ROX-31473: Setup repo and CI pipeline for testing and style checks

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,3 @@
+# Code of Conduct
+
+The Stackrox code of conduct can be found [here](https://stackrox.io/code-conduct).

.github/CONTRIBUTING.md

@@ -0,0 +1,110 @@
+# Contributing to StackRox MCP
+
+Thank you for your interest in contributing to StackRox MCP! This document provides guidelines and instructions for contributing to the project.
+
+## Getting Started
+
+Before contributing, get the project running locally:
+
+### Initial Setup
+
+Clone the repository:
+```bash
+git clone https://github.com/stackrox/stackrox-mcp.git
+cd stackrox-mcp
+```
+
+Build the project:
+```bash
+make build
+```
+
+Run the server:
+```bash
+./stackrox-mcp
+```
+
+Once you have the project running, familiarize yourself with the development workflow below.
+
+## Development Guidelines
+
+### Code Quality Standards
+
+All code must pass the following checks before being merged:
+
+- **Formatting:** Run `make fmt` to format your code
+- **Format Check:** Run `make fmt-check` to verify code is formatted
+- **Linting:** Run `make lint` to check for style issues
+- **Testing:** All tests must pass with `make test`
+
+These checks are automatically run in CI for all pull requests.
+
+### Available Make Targets
+
+View all available make commands:
+```bash
+make help
+```
+
+Common development commands:
+- `make build` - Build the binary
+- `make test` - Run unit tests with coverage
+- `make coverage-html` - Generate and view HTML coverage report
+- `make fmt` - Format code
+- `make fmt-check` - Check code formatting (fails if not formatted)
+- `make lint` - Run golangci-lint
+- `make clean` - Clean build artifacts and coverage files
+
+### Testing
+
+- Write unit tests for all new functionality
+- Aim for 80% code coverage
+- All error paths should be tested
+- Run tests with coverage:
+  ```bash
+  make test
+  ```
+- Generate and view detailed coverage report:
+  ```bash
+  make coverage-html
+  ```
+
+## Pull Request Guidelines
+
+### Creating a PR
+
+- **Title:**
+    - The title of your PR should be clear and descriptive.
+    - It should be short enough to fit into the title box.
+    - **PR addresses JIRA ticket:** `ROX-1234: Add feature ABC`
+    - **Otherwise use conventional commit style:** `<type>(<scope>): <description>`
+        - Types: `fix`, `docs`, `test`, `refactor`, `chore`, `ci`
+        - Example: `fix(builds): Fix builds for ABC architecture`
+
+- **Description:**
+    - Describe the motivation for this change, or why some things were done a certain way.
+    - Focus on what cannot be extracted from the code, e.g., alternatives considered and dismissed (and why), performance concerns, non-evident edge cases.
+
+- **Validation:**
+    - Provide information that can help the PR reviewer test changes and validate they are correct.
+    - In some cases, it will be sufficient to mention that unit tests are added and they cover the changes.
+    - In other cases, testing may be more complex, and providing steps on how to set up and test everything will be very valuable for reviewers.
+
+### Merging a PR
+
+- Make sure that **all CI statuses are green**.
+- Always use `Squash and merge` as the merging mode (default).
+- Double-check that the title of the commit ("subject line") is **your PR title**, followed by the PR number prefixed with a `#` in parentheses.
+- Merge commit message example: `ROX-1234: Add feature ABC (#5678)`.
+- The body of the commit message should be empty. If GitHub pre-populates it, delete it.
+
+## Code Review Process
+
+- All PRs require at least one approval before merging
+- Address all reviewer comments and suggestions
+- Keep PRs focused and reasonably sized
+- Respond to feedback in a timely manner
+
+## License
+
+By contributing to StackRox MCP, you agree that your contributions will be licensed under the Apache License 2.0.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,7 @@
+### Description
+
+<!-- Please provide information on what this PR changes. -->
+
+### Validation
+
+<!-- Please provide information on how changes have been validated and tested. -->

.github/workflows/style.yml

@@ -0,0 +1,35 @@
+name: Style
+
+on:
+  push:
+    tags:
+      - '*'
+    branches:
+      - main
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+
+jobs:
+  style:
+    name: Code Style Checks
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.24'
+
+      - name: Check code formatting
+        run: make fmt-check
+
+      - name: Run golangci-lint
+        uses: golangci/golangci-lint-action@v8
+        with:
+          version: v2.6

.github/workflows/test.yml

@@ -0,0 +1,40 @@
+name: Test
+
+on:
+  push:
+    tags:
+      - '*'
+    branches:
+      - main
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+
+jobs:
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.24'
+
+      - name: Download dependencies
+        run: go mod download
+
+      - name: Run tests with coverage
+        run: make test
+
+#      - name: Upload coverage to Codecov
+#        uses: codecov/codecov-action@v4
+#        with:
+#          file: ./coverage.out
+#          token: ${{ secrets.CODECOV_TOKEN }}
+#          fail_ci_if_error: false

.gitignore

@@ -0,0 +1,13 @@
+# IDE and editor files
+.vscode/
+.idea/
+.DS_Store
+
+# Test coverage output
+/*.out
+
+# Build output
+/stackrox-mcp
+
+# Lint output
+/report.xml

.golangci.yml

@@ -0,0 +1,23 @@
+version: "2"
+run:
+  timeout: 240m
+  go: "1.24"
+  modules-download-mode: readonly
+  allow-parallel-runners: true
+output:
+  formats:
+    text:
+      path: stdout
+    junit-xml:
+      path: report.xml
+linters:
+  default: all
+  disable:
+    - wsl
+    - depguard
+    - exhaustruct
+    - paralleltest
+    - testpackage
+issues:
+  max-issues-per-linter: 0
+  max-same-issues: 0

Makefile

@@ -0,0 +1,59 @@
+# Default target
+.DEFAULT_GOAL := help
+
+# Binary name
+BINARY_NAME=stackrox-mcp
+
+# Go parameters
+GOCMD=go
+GOBUILD=$(GOCMD) build
+GOTEST=$(GOCMD) test
+GOFMT=$(GOCMD) fmt
+GOCLEAN=$(GOCMD) clean
+
+# Coverage files
+COVERAGE_OUT=coverage.out
+
+# Lint files
+LINT_OUT=report.xml
+
+.PHONY: help
+help: ## Display this help message
+	@echo "Available targets:"
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2}'
+
+.PHONY: build
+build: ## Build the binary
+	$(GOBUILD) -o $(BINARY_NAME) ./cmd/stackrox-mcp
+
+.PHONY: test
+test: ## Run unit tests with coverage
+	$(GOTEST) -v -cover -coverprofile=$(COVERAGE_OUT) ./...
+
+.PHONY: coverage-html
+coverage-html: test ## Generate and open HTML coverage report
+	$(GOCMD) tool cover -html=$(COVERAGE_OUT)
+
+.PHONY: fmt
+fmt: ## Format Go code
+	$(GOFMT) ./...
+
+.PHONY: fmt-check
+fmt-check: ## Check if Go code is formatted (fails if not)
+	@if [ -n "$$(gofmt -l .)" ]; then \
+		echo "The following files are not formatted:"; \
+		gofmt -l .; \
+		exit 1; \
+	fi
+
+.PHONY: lint
+lint: ## Run golangci-lint
+	go install -v "github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.6"
+	golangci-lint run
+
+.PHONY: clean
+clean: ## Clean build artifacts and coverage files
+	$(GOCLEAN)
+	rm -f $(BINARY_NAME)
+	rm -f $(COVERAGE_OUT)
+	rm -f $(LINT_OUT)

README.md

@@ -0,0 +1,40 @@
+# StackRox MCP
+
+## Project Overview
+
+StackRox MCP is a Model Context Protocol (MCP) server that provides AI assistants with access to StackRox.
+
+## Quick Start
+
+Clone the repository:
+```bash
+git clone https://github.com/stackrox/stackrox-mcp.git
+cd stackrox-mcp
+```
+
+Build the project:
+```bash
+make build
+```
+
+Run the server:
+```bash
+./stackrox-mcp
+```
+
+## Development
+
+For detailed development guidelines, testing standards, and contribution workflows, see [CONTRIBUTING.md](.github/CONTRIBUTING.md).
+
+### Quick Reference
+
+View all available commands:
+```bash
+make help
+```
+
+Common commands:
+- `make build` - Build the binary
+- `make test` - Run tests
+- `make fmt` - Format code
+- `make lint` - Run linter

cmd/stackrox-mcp/main.go

@@ -0,0 +1,14 @@
+// Package main for stackrox-mcp command.
+package main
+
+import (
+	"log/slog"
+
+	"github.com/stackrox/stackrox-mcp/internal/logging"
+)
+
+func main() {
+	logging.SetupLogging()
+
+	slog.Info("Starting Stackrox MCP server")
+}

go.mod

@@ -0,0 +1,11 @@
+module github.com/stackrox/stackrox-mcp
+
+go 1.24
+
+require github.com/stretchr/testify v1.11.1
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -0,0 +1,10 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=