78 Commits

Author	SHA1	Message	Date
Benjamin Wang	bf5c094f3c	secure the github workflow ... https://app.stepsecurity.io/secureworkflow/etcd-io/etcd/tests.yaml/main?enable=pin 1. Copy the existing yaml file and paste into the textbox, 2. Click "SECURE WORKFLOW" 3. Copy the manifest from the textbox and paste into etcd repo. Signed-off-by: Benjamin Wang <wachao@vmware.com>	2022-12-12 16:23:13 +08:00
Benjamin Wang	808099dc24	Pin govulncheck to v0.0.0-20221208180742-f2dca5ff4cc3 ... go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./... shell: /usr/bin/bash -e {0} env: GOROOT: /opt/hostedtoolcache/go/1.19.4/x64 go: golang.org/x/vuln/cmd/govulncheck@latest: no matching versions for query "latest" Signed-off-by: Benjamin Wang <wachao@vmware.com>	2022-12-09 18:23:53 +08:00
Marek Siarkowicz	a8bc8ba28b	tests: Increase test timeout for nighly runs to match job timeout minus ten minutes ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-12-09 09:47:17 +01:00
Benjamin Wang	dccc21bb69	bump go 1.19.4 ... $ govulncheck ./... govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback. Scanning for dependencies with known vulnerabilities... Found 1 known vulnerability. Vulnerability #1: GO-2022-1144 An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. Call stacks in your code: tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.ConfigureServer$1 Found in: golang.org/x/net/http2@v0.2.0 Fixed in: golang.org/x/net/http2@v1.19.4 More info: https://pkg.go.dev/vuln/GO-2022-1144 Vulnerability #2: GO-2022-1144 An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. Call stacks in your code: contrib/lock/storage/storage.go:106:28: go.etcd.io/etcd/v3/contrib/lock/storage.main calls net/http.ListenAndServe contrib/raftexample/httpapi.go:113:31: go.etcd.io/etcd/v3/contrib/raftexample.serveHTTPKVAPI$1 calls net/http.Server.ListenAndServe tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls net/http.Serve tools/etcd-dump-metrics/main.go:159:31: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main$4 calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls net/http.Server.Serve Found in: net/http@go1.19.3 Fixed in: net/http@go1.19.4 More info: https://pkg.go.dev/vuln/GO-2022-1144 Signed-off-by: Benjamin Wang <wachao@vmware.com>	2022-12-09 07:39:57 +08:00
Benjamin Wang	4ba806a103	Merge pull request #14911 from tjungblu/linnight ... Create a nightly job for linearizability tests	2022-12-08 07:19:00 +08:00
Thomas Jungblut	7c9c1b6c1c	Create a nightly job for linearizability tests ... Start with a simple job against main that runs for 3h by repeating it an order of magnitude more often than the PR job. Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>	2022-12-07 17:41:49 +01:00
Marek Siarkowicz	3e3be35f20	Merge pull request #14905 from joycebrum/main ... Set Github workflows default permissions to read-only	2022-12-07 16:39:14 +01:00
Joyce Brum	a92e06f132	fix: revoke write permissions from all workflows ... Signed-off-by: Joyce Brum <joycebrum@google.com>	2022-12-07 13:51:22 +00:00
Joyce Brum	6adc81c664	fix: remove workflow dispatch used for testing ... Signed-off-by: Joyce Brum <joycebrum@google.com>	2022-12-06 18:10:50 +00:00
Joyce Brum	4bcf401b7f	Squashed commit of the following: ... commit 9a3bf2c0ed6e63c718789679745fdaa24a2c2ba9 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 17:59:42 2022 +0000 fix: write permissions Signed-off-by: Joyce Brum <joycebrum@google.com> commit 7716f3c00cd7cfe4debbbf97662b1cee7277ba00 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 17:04:19 2022 +0000 fix: typo on coverage workflow Signed-off-by: Joyce Brum <joycebrum@google.com> commit cb5165401392f1a2de3683ec33ffe97dc0f1fe9f Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 16:57:50 2022 +0000 feat: test coverage workflow with write permissions Signed-off-by: Joyce Brum <joycebrum@google.com> commit 235627f257d52139c9c73c2ca15c9ef7250cea2f Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 16:44:21 2022 +0000 fix: measure test read all and workflow dispatch Signed-off-by: Joyce Brum <joycebrum@google.com> commit 81b1581f19945ba5ddd7fa74661910a457af7515 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 14:50:12 2022 +0000 feat: change from content read to read all Signed-off-by: Joyce Brum <joycebrum@google.com> commit 95bd39f615924a9c0186e6d3e1ad6c205c7db428 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 14:45:45 2022 +0000 fix: add permission to write on e2e.yaml Signed-off-by: Joyce Brum <joycebrum@google.com> commit f86661da253af3908cde9f5f71311fbca6b26c81 Author: Joyce Brum <joycebrum@google.com> Date: Mon Dec 5 17:04:44 2022 +0000 feat: use read-only by default Signed-off-by: Joyce Brum <joycebrum@google.com> Signed-off-by: Joyce Brum <joycebrum@google.com>	2022-12-06 18:03:50 +00:00
Marek Siarkowicz	a573d8af69	tests: Use golang count to repeat tests ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-12-03 11:21:07 +01:00
Marek Siarkowicz	dd4d69ca91	tests: Cleanup gofail ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-11-27 20:35:39 +01:00
vivekpatani	0e65199e1a	.github: make govuln-check generic ... Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>	2022-11-17 13:10:01 -08:00
Thomas Jungblut	89bfa4b95c	Update CodeQL to v2 ... CodeQL@v1 is going to be deprecated in three weeks. This PR updates the branches to track only the currently maintained release branches and moves the actions to its v2 version. Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>	2022-11-15 13:30:44 +01:00
Wei Fu	71d45461ff	e2e: test DowngradeVersion with latest point release ... Signed-off-by: Wei Fu <fuweid89@gmail.com>	2022-11-13 17:21:13 +08:00
Benjamin Wang	94e0c2410b	bump go version to 1.19.3 to address security fixes ... FYI. https://groups.google.com/g/golang-announce/c/dRtDK7WS78g Signed-off-by: Benjamin Wang <wachao@vmware.com>	2022-11-02 09:07:22 +08:00
spacewander	e73a25a1d0	ci: ensure the generated code is up-to-date ... See https://github.com/etcd-io/etcd/pull/14612#issue-1419792069 Signed-off-by: spacewander <spacewanderlzx@gmail.com>	2022-10-31 19:58:21 +08:00
Benjamin Wang	70c57c5651	Merge pull request #14646 from joycebrum/main ... Fix error on Scorecard run by upgrading the action version	2022-10-29 05:29:13 +08:00
Joyce Brum	0bc8895d7b	fix: upgrade scorecard github action to avoid crashes ... Signed-off-by: Joyce Brum <joycebrum@google.com>	2022-10-28 17:26:04 -03:00
Marek Siarkowicz	ac1b07626d	Merge pull request #14625 from vivekpatani/main ... .github: add govuln check	2022-10-28 15:52:51 +02:00
vivekpatani	680310a6c9	*: bump to go1.19.2 from 1.19.1 ... - update .github workflows - update tests Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>	2022-10-27 18:45:02 -07:00
vivekpatani	5c0d653958	.github: add govuln check ... - add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>	2022-10-26 17:25:35 -07:00
Marek Siarkowicz	8ce81a1624	Merge pull request #14611 from serathius/issue14370 ... tests: Add linearizability tests scenario for #14370	2022-10-25 14:03:39 +02:00
Marek Siarkowicz	837819860b	tests: Add linearizability tests scenario for #14370 ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-10-24 13:36:12 +02:00
Samuele Resca	37d62ba477	Updating fuzzing script with list of target. ... Signed-off-by: Samuele Resca <samuele.resca@gmail.com>	2022-10-23 13:46:10 +01:00
Samuele Resca	3d9c5c6166	Adding fuzz test on v3rpc interfaces. ... Signed-off-by: Samuele Resca <sr7@ad.datcon.co.uk> Signed-off-by: Samuele Resca <samuele.resca@gmail.com>	2022-10-23 13:46:10 +01:00
Marek Siarkowicz	069e26e284	tests: Validate etcd linearizability ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-10-23 06:41:38 +02:00
Manuel Rüger	0f4d6fbc5e	.github/workflows: Replace egrep with grep -E ... Signed-off-by: Manuel Rüger <manuel@rueg.eu>	2022-10-09 21:22:36 +02:00
Joyce Brum	336bae2d4e	github: enable the scorecard github action ... Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>	2022-09-23 13:57:22 -03:00
Benjamin Wang	cb5f7276c3	Bump go 1.19: upgrade go version to 1.19.1 in the pipeline ... Signed-off-by: Benjamin Wang <wachao@vmware.com>	2022-09-22 08:47:46 +08:00
Marek Siarkowicz	bea478266e	makefile: Raname targets update* to fix* to distinquish from update_dep ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-09-20 13:58:17 +02:00
Marek Siarkowicz	5bfda80836	makefile: test the update target ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-09-20 13:57:59 +02:00
Sahdev Zala	72912fbc20	Merge pull request #14470 from serathius/verify-update ... makefile: Make static analysis commands easier to use	2022-09-16 12:02:37 -04:00
Marek Siarkowicz	54bd105805	really fix measure-test-flakiness ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-09-15 16:15:25 +02:00
Marek Siarkowicz	e270967ab9	Fix measuring test flakiness	2022-09-15 16:00:53 +02:00
Marek Siarkowicz	7bb114d171	makefile: Make static analysis commands easier to use ... Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>	2022-09-15 11:54:14 +02:00
Cenk Alti	66d37aaf1d	Setup golangci-lint GitHub action. ... Part of "Enhance the static-analysis workflow" issue. #14164 Signed-off-by: Cenk Alti <cenkalti@gmail.com>	2022-08-27 14:06:11 -04:00
Marek Siarkowicz	56830df3ef	Merge pull request #14016 from serathius/coverage-push ... coverage: Run coverage only on push	2022-05-06 13:13:18 +02:00
Marek Siarkowicz	8cfb658ddb	coverage: Run coverage only on push	2022-05-06 11:50:25 +02:00
ahrtr	8abff7918b	remove the asset workflow/transparency.yaml ... The service at https://beta.transparencylog.net/ has already been shutdown on November 9th 2021, and we start to see failure after that.	2022-05-06 15:49:55 +08:00
Marek Siarkowicz	96840277d0	github: Add necessery permissions for CodeQL	2022-05-05 10:07:02 +02:00
ahrtr	df25844284	change ARCH to GOARCH in build.yaml	2022-05-04 05:48:53 +08:00
Marek Siarkowicz	dd98f1ceb3	Make DRY_RUN explicit	2022-04-26 15:42:45 +02:00
Marek Siarkowicz	5472e589cf	scripts: Add tests for release scripts	2022-04-25 10:12:01 +02:00
Marek Siarkowicz	8d8271f6d1	Merge pull request #13175 from karuppiah7890/issue-13167-measure-flakyness ... scripts: add script to measure percentage of commits with failed status	2022-04-05 15:25:47 +02:00
Manuel Rüger	c544b2a2a5	Update go to 1.17.8	2022-03-23 20:11:12 +01:00
Marek Siarkowicz	e814f6f78a	Merge pull request #13671 from mrueg/mixin-generate-manifests ... contrib/mixin: Generate rules, fix tests	2022-02-15 23:06:52 +01:00
Manuel Rüger	72c33d8b05	contrib/mixin: Generate rules, fix tests ... * Add Makefile * Make tests runnable * Add generated rule manifest file Signed-off-by: Manuel Rüger <manuel@rueg.eu>	2022-02-10 16:17:03 +01:00
Marek Siarkowicz	396efd9608	Cleanup scripts in root directory	2022-02-02 13:50:44 +01:00
Piotr Tabor	a99c919a9f	Merge pull request #13651 from serathius/coverage ... Re-enable code coverage upload	2022-01-28 13:54:33 +01:00