From 167981d258f41b7ef931d510056a5a5fdc9cbd0d Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Fri, 24 Feb 2023 13:45:44 -0700 Subject: ci: Update minimum Go version to 1.19 --- .github/workflows/ci.yml | 8 ++++---- .github/workflows/cross-build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ba07419..9d3be24 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,16 +19,16 @@ jobs: fail-fast: false matrix: os: [ ubuntu-latest, macos-latest, windows-latest ] - go: [ '1.18', '1.20' ] + go: [ '1.19', '1.20' ] include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - - go: '1.18' - GO_SEMVER: '~1.18.4' + - go: '1.19' + GO_SEMVER: '~1.19.6' - go: '1.20' - GO_SEMVER: '~1.20.0' + GO_SEMVER: '~1.20.1' # Set some variables per OS, usable via ${{ matrix.VAR }} # CADDY_BIN_PATH: the path to the compiled Caddy binary, for artifact publishing diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index 8b5e429..0e78902 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -22,7 +22,7 @@ jobs: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - go: '1.20' - GO_SEMVER: '~1.20.0' + GO_SEMVER: '~1.20.1' runs-on: ubuntu-latest continue-on-error: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 7e56afc..f82ebd9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: - go-version: '~1.18.4' + go-version: '~1.19.6' check-latest: true - name: golangci-lint diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8ea96b..0024058 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ jobs: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - go: '1.20' - GO_SEMVER: '~1.20.0' + GO_SEMVER: '~1.20.1' runs-on: ${{ matrix.os }} # https://github.com/sigstore/cosign/issues/1258#issuecomment-1002251233 -- cgit v1.2.3 From b1366c7e4615139e1a7f891c65053361e9959a43 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 2 Apr 2023 00:36:16 -0400 Subject: build(deps): bump actions/setup-go from 3 to 4 (#5474) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- .github/workflows/cross-build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9d3be24..e7dc775 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,7 @@ jobs: steps: - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.GO_SEMVER }} check-latest: true diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index 0e78902..a3f9a0d 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -28,7 +28,7 @@ jobs: continue-on-error: true steps: - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.GO_SEMVER }} check-latest: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f82ebd9..951b746 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -26,7 +26,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: go-version: '~1.19.6' check-latest: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0024058..16a5dd2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.GO_SEMVER }} check-latest: true -- cgit v1.2.3 From ff35ba9ec33aabec93ed1409628cd6f1a3ceee5e Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Mon, 10 Apr 2023 13:08:32 -0600 Subject: Update contributing guidelines (#5466) * Update contributing guidelines * Request disclosure as a courtesy --- .github/CONTRIBUTING.md | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to '.github') diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 76a1bc6..666ddef 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,7 +1,7 @@ Contributing to Caddy ===================== -Welcome! Thank you for choosing to be a part of our community. Caddy wouldn't be great without your involvement! +Welcome! Thank you for choosing to be a part of our community. Caddy wouldn't be nearly as excellent without your involvement! For starters, we invite you to join [the Caddy forum](https://caddy.community) where you can hang out with other Caddy users and developers. @@ -35,19 +35,29 @@ Here are some of the expectations we have of contributors: - **Keep related commits together in a PR.** We do want pull requests to be small, but you should also keep multiple related commits in the same PR if they rely on each other. -- **Write tests.** Tests are essential! Written properly, they ensure your change works, and that other changes in the future won't break your change. CI checks should pass. +- **Write tests.** Good, automated tests are very valuable! Written properly, they ensure your change works, and that other changes in the future won't break your change. CI checks should pass. -- **Benchmarks should be included for optimizations.** Optimizations sometimes make code harder to read or have changes that are less than obvious. They should be proven with benchmarks or profiling. +- **Benchmarks should be included for optimizations.** Optimizations sometimes make code harder to read or have changes that are less than obvious. They should be proven with benchmarks and profiling. - **[Squash](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html) insignificant commits.** Every commit should be significant. Commits which merely rewrite a comment or fix a typo can be combined into another commit that has more substance. Interactive rebase can do this, or a simpler way is `git reset --soft ` then `git commit -s`. -- **Own your contributions.** Caddy is a growing project, and it's much better when individual contributors help maintain their change after it is merged. +- **Be responsible for and maintain your contributions.** Caddy is a growing project, and it's much better when individual contributors help maintain their change after it is merged. - **Use comments properly.** We expect good godoc comments for package-level functions, types, and values. Comments are also useful whenever the purpose for a line of code is not obvious. -- **Pull requests may still get closed.** The longer a PR stays open and idle, the more likely it is to be closed. If we haven't reviewed it in a while, it probably means the change is not a priority. Please don't take this personally, we're trying to balance a lot of tasks! If nobody else has commented or reacted to the PR, it likely means your change is useful only to you. The reality is this happens quite a bit. We don't tend to accept PRs that aren't generally helpful. For these reasons or others, the PR may get closed even after a review. We are not obligated to accept all proposed changes, even if the best justification we can give is something vague like, "It doesn't sit right." Sometimes PRs are just the wrong thing or the wrong time. Because it is open source, you can always build your own modified version of Caddy with a change you need, even if we reject it in the official repo. +- **Pull requests may still get closed.** The longer a PR stays open and idle, the more likely it is to be closed. If we haven't reviewed it in a while, it probably means the change is not a priority. Please don't take this personally, we're trying to balance a lot of tasks! If nobody else has commented or reacted to the PR, it likely means your change is useful only to you. The reality is this happens quite a lot. We don't tend to accept PRs that aren't generally helpful. For these reasons or others, the PR may get closed even after a review. We are not obligated to accept all proposed changes, even if the best justification we can give is something vague like, "It doesn't sit right." Sometimes PRs are just the wrong thing or the wrong time. Because it is open source, you can always build your own modified version of Caddy with a change you need, even if we reject it in the official repo. Plus, because Caddy is extensible, it's possible your feature could make a great plugin instead! -We often grant [collaborator status](#collaborator-instructions) to contributors who author one or more significant, high-quality PRs that are merged into the code base! +- **You certify that you wrote and comprehend the code you submit.** The Caddy project welcomes original contributions that comply with [our CLA](https://cla-assistant.io/caddyserver/caddy), meaning that authors must be able to certify that they created or have rights to the code they are contributing. In addition, we require that code is not simply copy-pasted from Q/A sites or AI language models without full comprehension and rigorous testing. In other words: contributors are allowed to refer to communities for assistance and use AI tools such as language models for inspiration, but code which originates from or is assisted by these resources MUST be: + + - Licensed for you to freely share + - Fully comprehended by you (be able to explain every line of code) + - Verified by automated tests when feasible, or thorough manual tests otherwise + + We have found that current language models (LLMs, like ChatGPT) may understand code syntax and even problem spaces to an extent, but often fail in subtle ways to convey true knowledge and produce correct algorithms. Integrated tools such as GitHub Copilot and Sourcegraph Cody may be used for inspiration, but code generated by these tools still needs to meet our criteria for licensing, human comprehension, and testing. These tools may be used to help write code comments and tests as long as you can certify they are accurate and correct. Note that it is often more trouble than it's worth to certify that Copilot (for example) is not giving you code that is possibly plagiarised, unlicensed, or licensed with incompatible terms -- as the Caddy project cannot accept such contributions. If that's too difficult for you (or impossible), then we recommend using these resources only for inspiration and write your own code. Ultimately, you (the contributor) are responsible for the code you're submitting. + + As a courtesy to reviewers, we kindly ask that you disclose when contributing code that was generated by an AI tool or copied from another website so we can be aware of what to look for in code review. + +We often grant [collaborator status](#collaborator-instructions) to contributors who author one or more significant, high-quality PRs that are merged into the code base. #### HOW TO MAKE A PULL REQUEST TO CADDY -- cgit v1.2.3 From 998c6e06a75030cccabcc08790bc32642791aff7 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Fri, 14 Apr 2023 21:38:33 -0400 Subject: chore: Adjustments to CI caching (#5495) --- .github/workflows/ci.yml | 27 +++++---------------------- .github/workflows/cross-build.yml | 19 +++---------------- .github/workflows/release.yml | 22 +++++----------------- 3 files changed, 13 insertions(+), 55 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e7dc775..6948db0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -48,15 +48,15 @@ jobs: runs-on: ${{ matrix.os }} steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Install Go uses: actions/setup-go@v4 with: go-version: ${{ matrix.GO_SEMVER }} check-latest: true - - name: Checkout code - uses: actions/checkout@v3 - # These tools would be useful if we later decide to reinvestigate # publishing test/coverage reports to some tool for easier consumption # - name: Install test and coverage analysis tools @@ -79,23 +79,6 @@ jobs: # Calculate the short SHA1 hash of the git commit echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - name: Cache the build cache - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - # * Build cache (Windows) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - ~\AppData\Local\go-build - key: ${{ runner.os }}-${{ matrix.go }}-go-ci-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ matrix.go }}-go-ci - - name: Get dependencies run: | go get -v -t -d ./... @@ -146,7 +129,7 @@ jobs: if: github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' continue-on-error: true # August 2020: s390x VM is down due to weather and power issues steps: - - name: Checkout code into the Go module directory + - name: Checkout code uses: actions/checkout@v3 - name: Run Tests run: | @@ -172,7 +155,7 @@ jobs: goreleaser-check: runs-on: ubuntu-latest steps: - - name: checkout + - name: Checkout code uses: actions/checkout@v3 - uses: goreleaser/goreleaser-action@v4 diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index a3f9a0d..48e9b18 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -27,6 +27,9 @@ jobs: runs-on: ubuntu-latest continue-on-error: true steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Install Go uses: actions/setup-go@v4 with: @@ -43,22 +46,6 @@ jobs: printf "\n\nSystem environment:\n\n" env - - name: Cache the build cache - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - path: | - ~/go/pkg/mod - ~/.cache/go-build - key: cross-build-go${{ matrix.go }}-${{ matrix.goos }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - cross-build-go${{ matrix.go }}-${{ matrix.goos }} - - - name: Checkout code into the Go module directory - uses: actions/checkout@v3 - - name: Run Build env: CGO_ENABLED: 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 16a5dd2..e8c332d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,17 +29,17 @@ jobs: contents: write steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Install Go uses: actions/setup-go@v4 with: go-version: ${{ matrix.GO_SEMVER }} check-latest: true - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: 0 - # Force fetch upstream tags -- because 65 minutes # tl;dr: actions/checkout@v3 runs this line: # git -c protocol.version=2 fetch --no-tags --prune --progress --no-recurse-submodules --depth=1 origin +ebc278ec98bb24f2852b61fde2a9bf2e3d83818b:refs/tags/ @@ -94,18 +94,6 @@ jobs: # tags are only accepted if signed by Matt's key git verify-tag "${{ steps.vars.outputs.version_tag }}" || exit 1 - - name: Cache the build cache - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - path: | - ~/go/pkg/mod - ~/.cache/go-build - key: ${{ runner.os }}-go${{ matrix.go }}-release-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go${{ matrix.go }}-release - name: Install Cosign uses: sigstore/cosign-installer@main - name: Cosign version -- cgit v1.2.3 From 7ceef91295343237f5b81ed00e3ba7e8e594d603 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Sat, 8 Jul 2023 14:02:09 -0600 Subject: Minor tweaks to security.md --- .github/SECURITY.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to '.github') diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 9d1b313..44cc5b7 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -7,7 +7,7 @@ The Caddy project would like to make sure that it stays on top of all practicall | Version | Supported | | ------- | ------------------ | -| 2.x | :white_check_mark: | +| 2.x | ✔️ | | 1.x | :x: | | < 1.x | :x: | @@ -24,7 +24,7 @@ We do not accept reports if the steps imply or require a compromised system or t Client-side exploits are out of scope. In other words, it is not a bug in Caddy if the web browser does something unsafe, even if the downloaded content was served by Caddy. (Those kinds of exploits can generally be mitigated by proper configuration of HTTP headers.) As a general rule, the content served by Caddy is not considered in scope because content is configurable by the site owner or the associated web application. -Security bugs in code dependencies are out of scope. Instead, if a dependency has patched a relevant security bug, please feel free to open a public issue or pull request to update that dependency in our code. +Security bugs in code dependencies (including Go's standard library) are out of scope. Instead, if a dependency has patched a relevant security bug, please feel free to open a public issue or pull request to update that dependency in our code. ## Reporting a Vulnerability @@ -42,7 +42,7 @@ We'll need enough information to verify the bug and make a patch. To speed thing - Specific minimal steps to reproduce the issue from scratch - A working patch -Please DO NOT use containers, VMs, cloud instances or services, or any other complex infrastructure in your steps. Always prefer `curl` instead of web browsers. +Please DO NOT use containers, VMs, cloud instances or services, or any other complex infrastructure in your steps. Always prefer `curl -v` instead of web browsers. We consider publicly-registered domain names to be public information. This necessary in order to maintain the integrity of certificate transparency, public DNS, and other public trust systems. Do not redact domain names from your reports. The actual content of your domain name affects Caddy's behavior, so we need the exact domain name(s) to reproduce with, or your report will be ignored. -- cgit v1.2.3 From f45a6de20dd19e82e58c85b37e03957b2203b544 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Fri, 21 Jul 2023 21:00:48 -0700 Subject: go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644) * update quic-go to v0.37.0 * Bump to Go 1.20 * Bump golangci-lint version, yml syntax consistency * Use skip-pkg-cache workaround * Workaround needed for both? * Seeding weakrand is no longer necessary --------- Co-authored-by: Matt Holt Co-authored-by: Francis Lavoie --- .github/workflows/ci.yml | 17 +++++++++++------ .github/workflows/cross-build.yml | 18 +++++++++++++++--- .github/workflows/lint.yml | 17 ++++++++++++++--- .github/workflows/release.yml | 8 +++++--- .github/workflows/release_published.yml | 3 ++- 5 files changed, 47 insertions(+), 16 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6948db0..3ab7242 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,17 +18,22 @@ jobs: # Default is true, cancels jobs for other platforms in the matrix if one fails fail-fast: false matrix: - os: [ ubuntu-latest, macos-latest, windows-latest ] - go: [ '1.19', '1.20' ] + os: + - ubuntu-latest + - macos-latest + - windows-latest + go: + - '1.20' + # - '1.21' include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - - go: '1.19' - GO_SEMVER: '~1.19.6' - - go: '1.20' - GO_SEMVER: '~1.20.1' + GO_SEMVER: '~1.20.6' + + # - go: '1.21' + # GO_SEMVER: '~1.21.0' # Set some variables per OS, usable via ${{ matrix.VAR }} # CADDY_BIN_PATH: the path to the compiled Caddy binary, for artifact publishing diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index 48e9b18..4d04cfa 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -15,14 +15,26 @@ jobs: strategy: fail-fast: false matrix: - goos: ['android', 'linux', 'solaris', 'illumos', 'dragonfly', 'freebsd', 'openbsd', 'plan9', 'windows', 'darwin', 'netbsd'] - go: [ '1.20' ] + goos: + - 'android' + - 'linux' + - 'solaris' + - 'illumos' + - 'dragonfly' + - 'freebsd' + - 'openbsd' + - 'plan9' + - 'windows' + - 'darwin' + - 'netbsd' + go: + - '1.20' include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - go: '1.20' - GO_SEMVER: '~1.20.1' + GO_SEMVER: '~1.20.6' runs-on: ubuntu-latest continue-on-error: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 951b746..964e48f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -22,20 +22,31 @@ jobs: name: lint strategy: matrix: - os: [ubuntu-latest, macos-latest, windows-latest] + os: + - ubuntu-latest + - macos-latest + - windows-latest runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v4 with: - go-version: '~1.19.6' + go-version: '~1.20.6' check-latest: true + # Workaround for https://github.com/golangci/golangci-lint-action/issues/135 + skip-pkg-cache: true + - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.50 + version: v1.53 + + # Workaround for https://github.com/golangci/golangci-lint-action/issues/135 + skip-pkg-cache: true + # Windows times out frequently after about 5m50s if we don't set a longer timeout. args: --timeout 10m + # Optional: show only new issues if it's a pull request. The default value is `false`. # only-new-issues: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e8c332d..3830761 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,14 +10,16 @@ jobs: name: Release strategy: matrix: - os: [ ubuntu-latest ] - go: [ '1.20' ] + os: + - ubuntu-latest + go: + - '1.20' include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - go: '1.20' - GO_SEMVER: '~1.20.1' + GO_SEMVER: '~1.20.6' runs-on: ${{ matrix.os }} # https://github.com/sigstore/cosign/issues/1258#issuecomment-1002251233 diff --git a/.github/workflows/release_published.yml b/.github/workflows/release_published.yml index 7736e85..f304888 100644 --- a/.github/workflows/release_published.yml +++ b/.github/workflows/release_published.yml @@ -10,7 +10,8 @@ jobs: name: Release Published strategy: matrix: - os: [ ubuntu-latest ] + os: + - ubuntu-latest runs-on: ${{ matrix.os }} steps: -- cgit v1.2.3 From b07b198764de738f3b473f416422eaf0619c654d Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Fri, 4 Aug 2023 18:08:54 +0200 Subject: chore: use `--clean` instead of `--rm-dist` for goreleaser (#5691) --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3830761..0e9e29e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -109,7 +109,7 @@ jobs: uses: goreleaser/goreleaser-action@v4 with: version: latest - args: release --rm-dist --timeout 60m + args: release --clean --timeout 60m env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TAG: ${{ steps.vars.outputs.version_tag }} -- cgit v1.2.3 From 6cdcc2a78208b1d30b37fb06780160fcad48aab4 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Wed, 9 Aug 2023 10:34:28 -0600 Subject: ci: Update to Go 1.21 (#5719) * ci: Update to Go 1.21 * Bump quic-go to v0.37.4 * Check EnableFullDuplex err * Linter bug suppression See https://github.com/timakin/bodyclose/issues/52 --------- Co-authored-by: Francis Lavoie --- .github/workflows/ci.yml | 6 +++--- .github/workflows/cross-build.yml | 6 +++--- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3ab7242..deebc7d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: - windows-latest go: - '1.20' - # - '1.21' + - '1.21' include: # Set the minimum Go patch version for the given Go minor @@ -32,8 +32,8 @@ jobs: - go: '1.20' GO_SEMVER: '~1.20.6' - # - go: '1.21' - # GO_SEMVER: '~1.21.0' + - go: '1.21' + GO_SEMVER: '~1.21.0' # Set some variables per OS, usable via ${{ matrix.VAR }} # CADDY_BIN_PATH: the path to the compiled Caddy binary, for artifact publishing diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index 4d04cfa..678ac17 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -28,13 +28,13 @@ jobs: - 'darwin' - 'netbsd' go: - - '1.20' + - '1.21' include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - - go: '1.20' - GO_SEMVER: '~1.20.6' + - go: '1.21' + GO_SEMVER: '~1.21.0' runs-on: ubuntu-latest continue-on-error: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 964e48f..a2b569d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -31,7 +31,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-go@v4 with: - go-version: '~1.20.6' + go-version: '~1.21.0' check-latest: true # Workaround for https://github.com/golangci/golangci-lint-action/issues/135 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e9e29e..ec9c972 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,13 +13,13 @@ jobs: os: - ubuntu-latest go: - - '1.20' + - '1.21' include: # Set the minimum Go patch version for the given Go minor # Usable via ${{ matrix.GO_SEMVER }} - - go: '1.20' - GO_SEMVER: '~1.20.6' + - go: '1.21' + GO_SEMVER: '~1.21.0' runs-on: ${{ matrix.os }} # https://github.com/sigstore/cosign/issues/1258#issuecomment-1002251233 -- cgit v1.2.3 From d6f86cccf5fa5b4eb30141da390cf2439746c5da Mon Sep 17 00:00:00 2001 From: Jacob Gadikian Date: Mon, 14 Aug 2023 23:41:15 +0800 Subject: ci: use gci linter (#5708) * use gofmput to format code * use gci to format imports * reconfigure gci * linter autofixes * rearrange imports a little * export GOOS=windows golangci-lint run ./... --fix --- .github/workflows/lint.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to '.github') diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index a2b569d..ea5e791 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -17,12 +17,12 @@ jobs: # From https://github.com/golangci/golangci-lint-action golangci: permissions: - contents: read # for actions/checkout to fetch code - pull-requests: read # for golangci/golangci-lint-action to fetch pull requests + contents: read # for actions/checkout to fetch code + pull-requests: read # for golangci/golangci-lint-action to fetch pull requests name: lint strategy: matrix: - os: + os: - ubuntu-latest - macos-latest - windows-latest @@ -40,7 +40,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.53 + version: v1.54 # Workaround for https://github.com/golangci/golangci-lint-action/issues/135 skip-pkg-cache: true -- cgit v1.2.3 From b7e472d54884de4ecd6147784c74fb448180e9d1 Mon Sep 17 00:00:00 2001 From: Mohammed Al Sahaf Date: Fri, 25 Aug 2023 18:06:44 +0200 Subject: ci: ensure short-sha is exported correctly on all platforms (#5781) --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index deebc7d..20f2fc5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -73,6 +73,7 @@ jobs: - name: Print Go version and environment id: vars + shell: bash run: | printf "Using go at: $(which go)\n" printf "Go version: $(go version)\n" -- cgit v1.2.3 From 50cea4e26369b1c5049e8539d6c2bbdac11b3754 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=90=E1=BB=97=20Tr=E1=BB=8Dng=20H=E1=BA=A3i?= <41283691+hainenber@users.noreply.github.com> Date: Tue, 5 Sep 2023 22:31:25 +0700 Subject: ci: Run govulncheck (#5790) * feat(ci): check vuln Go mods in CI * fix(ci): correct directive for govulncheck * refactor(ci): move govulncheck to lint.yml * refactor(lint): move govulncheck to different job --- .github/workflows/lint.yml | 6 ++++++ 1 file changed, 6 insertions(+) (limited to '.github') diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ea5e791..f4a9b44 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -50,3 +50,9 @@ jobs: # Optional: show only new issues if it's a pull request. The default value is `false`. # only-new-issues: true + + govulncheck: + runs-on: ubuntu-latest + steps: + - name: govulncheck + uses: golang/govulncheck-action@v1 -- cgit v1.2.3 From 2cac3c5491e6428441ecf668cc4f5a86e67ed9b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=90=E1=BB=97=20Tr=E1=BB=8Dng=20H=E1=BA=A3i?= <41283691+hainenber@users.noreply.github.com> Date: Sat, 9 Sep 2023 01:38:44 +0700 Subject: httpcaddyfile: fix placeholder shorthands in named routes (#5791) Co-authored-by: Francis Lavoie --- .github/workflows/lint.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to '.github') diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f4a9b44..2bf2eab 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -56,3 +56,5 @@ jobs: steps: - name: govulncheck uses: golang/govulncheck-action@v1 + with: + check-latest: true -- cgit v1.2.3 From 89c407aa3468491fb1a0eb93a1591d84667e1ca9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Oct 2023 20:13:54 -0400 Subject: build(deps): bump actions/checkout from 3 to 4 (#5846) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 6 +++--- .github/workflows/cross-build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 20f2fc5..df53c5b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install Go uses: actions/setup-go@v4 @@ -136,7 +136,7 @@ jobs: continue-on-error: true # August 2020: s390x VM is down due to weather and power issues steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Tests run: | mkdir -p ~/.ssh && echo -e "${SSH_KEY//_/\\n}" > ~/.ssh/id_ecdsa && chmod og-rwx ~/.ssh/id_ecdsa @@ -162,7 +162,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - uses: goreleaser/goreleaser-action@v4 with: diff --git a/.github/workflows/cross-build.yml b/.github/workflows/cross-build.yml index 678ac17..497f39c 100644 --- a/.github/workflows/cross-build.yml +++ b/.github/workflows/cross-build.yml @@ -40,7 +40,7 @@ jobs: continue-on-error: true steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install Go uses: actions/setup-go@v4 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 2bf2eab..51389c7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -28,7 +28,7 @@ jobs: - windows-latest runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-go@v4 with: go-version: '~1.21.0' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ec9c972..6b68125 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -43,7 +43,7 @@ jobs: check-latest: true # Force fetch upstream tags -- because 65 minutes - # tl;dr: actions/checkout@v3 runs this line: + # tl;dr: actions/checkout@v4 runs this line: # git -c protocol.version=2 fetch --no-tags --prune --progress --no-recurse-submodules --depth=1 origin +ebc278ec98bb24f2852b61fde2a9bf2e3d83818b:refs/tags/ # which makes its own local lightweight tag, losing all the annotations in the process. Our earlier script ran: # git fetch --prune --unshallow -- cgit v1.2.3 From 1405683c2beb08595cf1ab011c4439861cf7640b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 00:34:43 +0000 Subject: build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#5847) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to '.github') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index df53c5b..ed83744 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -164,7 +164,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - uses: goreleaser/goreleaser-action@v4 + - uses: goreleaser/goreleaser-action@v5 with: version: latest args: check diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6b68125..184662f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -106,7 +106,7 @@ jobs: run: syft version # GoReleaser will take care of publishing those artifacts into the release - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v4 + uses: goreleaser/goreleaser-action@v5 with: version: latest args: release --clean --timeout 60m -- cgit v1.2.3 From fae195ac7eb9f4b0e9436384cd0529a11355e367 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Wed, 11 Oct 2023 16:09:02 -0400 Subject: ci: Force the Go version for govulncheck (#5879) --- .github/workflows/lint.yml | 1 + 1 file changed, 1 insertion(+) (limited to '.github') diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 51389c7..e636e07 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -57,4 +57,5 @@ jobs: - name: govulncheck uses: golang/govulncheck-action@v1 with: + go-version-input: '~1.21.0' check-latest: true -- cgit v1.2.3