By running `find -exec`, an error exit code doesn't properly return the
error if there's a failure in a command executed. Use `xargs` to force
an exit with error when a command fails to run.
Signed-off-by: Ivan Valdes <ivan@vald.es>
Include conditional logic to install shellcheck with correct architecture.
This is based on commit 4f23883 and pull request #14872.
Signed-off-by: D Tripp <38776199+thedtripp@users.noreply.github.com>
Makefile's target `verify-dep` current behavior is to use `go list` to
check consistent dependency versions from direct dependencies. Ignoring
indirect dependencies in a multi-module project could lead to version
mismatches. If module A imports module B, module B's dependency will be
an indirect dependency in module A. Which can potentially have a version
mismatch. Therefore, use `go mod edit` with indirect dependencies, too.
So it can work with all dependencies defined in go.mod.
Fix displaying dependencies with mismatches, as the old code was
searching with grep just for the prefix, which would show other
dependencies that shared the same prefix.
Reference:
- https://github.com/etcd-io/etcd/pull/18205
Signed-off-by: Ivan Valdes <ivan@vald.es>
Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
Extracted log from govulncheck, suggesting that we should bump the
version of golang.org/x/sys
Vulnerability #1: GO-2022-0493
Incorrect privilege reporting in syscall and golang.org/x/sys/unix
More info: https://pkg.go.dev/vuln/GO-2022-0493
Module: golang.org/x/sys
Found in: golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57
Fixed in: golang.org/x/sys@v0.0.0-20220412211240-33da011f77ad
Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
Extracted log from govulncheck, suggesting that we should bump the
version of golang.org/x/net
=== Symbol Results ===
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.17.0
Fixed in: golang.org/x/net@v0.23.0
Reference:
- https://github.com/etcd-io/etcd/pull/17708
Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
This commit fixed the Go Vulnerability Checker CI job, which isn't
scanning for all go.mod files within the project.
Reference:
- https://github.com/etcd-io/etcd/discussions/18168
Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
The service at https://beta.transparencylog.net/ has already been
shutdown on November 9th 2021 and the workflow has failed ever since.
Signed-off-by: James Blair <mail@jamesblair.net>
Allow setting AllowedCN and AllowedHostname tls fields through config file for peer transport security.
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
Additionally, provide ability to opt-out of the .go-version and use a
custom one via env vars: FORCE_HOST_GO and GO_VERSION.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
This commit adds a script to sync the version present in .go-version
across all go.mod files as the toolchain directive. As part of that,
this commit also modifies go.mod files that did not have synced toolchain
directives.
Additionally, this also adds a script to verify all toolchain and go
directives against the version present in .go-version as follows:
(1) The go directive <= version in .go-version
(2) The toolchain directive == version in .go-version
This script runs as part of the `make verify` target, making it run
as a presbumit by default.
Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
When running the snapshot command, allow receiving an initial memory map
allocation for the database, avoiding future memory allocation issues.
Backports commit: be2883321240340479f9e334bc4a3b2959ad7639 / PR: #17277
Co-authored-by: Fatih USTA <fatihusta86@gmail.com>
Signed-off-by: Ivan Valdes <ivan@vald.es>
Accept a third argument for NewDefaultBackend for overrides to the
BackendConfig.
Add a new function, WithMmapSize, which modifies the backend config to
provide a custom InitiamMmapSize.
Backports commit: d69adf45f9e95661966204460f019b8164aaef12 / PR: #17277
Signed-off-by: Ivan Valdes <ivan@vald.es>
gRPC health server sets serving status to NOT_SERVING on defrag
Backport from 3.6 in #16278
Co-authored-by: Chao Chen <chaochn@amazon.com>
Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
(cherry picked from commit 9ea234913a99670d18b66aa23915781f89713177)
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
(cherry picked from commit 71733911544f8fce6d06d2a8e9cca0944b3659be)
Signed-off-by: Wei Fu <fuweid89@gmail.com>
