add github workflow (#7)

* add github workflow

Signed-off-by: songtao98 <songtao2603060@gmail.com>

* add ci approvers

Signed-off-by: songtao98 <songtao2603060@gmail.com>

---------

Signed-off-by: songtao98 <songtao2603060@gmail.com>

.github/ISSUE_TEMPLATE/bug-report.md

@@ -0,0 +1,29 @@
+---
+name: Bug Report
+about: Create a report to help us improve
+title: "[BUG]"
+labels: kind/bug
+
+---
+
+<!-- Please use this template while reporting a bug and provide as much info as possible. Not doing so may result in your bug not being addressed in a timely manner. Thanks!-->
+
+**What happened**:
+
+**What you expected to happen**:
+
+**How to reproduce it (as minimally and precisely as possible)**:
+
+**Anything else we need to know?**:
+
+**Environment**:
+- App version:
+- Kubernetes version (use `kubectl version`):
+- Install details (e.g. helm install args):
+- Node environment (for koordlet/runtime-proxy issue):
+  - Containerd/Docker version:
+  - OS version:
+  - Kernal version:
+  - Cgroup driver: cgroupfs/systemd
+- Others:
+

.github/ISSUE_TEMPLATE/proposal.md

@@ -0,0 +1,17 @@
+---
+name: Proposal
+about: Suggest an idea for this project
+title: "[proposal]"
+labels: kind/proposal
+
+---
+
+<!-- Please only use this template for submitting proposal -->
+
+**What is your proposal**:
+
+
+**Why is this needed**:
+
+
+**Is there a suggested solution, if so, please add it**:

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,25 @@
+---
+name: Question
+about: Support request or question relating to Koordetector
+title: "[question]"
+labels: kind/question
+
+---
+
+<!-- Please only use this template for submitting question -->
+
+**What happened:**
+
+**What you expected to happen:**
+
+**Environment:**
+
+<!-- Please add environment information, if you know what is necessary, just provide some -->
+
+- Koordetector version: - v0.0.1
+- Kubernetes version (use kubectl version): v1.22.5
+- docker/containerd version: containerd 1.5.0
+- OS (e.g: cat /etc/os-release): Ubuntu 20.04.4 LTS
+- Kernel (e.g. uname -a): Linux 5.10.112-11.al8.x86_64 #1 SMP Tue May 24 16:05:50 CST 2022 x86_64 x86_64 x86_64 GNU/Linux
+
+**Anything else we need to know:**

.github/OWNERS

@@ -0,0 +1,6 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+approvers:
+  - ci-approvers
+reviewers:
+  - ci-approvers

.github/dependabot.yml

@@ -0,0 +1,20 @@
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependencies"
+    commit-message:
+      prefix: "feat"
+      include: "scope"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependencies"
+    commit-message:
+      prefix: "chore"
+      include: "scope"

.github/pull_request_template.md

@@ -0,0 +1,22 @@
+### Ⅰ. Describe what this PR does
+
+<!--
+- Summarize your change (**mandatory**)
+- How does this PR work? Need a brief introduction for the changed logic (optional)
+- Describe clearly one logical change and avoid lazy messages (optional)
+- Describe any limitations of the current code (optional)
+-->
+
+### Ⅱ. Does this pull request fix one issue?
+
+<!--If so, add "fixes #xxxx" below in the next line, for example, fixes #15. Otherwise, add "NONE" -->
+
+### Ⅲ. Describe how to verify it
+
+### Ⅳ. Special notes for reviews
+
+### V. Checklist
+
+- [ ] I have written necessary docs and comments
+- [ ] I have added necessary unit tests and integration tests
+- [ ] All checks passed in `make test`

.github/workflows/ci.yaml

@@ -0,0 +1,121 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+  pull_request: {}
+  workflow_dispatch: {}
+
+jobs:
+  golangci-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - uses: golangci/golangci-lint-action@v3
+        with:
+          args: --verbose
+          version: v1.47.3
+
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-ut-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-ut-
+      - name: Check Go modules
+        run: |
+          go mod tidy && git add go.* &&
+          git diff --cached --exit-code || (echo 'Please run "go mod tidy" to sync Go modules' && exit 1);
+      - name: Check manifests
+        run: |
+          make manifests && git add config &&
+          git diff --cached --exit-code || (echo 'Please run "make manifests" to generate manifests' && exit 1);
+      - name: Check auto-generated codes
+        run: |
+          make generate && git add pkg apis &&
+          git diff --cached --exit-code || (echo 'Please run "make generate" to generate Go codes' && exit 1);
+      - name: Verify gofmt
+        run: |
+          make fmt && git add apis pkg cmd &&
+          git diff --cached --exit-code || (echo 'Please run "make fmt" to verify gofmt' && exit 1);
+      - name: Verify govet
+        run: |
+          make vet && git add apis pkg cmd &&
+          git diff --cached --exit-code || (echo 'Please run "make vet" to verify govet' && exit 1);
+      - name: Run Go build
+        run: make build
+      - name: Run Go test
+        run: make fast-test
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          flags: unittests
+          file: cover.out
+          fail_ci_if_error: true
+          verbose: true
+
+  build-and-push:
+    needs: [golangci-lint, unit-tests]
+    if: github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        target: [interference-manager]
+    env:
+      GITHUB_REG: ghcr.io
+      ALIYUN_BJ_REG: registry.cn-beijing.aliyuncs.com
+      ALIYUN_HZ_REG: registry.cn-hangzhou.aliyuncs.com
+    steps:
+      - uses: docker/setup-buildx-action@v2
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.GITHUB_REG }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Login to AliyunCS_BJ
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.ALIYUN_BJ_REG }}
+          username: ${{ secrets.ALIYUN_USERNAME }}
+          password: ${{ secrets.ALIYUN_PWD }}
+      - name: Login to AliyunCS_HZ
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.ALIYUN_HZ_REG }}
+          username: ${{ secrets.ALIYUN_USERNAME }}
+          password: ${{ secrets.ALIYUN_PWD }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          platforms: linux/amd64
+          push: true
+          pull: true
+          file: docker/${{ matrix.target }}.dockerfile
+          labels: |
+            org.opencontainers.image.title=${{ matrix.target }}
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.created=${{ github.event.repository.updated_at}}
+            org.opencontainers.image.licenses=Apache-2.0
+          tags: |
+            ${{ env.GITHUB_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest
+            ${{ env.ALIYUN_BJ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest
+            ${{ env.ALIYUN_HZ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest
+          cache-from: type=gha,scope=build-${{ matrix.target }}
+          cache-to: type=gha,mode=max,scope=build-${{ matrix.target }}

.github/workflows/codeql.yml

@@ -0,0 +1,46 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+    paths-ignore:
+      - '**/*.md'
+      - 'apis/**'
+      - 'pkg/client/**'
+  schedule:
+    - cron: '30 16 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['go']
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Setup local cache
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-codeql-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-codeql-
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/license.yml

@@ -0,0 +1,29 @@
+name: License
+
+on:
+  push:
+    branches:
+      - main
+      - release-*
+  pull_request: {}
+  workflow_dispatch: {}
+
+jobs:
+  license-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.6
+      - name: Check license
+        run: |
+          gem install license_finder
+          license_finder --decisions_file .license/dependency_decisions.yml
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+      - name: Check license header
+        run: |
+          make lint-license && git add apis pkg cmd || exit 1
+          git diff --cached --exit-code || (echo 'Please run "make lint-license" to verify license header' && exit 1);