Aliaksandr Valialkin
5d1ce9891b
.github/workflows: add Go version to Go artifacts cache key
...
When Go version changes, artifacts for the previous Go version may becomes useless,
so there is a little sense in re-using them.
2023-11-21 12:09:44 +02:00
Aliaksandr Valialkin
74fda0b311
.github/workflows: take into account Makefile contents when generating cache key for Go build aftifacts
...
The cache key must change when the corresponding 'make ...' command changes inside Makefile.
2023-11-21 12:09:43 +02:00
Aliaksandr Valialkin
95f12c7e28
.github/workflows: use stable
Go release - it should always point to the latest stable release
...
This eliminates the need to update .github/workflows/* files whenever new Go stable release is out,
like in the 2db1a664e1
.
See https://github.com/actions/setup-go#using-stableoldstable-aliases
2023-11-21 12:09:43 +02:00
Aliaksandr Valialkin
c160a49908
.github/workflows/main.yml: try improving caching for Go artifacts
...
The default caching for Go artifacts from actions/setup-go@v4 uses the hash of go.sum file
as a cache key - see https://github.com/actions/cache/blob/main/examples.md#go---modules .
This isn't enough for VictoriaMetrics case, since different makefile actions build different the Go artifacts,
which need to be cached. So embed the action name in the cache key.
2023-11-21 01:11:08 +02:00
Aliaksandr Valialkin
81ddee4f3a
Makefile: speedup release
, publish
and crossbuild
rules by using parallel make
2023-11-20 22:53:23 +02:00
Aliaksandr Valialkin
2db1a664e1
deployment: update Go builder from Go1.21.3 to Go1.21.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.4+label%3ACherryPickApproved
2023-11-10 22:28:44 +01:00
Aliaksandr Valialkin
d984598e30
deployment/docker: update Go builder from Go1.21.1 to Go1.21.3
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.2+label%3ACherryPickApproved
and https://github.com/golang/go/issues?q=milestone%3AGo1.21.3+label%3ACherryPickApproved
2023-10-12 09:41:41 +02:00
hagen1778
7b99781b09
build(deps): revert version change for codecov/codecov-action from 4 to 3
...
https://github.com/codecov/codecov-action/issues/1089
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-09-19 09:19:42 +02:00
dependabot[bot]
f32711e614
build(deps): bump codecov/codecov-action from 3 to 4 ( #5011 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 09:27:12 +02:00
dependabot[bot]
9ddb2d8010
build(deps): bump actions/checkout from 3 to 4 ( #4950 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-07 13:07:56 +02:00
Aliaksandr Valialkin
2dc33e0ddc
all: update Go builder from Go1.21.0 to Go1.21.1
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.1+label%3ACherryPickApproved
2023-09-07 11:36:16 +02:00
Aliaksandr Valialkin
e0017b4d47
all: update Go builder from Go1.20.7 to Go1.21.0
...
See https://tip.golang.org/doc/go1.21
and https://go.dev/blog/go1.21
2023-08-11 06:25:54 -07:00
Roman Khavronenko
4c854c3ae2
security: bump go version from 1.20.6 to 1.20.7 ( #4773 )
...
The update includes a security fix to the crypto/tls package,
as well as bug fixes to the assembler and the compiler.
See the list of issues addressed in Go1.20.7 here:
https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-08-03 11:48:37 +02:00
Aliaksandr Valialkin
30cdcc751d
all: update Go builder from 1.20.5 to 1.20.6
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.6+label%3ACherryPickApproved
2023-07-12 00:59:59 -07:00
Roman Khavronenko
476c7bdd6f
all: update Go builder from Go1.20.4 to Go1.20.5 ( #4427 )
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.5+label%3ACherryPickApproved
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-06-09 09:42:55 +02:00
Aliaksandr Valialkin
1b288e0a05
all: update Go builder from Go1.20.3 to Go1.20.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
2023-05-08 09:40:55 -07:00
Aliaksandr Valialkin
5074cc672a
all: update Go builder from Go1.20.2 to Go1.20.3
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.3+label%3ACherryPickApproved
2023-04-05 13:37:22 -07:00
dependabot[bot]
cc67eb4ff3
build(deps): bump actions/setup-go from 3 to 4 ( #3962 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 09:23:24 +01:00
Roman Khavronenko
3de7fc5c71
security: bump go version to 1.20.2 ( #3935 )
...
upgrade Go builder from Go1.20.1 to Go1.20.2
See the list of issues addressed in Go1.20.2 here (https://github.com/golang/go/issues?q=milestone%3AGo1.20.2+label%3ACherryPickApproved ).
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-03-09 13:20:54 +01:00
Aliaksandr Valialkin
11ce30820b
all: update Go builder from Go1.20.0 to Go1.20.1
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.1+label%3ACherryPickApproved
2023-02-14 23:05:16 -08:00
Max Golionko
6495b62866
bump go to 1.20 in ci jobs ( #3787 )
2023-02-08 14:32:42 +01:00
Max Golionko
6f24fa2055
CI: speedup build by 2.4x. restore nightly build ( #3772 )
...
* setup docker buildx
* add snyk integration
* add go cache for docker build
* cancel redundant job if there is new commit into same PR or branch
2023-02-07 10:12:16 +08:00
Max Golionko
df1e545c0e
disable codeql for docs. merge build and test back to one job ( #3746 )
2023-02-02 20:59:08 +08:00
Max Golionko
e8554cd1cb
ci: checkout correct branch for build step ( #3676 )
2023-01-19 08:34:20 +01:00
Max Golionko
59b97f26c0
CI: split js and go codeql, split test and build, enable matrix for test ( #3670 )
...
* split js and go codeql, split test and build, enable matrix for test
* checkout before go setup
* enable build for PRs as well
* update filter
2023-01-18 11:42:27 -08:00
Aliaksandr Valialkin
c449714c0a
deployment/docker: update Go builder from v1.19.4 to v1.19.5
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.19.5+label%3ACherryPickApproved
2023-01-10 18:43:04 -08:00
Artem Navoiev
0a519c93ef
run checks only for master/cluster branches ( #3581 )
...
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-01-03 11:08:44 +04:00
Aliaksandr Valialkin
eeacbaf0b6
all: update Go builder from v1.19.3 to v1.19.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.19.4+label%3ACherryPickApproved
2022-12-08 16:41:24 -08:00
Roman Khavronenko
9f8bf524ad
bump go version to 1.19.3 ( #3327 )
...
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-11-08 16:43:59 +01:00
Aliaksandr Valialkin
b47caa86db
all: update the minimum required Go verson from 1.19.1 to 1.19.2
...
This is needed because of security vulnerabilities found in Go 1.19.1
See https://go.dev/doc/devel/release#go1.19.2
2022-10-07 22:43:37 +03:00
Roman Khavronenko
efea51a9ee
bump Go version to 1.19.1 ( #3108 )
...
The reason is to cover vulnerability GO-2022-0969
Found in: net/http@go1.18.5
Fixed in: net/http@go1.19.1
More info: https://pkg.go.dev/vuln/GO-2022-0969
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-09-14 12:29:19 +02:00
Aliaksandr Valialkin
28b6dec1f4
.github/workflows/main.yml: stop setting GO111MODULE=on env var, since it is unnecessary in Go1.18 and newer versions
2022-09-08 18:41:56 +03:00
Aliaksandr Valialkin
7b8bc8ad59
all: bump the minimum supported version of Go from 1.17 to 1.18
...
This is needed because some dependencies uses generics, which have been appeared in Go1.18
This is a follow-up for caf3dd4fa2
2022-08-08 13:39:38 +03:00
Roman Khavronenko
caf3dd4fa2
workflows: bump go version ( #2955 )
...
Some new dependencies contain generics, so we bump go version for CI.
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-08-08 09:24:15 +02:00
Aliaksandr Valialkin
ed93330e66
all: follow-up for d99ba3481b
2022-07-13 16:44:39 +03:00
naveensrinivasan
cb1ded8d9f
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-17 17:04:04 +03:00
dependabot[bot]
d7f86f111b
build(deps): bump codecov/codecov-action from 2.1.0 to 3 ( #2407 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.1.0 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v2.1.0...v3 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 13:08:09 +03:00
Roman Khavronenko
e5b451a66a
ci: bump go version to 1.17 ( #1895 )
...
The bump was required for `vmalert` package.
`vmalert` docs now also contain an updated description.
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2021-12-02 14:42:25 +02:00
Aliaksandr Valialkin
1ae7ca848c
.github/workflows/main.yml: checkout code before installing dependencies
...
Dependencies depend on Makefile rules from the code, so code checkout must run first
2021-10-26 22:08:58 +03:00
Aliaksandr Valialkin
c560a338e8
.github/workflows/main.yml: re-use makefile rules for installing goling, errcheck and golangci-lint
2021-10-26 21:26:39 +03:00
dependabot[bot]
bc2d05be8e
build(deps): bump codecov/codecov-action from 2.0.3 to 2.1.0 ( #1615 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.0.3 to 2.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v2.0.3...v2.1.0 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-14 12:23:01 +03:00
dependabot[bot]
66626db92f
build(deps): bump codecov/codecov-action from 2.0.2 to 2.0.3 ( #1563 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v2.0.2...v2.0.3 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-25 13:40:21 +03:00
dependabot[bot]
0ef150c14b
build(deps): bump codecov/codecov-action from 2.0.1 to 2.0.2
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v2.0.1...v2.0.2 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-26 20:42:21 +03:00
dependabot[bot]
bf25a256c5
build(deps): bump codecov/codecov-action from 1.5.2 to 2.0.1 ( #1468 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1.5.2 to 2.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v1.5.2...v2.0.1 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-23 12:01:52 +03:00
dependabot[bot]
408fc90b40
build(deps): bump codecov/codecov-action from 1.5.0 to 1.5.2 ( #1362 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v1.5.0...v1.5.2 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 12:16:46 +03:00
Artem Navoiev
c687536956
Add vendor license checker, update codecov action, add dependbot for … ( #1280 )
...
* Add vendor license checker, update codecov action, add dependbot for github actions
* update gitingore, temprorary turn on check
* fix action name
* change action rules to trigger only when vendor changes
* remove obsolete line from main action
2021-05-10 11:38:56 +03:00
Aliaksandr Valialkin
90bba22c25
.github/workflows: remove CODECOV_TOKEN
2021-04-19 11:11:14 +03:00
Aliaksandr Valialkin
3792ea4065
.github/workflows/main.yml: update Go version from v1.15 to v1.16
2021-03-01 12:14:20 +02:00
Aliaksandr Valialkin
7cc3d96a41
lib/fs: follow-up after f3a03c4164
2021-02-27 01:01:47 +02:00
Aliaksandr Valialkin
d5c180e680
app/vmctl: move vmctl code from github.com/VictoriaMetrics/vmctl
...
It is better developing vmctl tool in VictoriaMetrics repository, so it could be released
together with the rest of vmutils tools such as vmalert, vmagent, vmbackup, vmrestore and vmauth.
2021-02-01 01:10:20 +02:00