summaryrefslogtreecommitdiff
path: root/.github
AgeCommit message (Collapse)Author
2021-08-16ci: Start testing on Go 1.17, drop 1.15 (#4283)Francis Lavoie
2021-06-14Expand and clarify security policyMatthew Holt
While the Caddy project has had very few valid security bug reports over the years, we have a low signal-to-noise ratio with them (lots of invalid reports). Most are out of scope, and it can take too much valuable time for us to determine that. We would prefer researchers do this first. Hopefully these paragraphs spell out much more clearly what we do and don't accept.
2021-05-12ci: Run CI on PRs targeting minor version branches (#4164)Francis Lavoie
We decided that we'll use branches like `2.4` as the target for any changes that we might want to release in a `2.4.x` version like `2.4.1`, so that we can continue to merge changes targeting the next minor release (e.g. `2.5.0`) on master. Our CI config wasn't set up for this to work properly though, since it was only running checks on PRs targeting master. This should fix it. I couldn't find a way to do a pattern to only match digits for the branch names from Github's docs, it just looks like a pretty generic glob syntax. But this should do until we get to 3.0
2021-03-19CONTRIBUTING: fix spelling (#4070)Simão Gomes Viana
Minor spelling fixes to make this document even better
2021-02-18ci: Build and test on Go 1.16, bump minimum to 1.15 (#4024)Francis Lavoie
* ci: Build and test on Go 1.16 * ci: Drop Go 1.14 support
2021-01-28ci: update the command to run tests on the s390x machine (#3995)Mohammed Al Sahaf
2021-01-08Update docsMatthew Holt
2020-12-30ci: force fetch the upstream tags (#3947)Mohammed Al Sahaf
2020-12-30ci: Add pushing to cloudsmith (#3941)Francis Lavoie
* ci: Add pushing to cloudsmith * ci: Update comments, remove env TODO * ci: Fix Cloudsmith installation by setting PATH * docs: Add Cloudsmith attribution to README * ci: Switch to keeping armv7 as the armhf .deb
2020-12-29ci: reject tags if not signed by Matthew Holt's key (#3932)Mohammed Al Sahaf
* ci: reject tags if not signed by Matthew Holt's key * ci: don't reject tags if an intermediate commits are not signed
2020-11-22ci: Use golangci's github action for linting (#3794)Dave Henderson
* ci: Use golangci's github action for linting Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix most of the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the prealloc lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the misspell lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the varcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the errcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the bodyclose lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the deadcode lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the unused lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosec lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosimple lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the ineffassign lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert the misspell change, use a neutral English Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove broken golangci-lint CI job Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Re-add errantly-removed weakrand initialization Signed-off-by: Dave Henderson <dhenderson@gmail.com> * don't break the loop and return * Removing extra handling for null rootKey * unignore RegisterModule/RegisterAdapter Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> * single-line log message Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Fix lint after a1808b0dbf209c615e438a496d257ce5e3acdce2 was merged Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert ticker change, ignore it instead Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Ignore some of the write errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove blank line Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Use lifetime Signed-off-by: Dave Henderson <dhenderson@gmail.com> * close immediately Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Preallocate configVals Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Update modules/caddytls/distributedstek/distributedstek.go Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-11-12Update contact infoMatthew Holt
2020-11-04ci: remove the continuous fuzzing job (#3845)Mohammed Al Sahaf
Between Github Actions deprecting a command we use[0] and Fuzzit planning to deprecate their standalone service after being acquired by Gitlab[1][2], there are no reasons to keep this job. [0] https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ [1] https://about.gitlab.com/press/releases/2020-06-11-gitlab-acquires-peach-tech-and-fuzzit-to-expand-devsecops-offering.html [2] https://fuzzit.dev/2020/06/11/news-fuzzit-is-acquired-by-gitlab/
2020-10-01Update SECURITY.mdMatt Holt
2020-08-20ci: Tweaks for multi go version tests (#3673)Francis Lavoie
2020-08-20ci: Upgrade to Go 1.15 (#3642)Francis Lavoie
* ci: Try Go 1.15 RC1 out of curiosity * Go 1.15 was released; let's try it * Update to latest quic-go * Attempt at fixing broken test Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2020-08-11Update comment and Caddy 1 EOLMatthew Holt
2020-08-06ci: Ignore s390x failures (#3644)Matt Holt
As of early August 2020 the VM has been down for several days due to lack of power due related to bad weather at the data center... sigh.
2020-08-01ci: Include tracking of GOOS for which Caddy fails to build (#3617)Mohammed Al Sahaf
* ci: include tracking of GOOS for which Caddy fails to build * ci: split cross-build check into separate workflow * ci: cross-build check: make it clear the cross-build check is not a blocker * ci: cross-build check: set annotation instead of failing the build * ci: cross-build check: explicitly set continue-on-error to force success marker * ci: cross-build check: send stderr to /dev/null * ci: Simplify workflow names Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-06-30ci: Fix another oops with publish workflow (#3536)Francis Lavoie
2020-06-26ci: Fix release publish trigger (#3524)Francis Lavoie
Looks like event payloads need to be prefixed with `github.event` to get the actual payload contents. Didn't dig deep enough. https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
2020-06-25ci: Apparently only single-quote strings are supported (#3523)Francis Lavoie
https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#literals https://github.com/caddyserver/caddy/actions/runs/147953515
2020-06-12ci: don't run s390x tests on PRs of forks (#3494)Mohammed Al Sahaf
* ci: don't run s390x tests on PRs of forks * ci: check if fork by matchinging name from event against name of repo
2020-06-12ci: skip s390x tests on forks (#3493)Mohammed Al Sahaf
2020-06-12ci: add CI on s390x (#3463)Mohammed Al Sahaf
* ci: lay out foundation for s390x tests * ci: uncomment the s390x test script & replace placeholders with real values * ci: amend the s390x test job name to be more consistent with others
2020-06-08ci: Fix gemfury upload condition, move triggers to publish event (#3483)Francis Lavoie
2020-06-05ci: Disable publishing .deb on beta tags (#3473)Francis Lavoie
2020-05-20Update SECURITY.mdMatt Holt
2020-05-06ci: Add release tagged event triggers to sister repos (#3321)Francis Lavoie
2020-05-06Fixing goreleaser syntax error (#3355)Dave Henderson
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
2020-04-27caddyhttp: Add split_path to file matcher (used by php_fastcgi) (#3302)Francis Lavoie
* matcher: Add `split_path` option to file matcher; used in php_fastcgi * matcher: Skip try_files split if not the final part of the filename * matcher: Add MatchFile tests * matcher: Clarify SplitPath godoc
2020-04-26ci: Enable GoReleaser .deb support (#3309)Francis Lavoie
* ci: Enable GoReleaser .deb support * ci: Test .deb build * ci: Fix typo * ci: Turn off snapshot (breaks due to go mod edit) * ci: Force the tag to rc3 for now * ci: Let's try to publish the .debs * ci: Attempt to enable build cache, rebuild after fixed line endings * ci: Fix yml dupe ID issue, add caddy-api.service * ci: Split cache keys between files so they're separate * ci: Fix bindir * ci: Update the script files * ci: Retrigger * ci: Push to gemfury * ci: Use loop, fix bad env var * ci: Retrigger * ci: Try to force blank password? * ci: Check if the token is actually present * ci: Cleanup, remove debugging stuff * ci: Remove useless comment
2020-04-20ci: fuzz: remove the fuzzer of the Caddyfile parser (#3288)Mohammed Al Sahaf
2020-04-17ci: Cache the GOCACHE directory to speed up builds and tests (#3273)Francis Lavoie
* ci: Let's see if caching GOCACHE helps... * ci: Use GOCACHE env instead (fixes windows), remove build -a * ci: Hack to pull the GOCACHE env up to CI vars * ci: Change cache key (mainly to wipe cache now)
2020-04-16docs: Pull contributing document from v1 branch (#3270)Francis Lavoie
* docs: Pull contributing document from v1 branch * Update .github/CONTRIBUTING.md Co-Authored-By: Matt Holt <mholt@users.noreply.github.com> * docs: [Responsible -> Coordinated] Disclosure * docs: Link to the new security policy page Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-04-16Add security policyMatthew Holt
2020-04-03Create FUNDING.ymlMatt Holt
I guess this got left in the v1 branch when we switched, oops
2020-04-02chore: ci: fix release action script (#3216)Mohammed Al Sahaf
* chore: ci: fixing the step name that captures the pushed tag * chrore: ci: exclude commits prefixed with `ci:` from changelog
2020-03-26ci: fuzz: remove fuzzing trigger on PR (#3195)Mohammed Al Sahaf
2020-03-26ci: fuzz: switch engine from libfuzzer to native go-fuzz (#3194)Mohammed Al Sahaf
2020-03-25ci: exclude integration tests for now (#3188)Mark Sargent
A workaround for inconsistent results on Windows
2020-03-24Merge branch 'v2' of https://github.com/caddyserver/caddyMatthew Holt
2020-03-24ci: preliminary CD with goreleaser (#3173)Mohammed Al Sahaf
* chore: ci: preliminary CD support * chore: ci: split release process into its own workflow * chore: ci: cleanup the ci.yml and .goreleaser.yml * chore: ci: unshallowify the clone before searching for the closes tag * chore: tidy up goreleaser config & the release githubaction * chore: add --no-tty to gpg args * chore: more gpg args * chore: try with default gpg args by goreleaser * chore: gpg... * chore: set GPG_TTY * chore: preset gpg conf * Apply suggestions from code review chore: tidy up the .goreleaser.yml Co-Authored-By: Dave Henderson <dhenderson@gmail.com> * chore: gpg debugging * chore: set and export the tty for gpg * chore: gpg.. * chore: use the exact same line from goreleaser-action README for singing * chore: remove signing stanzas from ymls * chore: clean up the release action for final submission * quote the arguments of echo Co-Authored-By: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Dave Henderson <dhenderson@gmail.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2020-03-23ci: Update branches to master (#3177)Francis Lavoie
* Update ci.yml * Update fuzzing.yml
2020-03-21ci: Improve build artifact file names (#3168)Francis Lavoie
2020-03-21ci: Use matrix to set per-os variables (#3166)Francis Lavoie
Simplify cross-platform
2020-03-20ci: Switch to Github Actions (#3152)Francis Lavoie
* WIP: Trying to make a new branch * Create fuzzing.yml * Update ci.yml * Try using reviewdog for golangci-lint * Only run lint on ubuntu * Whoops, wrong matrix variable * Let's try just ubuntu for the moment * Remove integration tests * Let's see what the tree looks like (where's the binary) * Let's plant a tree * Let's look at another tree * Burn the tree * Let's build in the right dir * Turn on publishing artifacts * Add gobin to path * Try running golangci-lint earlier * Try running golangci-lint on its own, with checkout@v1 * Try moving golangci-lint back into ci.yml as a separate job * Turn off azure-pipelines * Remove the redundant name, see how it looks * Trim down the naming some more * Turn on windows and mac * Try to fix windows build, cleanup * Try to fix strange failure on windows * Print our the coerce reason * Apparently $? is 'True' on Windows, not 1 or 0 * Try setting CGO_ENABLED as an env in yml * Try enabling/fixing the fuzzer * Print out github event to check, fix step name * Fuzzer needs the code * Add GOBIN to PATH for fuzzer * Comment out fork condition, left in-case we want it again * Remove obsolete comment * Comment out the coverage/test conversions for now * Set continue-on-error: true for fuzzer, it runs out of mem * Add some clarification to the retained commented sections