Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,711 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

53 Commits

Author SHA1 Message Date
dependabot[bot]
365a3cc7d1
build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](93397bea11...0c52d547c9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-11 17:06:02 +00:00
James Blair
6dea713f7d
Stop running test workflows in containers. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-10-26 20:52:04 +13:00
dependabot[bot]
297973f1f9
build(deps): bump actions/checkout from 4.1.0 to 4.1.1 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-23 17:52:59 +00:00
Marek Siarkowicz
b8271d9c70 Continue on e2e failure 
E2e tests has been flaky, with failfast and 2 scenarios tests are twice
as fragile. Any early failure of one of the scenarios cases second to be
canceled. Retryign always require running both scenarios.

Intead let's just wait as in other tests allowing us to retry
just the scenario that failed

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-10-11 12:25:31 +02:00
Benjamin Wang
628b45c099 test: add a test case to verify consistent memberlist on bootstrap 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-28 20:04:47 +01:00
dependabot[bot]
a895710756
build(deps): bump actions/checkout from 4.0.0 to 4.1.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](3df4ab11eb...8ade135a41)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-25 17:48:06 +00:00
Allen Ray
cc130fd2d4 Update to go1.21 
Signed-off-by: Allen Ray <alray@redhat.com>
 2023-09-13 10:10:02 -04:00
dependabot[bot]
0f1de81229
build(deps): bump actions/checkout from 3.6.0 to 4.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](f43a0e5ff2...3df4ab11eb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 17:12:38 +00:00
sagar rawat
245b58a1e2 update the debian12 and bookworm remove --v 1.0 
Signed-off-by: sagar rawat <sagarrawat24291@gmail.com>
 2023-09-01 16:19:29 +05:30
dependabot[bot]
2ec87000c3
build(deps): bump actions/checkout from 3.5.3 to 3.6.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-28 17:25:19 +00:00
James Blair
208a74a213
Run integration, e2e & grpcproxy tests in container. 
So that we have one approach for running tests regardless of cpu architecture.

Signed-off-by: James Blair <mail@jamesblair.net>
 2023-08-19 21:28:32 +12:00
dependabot[bot]
a464e9aebb
build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](fac708d667...93397bea11)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-14 17:29:06 +00:00
James Blair
5b9b303fa7
Simplify go data race detection control. 
Use data race detection by default for all amd64 and arm64 tests.

Remove redundant parameters in github workflows.

Signed-off-by: James Blair <mail@jamesblair.net>
 2023-07-27 23:49:09 +12:00
dependabot[bot]
cdff0b3a31
build(deps): bump actions/checkout from 3.5.2 to 3.5.3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e5e7e5ab8...c85c95e3d7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-12 17:59:49 +00:00
Marek Siarkowicz
eb56d86e40 .github/workflows: Read .go-version as a step and not separate workflow 
Signed-off-by: Marek Siarkowicz <serathius@users.noreply.github.com>
 2023-06-09 20:54:46 +02:00
Azanul
b46dc0a1e4
Clean golang test cache 
Signed-off-by: Azanul <azanulhaque@gmail.com>
 2023-06-05 05:49:03 +05:30
Jintao Zhang
b0b922cd71 ci: Introduce yamllint for actions workflow files 
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
 2023-05-26 16:34:23 +08:00
Wei Fu
befb283cca tests: deflake TestKVDelete/ClientAutoTLS 
For the sub test TestKVDelete/ClientAutoTLS, the timeout might be caused
by IO or task scheduled. It's really hard to reproduce this case. And
we don't add `VERBOSE=1` for e2e test, the pipeline doesn't show the
`EXPECT_DEBUG` log in time. It's also hard to debug when flaky case
show. So, this patch will enable `VERBOSE=1` to get timestamp in time.

And the one operation `del a c -w json` will be performed after two seconds
delay, we can increase the timeout from 15s to 30s just in case that the
put or del operations take more time in unstable env.

```
Warning: Keys between "a" and "c" will be deleted. Please interrupt the
command within next 2 seconds to cancel.
```

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-05-19 18:22:18 +08:00
dependabot[bot]
29f9d06527
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4d34df0c23...fac708d667)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-15 18:00:00 +00:00
Juan
0df7c48ddd Centralizing workflow go-version variable 
Signed-off-by: Juan <1766933+judavi@users.noreply.github.com>
 2023-04-20 11:42:28 +00:00
dependabot[bot]
b1e14c7d0a
build(deps): bump actions/checkout from 3.5.0 to 3.5.2 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-17 18:01:42 +00:00
Benjamin Wang
2d0d3c3fdf security: bump go to 1.19.8 to fix four CVEs 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 13:38:58 +08:00
Marek Siarkowicz
f53594309a Use makefile as entrypoint in CI 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 11:15:19 +02:00
dependabot[bot]
5f6dab4149
build(deps): bump actions/checkout from 3.4.0 to 3.5.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](24cb908017...8f4b7f8486)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-24 10:36:27 +00:00
Benjamin Wang
08471cddfd
Merge pull request #15519 from fuweid/remove-tee-in-ci 
chore: introduce strict bash mode for scripts,.github
 2023-03-23 06:28:02 +08:00
Wei Fu
1fcb782780 chore: introduce strict bash mode for scripts,.github 
REF: #15514

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-03-22 18:00:41 +08:00
dependabot[bot]
64319cf9b7
build(deps): bump actions/setup-go from 3.5.0 to 4.0.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](6edd4406fa...4d34df0c23)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-21 00:33:10 +00:00
dependabot[bot]
dd6fa9fd10
build(deps): bump actions/checkout from 3.3.0 to 3.4.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ac59398561...24cb908017)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-20 18:06:19 +00:00
James Blair
5b3497555f
Updated go to 1.19.7. 
Mitigates CVE-2023-24532.

Signed-off-by: James Blair <mail@jamesblair.net>
 2023-03-08 21:39:31 +13:00
James Blair
ee6781bf6f Bump to go 1.19.6 
go 1.19.6 (released 2023-02-14) includes important security and bug fixes.

Signed-off-by: James Blair <mail@jamesblair.net>
 2023-02-16 17:12:59 +08:00
yanggang
ebf1e3bb1a
Bump go to 1.19.5 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2023-01-11 14:42:31 +08:00
dependabot[bot]
9f93448500
build(deps): bump actions/checkout from 3.2.0 to 3.3.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-09 17:12:51 +00:00
dependabot[bot]
a59276c171 build(deps): bump actions/setup-go from 2.2.0 to 3.5.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2.2.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](bfdd3570ce...6edd4406fa)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-14 08:59:29 +08:00
dependabot[bot]
ffd26d6a0a
build(deps): bump actions/checkout from 2.5.0 to 3.2.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.5.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.5.0...755da8c3cf115ac066823e79a1e1788f8940201b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-13 03:36:57 +00:00
Benjamin Wang
bf5c094f3c secure the github workflow 
https://app.stepsecurity.io/secureworkflow/etcd-io/etcd/tests.yaml/main?enable=pin
1. Copy the existing yaml file and paste into the textbox,
2. Click "SECURE WORKFLOW"
3. Copy the manifest from the textbox and paste into etcd repo.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-12 16:23:13 +08:00
Benjamin Wang
dccc21bb69 bump go 1.19.4 
$ govulncheck ./...
govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

Scanning for dependencies with known vulnerabilities...
Found 1 known vulnerability.

Vulnerability #1: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
      tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.ConfigureServer$1

  Found in: golang.org/x/net/http2@v0.2.0
  Fixed in: golang.org/x/net/http2@v1.19.4
  More info: https://pkg.go.dev/vuln/GO-2022-1144

Vulnerability #2: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
      contrib/lock/storage/storage.go:106:28: go.etcd.io/etcd/v3/contrib/lock/storage.main calls net/http.ListenAndServe
      contrib/raftexample/httpapi.go:113:31: go.etcd.io/etcd/v3/contrib/raftexample.serveHTTPKVAPI$1 calls net/http.Server.ListenAndServe
      tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls net/http.Serve
      tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls net/http.Server.Serve

  Found in: net/http@go1.19.3
  Fixed in: net/http@go1.19.4
  More info: https://pkg.go.dev/vuln/GO-2022-1144

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-09 07:39:57 +08:00
Joyce Brum
a92e06f132
fix: revoke write permissions from all workflows 
Signed-off-by: Joyce Brum <joycebrum@google.com>
 2022-12-07 13:51:22 +00:00
Joyce Brum
4bcf401b7f
Squashed commit of the following: 
commit 9a3bf2c0ed6e63c718789679745fdaa24a2c2ba9
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 17:59:42 2022 +0000

    fix: write permissions

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 7716f3c00cd7cfe4debbbf97662b1cee7277ba00
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 17:04:19 2022 +0000

    fix: typo on coverage workflow

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit cb5165401392f1a2de3683ec33ffe97dc0f1fe9f
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 16:57:50 2022 +0000

    feat: test coverage workflow with write permissions

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 235627f257d52139c9c73c2ca15c9ef7250cea2f
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 16:44:21 2022 +0000

    fix: measure test read all and workflow dispatch

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 81b1581f19945ba5ddd7fa74661910a457af7515
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 14:50:12 2022 +0000

    feat: change from content read to read all

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 95bd39f615924a9c0186e6d3e1ad6c205c7db428
Author: Joyce Brum <joycebrum@google.com>
Date:   Tue Dec 6 14:45:45 2022 +0000

    fix: add permission to write on e2e.yaml

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit f86661da253af3908cde9f5f71311fbca6b26c81
Author: Joyce Brum <joycebrum@google.com>
Date:   Mon Dec 5 17:04:44 2022 +0000

    feat: use read-only by default

    Signed-off-by: Joyce Brum <joycebrum@google.com>

Signed-off-by: Joyce Brum <joycebrum@google.com>
 2022-12-06 18:03:50 +00:00
Wei Fu
71d45461ff e2e: test DowngradeVersion with latest point release 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-11-13 17:21:13 +08:00
Benjamin Wang
94e0c2410b bump go version to 1.19.3 to address security fixes 
FYI. https://groups.google.com/g/golang-announce/c/dRtDK7WS78g

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-02 09:07:22 +08:00
vivekpatani
680310a6c9 *: bump to go1.19.2 from 1.19.1 
- update .github workflows
- update tests

Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
 2022-10-27 18:45:02 -07:00
Manuel Rüger
0f4d6fbc5e .github/workflows: Replace egrep with grep -E 
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
 2022-10-09 21:22:36 +02:00
Benjamin Wang
cb5f7276c3 Bump go 1.19: upgrade go version to 1.19.1 in the pipeline 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-22 08:47:46 +08:00
Manuel Rüger
c544b2a2a5 Update go to 1.17.8 2022-03-23 20:11:12 +01:00
Marek Siarkowicz
396efd9608 Cleanup scripts in root directory 2022-02-02 13:50:44 +01:00
Manuel Rüger
ce086a4ba6 *: Bump to go 1.17.6 
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
 2022-01-12 03:13:27 +01:00
Manuel Rüger
ce50f68166 *: Bump to go 1.17.5 2022-01-12 03:00:08 +01:00
Lili Cosic
e6e279a14d *: Bump go to go v1.17.2 2021-10-27 13:44:54 +02:00
Marek Siarkowicz
b2d5168487 Stop using tip golang version in CI 2021-09-14 16:16:08 +02:00
Marek Siarkowicz
0ae9f0625c *: Bump release tests to use v3.5.0 2021-08-04 13:41:12 +02:00