From 8cb292a76954bebe17821cbfe101fbf08a3fdae8 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 17:52:57 -0400
Subject: [PATCH 01/11] remove travis in favor of GitHub Actions

---
 .travis.yml | 10 ----------
 1 file changed, 10 deletions(-)
 delete mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 97992a8..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-language: go
-
-go:
-    - 1.11.x
-    - 1.12.x
-
-env:
-    - GO111MODULE=on
-
-script: make test

From f3345b674d7c22a659ed30e978ff91cabcd4953e Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 17:53:14 -0400
Subject: [PATCH 02/11] Build with Go 1.14.5

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 6cdc953..232e8b6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.12-alpine as builder
+FROM golang:1.14.5-alpine as builder
 
 RUN apk add --no-cache ca-certificates libc-dev git make gcc
 RUN adduser -D pentagon

From b2a39b5522aefcf08ffb9628ba526f84e8f8d6da Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:19:15 -0400
Subject: [PATCH 03/11] update to go 1.14

---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 5ab3bb1..0a7de12 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/vimeo/pentagon
 
-go 1.12
+go 1.14
 
 require (
 	cloud.google.com/go v0.26.0

From 6cdc2a505eade925418f934ea1766f1d1c51288f Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:20:44 -0400
Subject: [PATCH 04/11] Use GitHub Actions for Building, Testing, and Pushing

---
 .github/workflows/go.yml | 52 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 .github/workflows/go.yml

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
new file mode 100644
index 0000000..886023e
--- /dev/null
+++ b/.github/workflows/go.yml
@@ -0,0 +1,52 @@
+name: Go
+on: [push]
+jobs:
+  build:
+    name: Build
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macOS-latest, ubuntu-latest]
+        goversion: [1.13, 1.14]
+    steps:
+      - name: Set up Go ${{matrix.goversion}} on ${{matrix.os}}
+        uses: actions/setup-go@v1
+        with:
+          go-version: ${{matrix.goversion}}
+        id: go
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v1
+
+      - name: gofmt
+        run: |
+          [[ -z  $(gofmt -l $(find . -name '*.go') ) ]]
+
+      - name: Get dependencies
+        env:
+          GO111MODULE: on
+        run: go mod download
+
+      - name: Vet
+        env:
+          GO111MODULE: on
+        run: go vet -mod=readonly ./...
+
+      - name: Test
+        env:
+          GO111MODULE: on
+        run: go test -mod=readonly -count 2 ./...
+
+      - name: Race Test
+        env:
+          GO111MODULE: on
+        run: go test -race -mod=readonly -count 2 ./...
+
+      - name: Build and push Docker images
+        uses: docker/build-push-action@v1.1.0
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+          repository: vimeo/pentagon
+          tag_with_ref: true
+          push: ${{ startsWith(github.ref, 'refs/tags/') }}

From 08c1b6515cbeeaccae73711f08a4f78f7059a5e1 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:24:03 -0400
Subject: [PATCH 05/11] Fix SecretType Defaulting Bug

---
 config.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.go b/config.go
index a555814..6a23540 100644
--- a/config.go
+++ b/config.go
@@ -55,7 +55,7 @@ func (c *Config) SetDefaults() {
 			c.Mappings[i].VaultEngineType = c.Vault.DefaultEngineType
 		}
 		if m.SecretType == "" {
-			m.SecretType = corev1.SecretTypeOpaque
+			c.Mappings[i].SecretType = corev1.SecretTypeOpaque
 		}
 	}
 }

From 24af1f56c134abda317fd87884ba1a7615392e80 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:33:19 -0400
Subject: [PATCH 06/11] remove dockerhub push from main build stage

---
 .github/workflows/go.yml | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 886023e..4aa7ce0 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -41,12 +41,3 @@ jobs:
         env:
           GO111MODULE: on
         run: go test -race -mod=readonly -count 2 ./...
-
-      - name: Build and push Docker images
-        uses: docker/build-push-action@v1.1.0
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
-          repository: vimeo/pentagon
-          tag_with_ref: true
-          push: ${{ startsWith(github.ref, 'refs/tags/') }}

From b0b6f9112614e6f6862605ab06b6be9f6f0ea2d1 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:41:40 -0400
Subject: [PATCH 07/11] also run build/test on pull requests

---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 4aa7ce0..863e94f 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -1,5 +1,5 @@
 name: Go
-on: [push]
+on: [push, pull_request]
 jobs:
   build:
     name: Build

From 2ad0412d0333dd982f5831f7d6938882f1c0ae06 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:42:15 -0400
Subject: [PATCH 08/11] push to dockerhub on release

---
 .github/workflows/docker-hub.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/workflows/docker-hub.yml

diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
new file mode 100644
index 0000000..846d0d1
--- /dev/null
+++ b/.github/workflows/docker-hub.yml
@@ -0,0 +1,18 @@
+name: DockerHub
+on: [release]
+jobs:
+  build:
+    name: Build and Push to DockerHub
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Build and push Docker images
+        uses: docker/build-push-action@v1.1.0
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+          repository: vimeo/pentagon
+          tag_with_ref: true
+          push: ${{ startsWith(github.ref, 'refs/tags/') }}

From f9cf48ebff26452921ad5d39dd99fd7c89a9c64f Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:47:31 -0400
Subject: [PATCH 09/11] modify badge to reference GitHub Actions

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 4bd8fb9..83c335a 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,5 @@
-[![Build Status](https://travis-ci.org/vimeo/pentagon.svg?branch=master)](https://travis-ci.org/vimeo/pentagon) [![GoDoc](https://godoc.org/github.com/vimeo/pentagon?status.svg)](https://godoc.org/github.com/vimeo/pentagon) [![Go Report Card](https://goreportcard.com/badge/github.com/vimeo/pentagon)](https://goreportcard.com/report/github.com/vimeo/pentagon) 
+![Go](https://github.com/vimeo/pentagon/workflows/Go/badge.svg)
+[![GoDoc](https://godoc.org/github.com/vimeo/pentagon?status.svg)](https://godoc.org/github.com/vimeo/pentagon) [![Go Report Card](https://goreportcard.com/badge/github.com/vimeo/pentagon)](https://goreportcard.com/report/github.com/vimeo/pentagon) 
 
 # Pentagon
 Pentagon is a small application designed to run as a Kubernetes CronJob to periodically copy secrets stored in [Vault](https://www.vaultproject.io) into equivalent [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/), keeping them synchronized.  Naturally, this should be used with care as "standard" Kubernetes Secrets are simply obfuscated as base64-encoded strings.  However, one can and should use more secure methods of securing secrets including Google's [KMS](https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets) and restricting roles and service accounts appropriately.

From b5d4ff2244e5369cbf658973aab6e72e5f374c3f Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Thu, 16 Jul 2020 18:48:17 -0400
Subject: [PATCH 10/11] only push

---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 863e94f..4aa7ce0 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -1,5 +1,5 @@
 name: Go
-on: [push, pull_request]
+on: [push]
 jobs:
   build:
     name: Build

From 875e45e3e31e697ecc0b2edf2ba5e7bbf3bba6c6 Mon Sep 17 00:00:00 2001
From: Sergio Salvatore <sergio@vimeo.com>
Date: Fri, 17 Jul 2020 11:27:57 -0400
Subject: [PATCH 11/11] bump to Go 1.14.6

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 232e8b6..318a7ca 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.14.5-alpine as builder
+FROM golang:1.14.6-alpine as builder
 
 RUN apk add --no-cache ca-certificates libc-dev git make gcc
 RUN adduser -D pentagon