summaryrefslogtreecommitdiff
path: root/.github
AgeCommit message (Collapse)Author
2022-10-04ci: enhance the CI/CD flow (#5118)Mohammed Al Sahaf
2022-09-22ci: extend goreleaser timeout to 1-hour (#5067)Mohammed Al Sahaf
2022-09-05ci: grant the `release` workflow the `write` permission to `contents` (#5017)Mohammed Al Sahaf
2022-09-05ci: add `id-token` permission and update the signing command (#5016)Mohammed Al Sahaf
2022-09-03ci: generate SBOM and sign artifacts using cosign (#4910)Mohammed Al Sahaf
* ci: sign artifacts using cosign * include SBOM
2022-08-23ci: Increase linter timeout (#4981)Matt Holt
2022-08-02chore: Bump up to Go 1.19, minimum 1.18 (#4925)Francis Lavoie
2022-07-29chore: Add .gitattributes to force *.go to LF (#4919)Francis Lavoie
* chore: Add .gitattributes to force *.go to LF * What if I remove this flag
2022-07-27ci: Run golangci-lint on multiple os(#4875) (#4913)Y.Horie
2022-05-25ci: Fix build caching on Windows (#4811)Francis Lavoie
* ci: Fix build caching on Windows I was getting tired of Windows being slow as molasses in our CI jobs, so I went to look at our trusty source of github actions + golang information, and found a somewhat recent commit that actually fixed it. See https://github.com/mvdan/github-actions-golang/commit/4b754729baa709da219a5889c459010d4eda1888 I'll do a 2nd empty commit to re-trigger CI shortly to confirm that it actually fixes it. * Retrigger CI
2022-04-15ci: use latest Go version on macOS (#4708)Mohammed Al Sahaf
2022-04-13ci: Fix typoMatthew Holt
2022-04-13ci: Ensure we always check for latest version of Go (#4703)Francis Lavoie
* ci: Ensure we always check for latest version of Go * Try to force 1.18.1, 1.17.9 * Use includes for the actual go semver * Use `~` for semver here, apparently * Try to make tests still run on 1.18.0 for Mac, for now
2022-04-13fix typo (#4702)cui fliter
Signed-off-by: cuishuang <imcusg@gmail.com>
2022-03-25chore: Bump minimum Go to 1.17 (#4662)Francis Lavoie
2022-03-15ci: Build on Go 1.18, bump actions versions (#4637)Francis Lavoie
* ci: Build on Go 1.18, bump actions versions * Revert linter version bump for now * Try linter again
2021-09-16Make copyright notice more consistentMatthew Holt
Some files had the old copyright or were missing the license comment entirely. Also change Light Code Labs to Dyanim in security contact and releases.
2021-09-03ci: revert workaround implemented in #4306 (#4328)Mohammed Al Sahaf
2021-08-31ci: Only test cross-build on latest Go version (#4319)Francis Lavoie
This generated way too many test jobs, which weren't really that useful. Cross-build is just to keep us posted on which architectures are building okay, so it's not necessary to do it twice. Only plan9 is not working at this point (see https://github.com/caddyserver/caddy/issues/3615)
2021-08-25chore: promote creating 'caddy-build' to the release action (#4306)Mohammed Al Sahaf
The commit goreleaser/goreleaser@013bd69126459125694d7cb2c434dd9ba63e5a5b of GoReleaser is now checking the `go version` prior to executing any of the pre-hooks, which involves setting the current dir of the command to the `build.dir` of the build config. At the time of version check, the buil dir does not exist. It's created in the pre-hook. As a workaround, the build-dir is now created in the Github Action prior to executing goreleaser action.
2021-08-16ci: Start testing on Go 1.17, drop 1.15 (#4283)Francis Lavoie
2021-06-14Expand and clarify security policyMatthew Holt
While the Caddy project has had very few valid security bug reports over the years, we have a low signal-to-noise ratio with them (lots of invalid reports). Most are out of scope, and it can take too much valuable time for us to determine that. We would prefer researchers do this first. Hopefully these paragraphs spell out much more clearly what we do and don't accept.
2021-05-12ci: Run CI on PRs targeting minor version branches (#4164)Francis Lavoie
We decided that we'll use branches like `2.4` as the target for any changes that we might want to release in a `2.4.x` version like `2.4.1`, so that we can continue to merge changes targeting the next minor release (e.g. `2.5.0`) on master. Our CI config wasn't set up for this to work properly though, since it was only running checks on PRs targeting master. This should fix it. I couldn't find a way to do a pattern to only match digits for the branch names from Github's docs, it just looks like a pretty generic glob syntax. But this should do until we get to 3.0
2021-03-19CONTRIBUTING: fix spelling (#4070)Simão Gomes Viana
Minor spelling fixes to make this document even better
2021-02-18ci: Build and test on Go 1.16, bump minimum to 1.15 (#4024)Francis Lavoie
* ci: Build and test on Go 1.16 * ci: Drop Go 1.14 support
2021-01-28ci: update the command to run tests on the s390x machine (#3995)Mohammed Al Sahaf
2021-01-08Update docsMatthew Holt
2020-12-30ci: force fetch the upstream tags (#3947)Mohammed Al Sahaf
2020-12-30ci: Add pushing to cloudsmith (#3941)Francis Lavoie
* ci: Add pushing to cloudsmith * ci: Update comments, remove env TODO * ci: Fix Cloudsmith installation by setting PATH * docs: Add Cloudsmith attribution to README * ci: Switch to keeping armv7 as the armhf .deb
2020-12-29ci: reject tags if not signed by Matthew Holt's key (#3932)Mohammed Al Sahaf
* ci: reject tags if not signed by Matthew Holt's key * ci: don't reject tags if an intermediate commits are not signed
2020-11-22ci: Use golangci's github action for linting (#3794)Dave Henderson
* ci: Use golangci's github action for linting Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix most of the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the prealloc lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the misspell lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the varcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the errcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the bodyclose lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the deadcode lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the unused lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosec lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosimple lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the ineffassign lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert the misspell change, use a neutral English Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove broken golangci-lint CI job Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Re-add errantly-removed weakrand initialization Signed-off-by: Dave Henderson <dhenderson@gmail.com> * don't break the loop and return * Removing extra handling for null rootKey * unignore RegisterModule/RegisterAdapter Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> * single-line log message Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Fix lint after a1808b0dbf209c615e438a496d257ce5e3acdce2 was merged Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert ticker change, ignore it instead Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Ignore some of the write errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove blank line Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Use lifetime Signed-off-by: Dave Henderson <dhenderson@gmail.com> * close immediately Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Preallocate configVals Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Update modules/caddytls/distributedstek/distributedstek.go Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-11-12Update contact infoMatthew Holt
2020-11-04ci: remove the continuous fuzzing job (#3845)Mohammed Al Sahaf
Between Github Actions deprecting a command we use[0] and Fuzzit planning to deprecate their standalone service after being acquired by Gitlab[1][2], there are no reasons to keep this job. [0] https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ [1] https://about.gitlab.com/press/releases/2020-06-11-gitlab-acquires-peach-tech-and-fuzzit-to-expand-devsecops-offering.html [2] https://fuzzit.dev/2020/06/11/news-fuzzit-is-acquired-by-gitlab/
2020-10-01Update SECURITY.mdMatt Holt
2020-08-20ci: Tweaks for multi go version tests (#3673)Francis Lavoie
2020-08-20ci: Upgrade to Go 1.15 (#3642)Francis Lavoie
* ci: Try Go 1.15 RC1 out of curiosity * Go 1.15 was released; let's try it * Update to latest quic-go * Attempt at fixing broken test Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2020-08-11Update comment and Caddy 1 EOLMatthew Holt
2020-08-06ci: Ignore s390x failures (#3644)Matt Holt
As of early August 2020 the VM has been down for several days due to lack of power due related to bad weather at the data center... sigh.
2020-08-01ci: Include tracking of GOOS for which Caddy fails to build (#3617)Mohammed Al Sahaf
* ci: include tracking of GOOS for which Caddy fails to build * ci: split cross-build check into separate workflow * ci: cross-build check: make it clear the cross-build check is not a blocker * ci: cross-build check: set annotation instead of failing the build * ci: cross-build check: explicitly set continue-on-error to force success marker * ci: cross-build check: send stderr to /dev/null * ci: Simplify workflow names Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-06-30ci: Fix another oops with publish workflow (#3536)Francis Lavoie
2020-06-26ci: Fix release publish trigger (#3524)Francis Lavoie
Looks like event payloads need to be prefixed with `github.event` to get the actual payload contents. Didn't dig deep enough. https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
2020-06-25ci: Apparently only single-quote strings are supported (#3523)Francis Lavoie
https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#literals https://github.com/caddyserver/caddy/actions/runs/147953515
2020-06-12ci: don't run s390x tests on PRs of forks (#3494)Mohammed Al Sahaf
* ci: don't run s390x tests on PRs of forks * ci: check if fork by matchinging name from event against name of repo
2020-06-12ci: skip s390x tests on forks (#3493)Mohammed Al Sahaf
2020-06-12ci: add CI on s390x (#3463)Mohammed Al Sahaf
* ci: lay out foundation for s390x tests * ci: uncomment the s390x test script & replace placeholders with real values * ci: amend the s390x test job name to be more consistent with others
2020-06-08ci: Fix gemfury upload condition, move triggers to publish event (#3483)Francis Lavoie
2020-06-05ci: Disable publishing .deb on beta tags (#3473)Francis Lavoie
2020-05-20Update SECURITY.mdMatt Holt
2020-05-06ci: Add release tagged event triggers to sister repos (#3321)Francis Lavoie
2020-05-06Fixing goreleaser syntax error (#3355)Dave Henderson
Signed-off-by: Dave Henderson <dhenderson@gmail.com>