependencies._
+Install [Go](https://go.dev/dl/) on your computer then run `make deps` to install the rest of the
+dependencies.
 
 Make sure Docker is installed with Compose and Buildx.