James Blair
5b3497555f
Updated go to 1.19.7.
...
Mitigates CVE-2023-24532.
Signed-off-by: James Blair <mail@jamesblair.net>
2023-03-08 21:39:31 +13:00
Marek Siarkowicz
d4acc0ad9f
Merge pull request #15313 from serathius/dependabot-root
...
workflows: Remove non-root gomod dependabot rules
2023-03-02 10:17:29 +01:00
Marek Siarkowicz
6471b9e320
workflows: Remove non-root gomod dependabot rules and enable dependency-type all to ensure upgrade of indirect dependencies
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-03-01 13:30:21 +01:00
Marek Siarkowicz
d475cf81a0
tests: Rename linearizability tests to robustness
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-02-26 14:36:18 +01:00
dependabot[bot]
0c52e5e133
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
2023-02-24 23:21:07 +00:00
James Blair
2d2fbcc30e
Ensure we are using an up to date govulncheck.
...
Signed-off-by: James Blair <mail@jamesblair.net>
2023-02-25 11:25:33 +13:00
James Blair
ee6781bf6f
Bump to go 1.19.6
...
go 1.19.6 (released 2023-02-14) includes important security and bug fixes.
Signed-off-by: James Blair <mail@jamesblair.net>
2023-02-16 17:12:59 +08:00
Marek Siarkowicz
116a3150c0
Merge pull request #15282 from serathius/linearizability-report-watch
...
test: Report watch histories
2023-02-15 16:00:10 +01:00
Marek Siarkowicz
d99b1dbdaf
tests: Move results reporting to top and add reporting watch histories
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-02-15 13:02:42 +01:00
Davanum Srinivas
597bac7b51
Do not run arm64 jobs on forks
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2023-02-14 08:20:06 -05:00
dependabot[bot]
50532c9fb5
build(deps): bump github/codeql-action from 2.2.1 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...17573ee1cc
2023-02-13 20:35:03 +08:00
Marek Siarkowicz
5f68ecc1ef
tests: Remove functional testing as they were replaced by linearizability tests
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-02-11 13:20:44 +01:00
Kevin Zhao
4d715c0c44
Add integration test for Arm64
...
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
2023-02-03 18:20:30 +08:00
Kevin Zhao
009a6c0b94
Add E2E tests on arm64
...
Now it is daily nightly build at 1 am.
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
2023-02-02 10:38:04 +08:00
dependabot[bot]
d0a481be84
build(deps): bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a34ca99b46...3ebbd71c74
2023-01-31 05:28:21 +08:00
Marek Siarkowicz
187d2748a4
Merge pull request #15172 from dims/add-functional-tests-on-arm64
...
Add functional tests on arm64
2023-01-24 19:09:38 +01:00
Davanum Srinivas
0575166651
Run on a schedule instead of every PR
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2023-01-24 13:06:42 -05:00
dependabot[bot]
54bd81815d
build(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](0ad9a0988b...08e2f20817
2023-01-24 08:10:43 +08:00
Davanum Srinivas
5f94975860
Add functional tests on arm64
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2023-01-23 16:10:24 -05:00
dependabot[bot]
ee566c492b
build(deps): bump github/codeql-action from 2.1.38 to 2.1.39
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...a34ca99b46
2023-01-20 18:35:49 +08:00
Marek Siarkowicz
1a315097de
tests: Set artifact name based to avoid file override from different subruns
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-01-20 09:51:41 +01:00
Marek Siarkowicz
a581062c7a
tests: Fix linearizability nightly
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-01-20 09:13:51 +01:00
Nirav_Prajapati
fba3b96169
fix: typo in bug.yaml
...
Signed-off-by: Nirav_Prajapati <niravprajapati97120@gmail.com>
2023-01-19 06:39:37 +00:00
Marek Siarkowicz
a0d12d316d
tests: Add reproduce #13766 scenario
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-01-17 14:34:19 +01:00
Marek Siarkowicz
0c483830d9
tests: Fix linearizability nightly variable name
2023-01-17 10:40:05 +01:00
Benjamin Wang
1659f8980f
dependency: bump github/codeql-action from 2.1.37 to 2.1.38
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-01-17 06:46:31 +08:00
Thomas Jungblut
ab3c530b92
add linearizability nightlies for release 3.4/3.5
...
This CL refactors the tests to reuse a single workflow that has
parameters. This is then reused for PRs/pushes and the nightlies.
Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-01-16 11:00:16 +01:00
Marek Siarkowicz
5b8d19c7b3
tests: Reduce number of runs in nightly action
...
Single run takes up to 30s. Let's reduce number of runs to reduce chance
of timeout.
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
2023-01-14 09:29:12 +01:00
yanggang
ebf1e3bb1a
Bump go to 1.19.5
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-11 14:42:31 +08:00
Benjamin Wang
c9a9968d40
Merge pull request #15074 from etcd-io/dependabot/github_actions/actions/upload-artifact-3.1.2
...
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
2023-01-10 09:08:02 +08:00
dependabot[bot]
9f93448500
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-09 17:12:51 +00:00
dependabot[bot]
ad315b38fa
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15
2023-01-09 17:12:44 +00:00
Benjamin Wang
a60db1192d
Added 'secrets.GITHUB_TOKEN' for the static-analysis workflow
...
Refer to: https://github.com/arduino/setup-protoc/issues/63
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-28 15:43:44 +08:00
dependabot[bot]
0fcd828de9
build(deps): bump ossf/scorecard-action from 2.1.0 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](937ffa90d7...e38b1902ae
2022-12-26 17:18:42 +00:00
dependabot[bot]
429f66e12a
build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...937ffa90d7
2022-12-20 09:28:23 +08:00
dependabot[bot]
ef02c159f2
build(deps): bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.36...959cbb7472c4d4ad70cdfe6f4976053fe48ab394 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 17:09:20 +00:00
ArkaSaha30
2d47811407
Move trivy scan workflow of specific versions to respective branches
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
2022-12-16 10:43:55 +05:30
dependabot[bot]
a59276c171
build(deps): bump actions/setup-go from 2.2.0 to 3.5.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce...6edd4406fa
2022-12-14 08:59:29 +08:00
Benjamin Wang
cb5b7c2ec7
Merge pull request #14928 from ArkaSaha30/trivy-nightly-scan
...
etcd: add `trivy-nightly-scan` for etcd images
2022-12-14 08:52:44 +08:00
ArkaSaha30
f4d3fa91db
Add permissions: read-all to the workflow
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
2022-12-13 12:42:51 +05:30
Benjamin Wang
1d7d8a9016
dependabot: change schedule interval to weekly
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-13 14:38:32 +08:00
Benjamin Wang
e103e2c18c
Merge pull request #14946 from etcd-io/dependabot/github_actions/actions/checkout-3.2.0
...
build(deps): bump actions/checkout from 2.5.0 to 3.2.0
2022-12-13 14:29:41 +08:00
Benjamin Wang
9cb4c817f3
Merge pull request #14940 from etcd-io/dependabot/github_actions/actions/upload-artifact-3.1.1
...
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.1
2022-12-13 14:28:12 +08:00
ArkaSaha30
941fe6b877
Add newline at end of file
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
2022-12-13 11:34:57 +05:30
dependabot[bot]
ffd26d6a0a
build(deps): bump actions/checkout from 2.5.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.5.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.5.0...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 03:36:57 +00:00
dependabot[bot]
7a55adcfd1
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2.3.1...83fd05a356d7e2593de66fc9913b3002723633cb )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 03:36:52 +00:00
dependabot[bot]
0fabbebeaa
build(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.3.1
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](07db5389c9...0ad9a0988b
2022-12-13 03:36:49 +00:00
Benjamin Wang
f538e18f3b
security: add dependabot.yml
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-13 10:44:35 +08:00
Benjamin Wang
ee9db729da
Merge pull request #14860 from ahrtr/fix_release_20221126
...
Trigger release in current branch for github workflow case
2022-12-12 17:46:19 +08:00
Benjamin Wang
bf5c094f3c
secure the github workflow
...
https://app.stepsecurity.io/secureworkflow/etcd-io/etcd/tests.yaml/main?enable=pin
1. Copy the existing yaml file and paste into the textbox,
2. Click "SECURE WORKFLOW"
3. Copy the manifest from the textbox and paste into etcd repo.
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-12 16:23:13 +08:00
