dependabot[bot]
dd6fa9fd10
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017support@github.com >
2023-03-20 18:06:19 +00:00
dependabot[bot]
97a080ba1e
build(deps): bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90basupport@github.com >
2023-03-13 18:05:12 +00:00
James Blair
5b3497555f
Updated go to 1.19.7.
...
Mitigates CVE-2023-24532.
Signed-off-by: James Blair <mail@jamesblair.net >
2023-03-08 21:39:31 +13:00
Marek Siarkowicz
d475cf81a0
tests: Rename linearizability tests to robustness
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-02-26 14:36:18 +01:00
dependabot[bot]
0c52e5e133
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307support@github.com >
2023-02-24 23:21:07 +00:00
James Blair
2d2fbcc30e
Ensure we are using an up to date govulncheck.
...
Signed-off-by: James Blair <mail@jamesblair.net >
2023-02-25 11:25:33 +13:00
James Blair
ee6781bf6f
Bump to go 1.19.6
...
go 1.19.6 (released 2023-02-14) includes important security and bug fixes.
Signed-off-by: James Blair <mail@jamesblair.net >
2023-02-16 17:12:59 +08:00
Marek Siarkowicz
116a3150c0
Merge pull request #15282 from serathius/linearizability-report-watch
...
test: Report watch histories
2023-02-15 16:00:10 +01:00
Marek Siarkowicz
d99b1dbdaf
tests: Move results reporting to top and add reporting watch histories
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-02-15 13:02:42 +01:00
Davanum Srinivas
597bac7b51
Do not run arm64 jobs on forks
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com >
2023-02-14 08:20:06 -05:00
dependabot[bot]
50532c9fb5
build(deps): bump github/codeql-action from 2.2.1 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...17573ee1ccsupport@github.com >
2023-02-13 20:35:03 +08:00
Marek Siarkowicz
5f68ecc1ef
tests: Remove functional testing as they were replaced by linearizability tests
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-02-11 13:20:44 +01:00
Kevin Zhao
4d715c0c44
Add integration test for Arm64
...
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org >
2023-02-03 18:20:30 +08:00
Kevin Zhao
009a6c0b94
Add E2E tests on arm64
...
Now it is daily nightly build at 1 am.
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org >
2023-02-02 10:38:04 +08:00
dependabot[bot]
d0a481be84
build(deps): bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a34ca99b46...3ebbd71c74support@github.com >
2023-01-31 05:28:21 +08:00
Marek Siarkowicz
187d2748a4
Merge pull request #15172 from dims/add-functional-tests-on-arm64
...
Add functional tests on arm64
2023-01-24 19:09:38 +01:00
Davanum Srinivas
0575166651
Run on a schedule instead of every PR
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com >
2023-01-24 13:06:42 -05:00
dependabot[bot]
54bd81815d
build(deps): bump golangci/golangci-lint-action from 3.3.1 to 3.4.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](0ad9a0988b...08e2f20817support@github.com >
2023-01-24 08:10:43 +08:00
Davanum Srinivas
5f94975860
Add functional tests on arm64
...
Signed-off-by: Davanum Srinivas <davanum@gmail.com >
2023-01-23 16:10:24 -05:00
dependabot[bot]
ee566c492b
build(deps): bump github/codeql-action from 2.1.38 to 2.1.39
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...a34ca99b46support@github.com >
2023-01-20 18:35:49 +08:00
Marek Siarkowicz
1a315097de
tests: Set artifact name based to avoid file override from different subruns
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-01-20 09:51:41 +01:00
Marek Siarkowicz
a581062c7a
tests: Fix linearizability nightly
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-01-20 09:13:51 +01:00
Marek Siarkowicz
a0d12d316d
tests: Add reproduce #13766 scenario
...
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-01-17 14:34:19 +01:00
Marek Siarkowicz
0c483830d9
tests: Fix linearizability nightly variable name
2023-01-17 10:40:05 +01:00
Benjamin Wang
1659f8980f
dependency: bump github/codeql-action from 2.1.37 to 2.1.38
...
Signed-off-by: Benjamin Wang <wachao@vmware.com >
2023-01-17 06:46:31 +08:00
Thomas Jungblut
ab3c530b92
add linearizability nightlies for release 3.4/3.5
...
This CL refactors the tests to reuse a single workflow that has
parameters. This is then reused for PRs/pushes and the nightlies.
Signed-off-by: Thomas Jungblut <tjungblu@redhat.com >
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-01-16 11:00:16 +01:00
Marek Siarkowicz
5b8d19c7b3
tests: Reduce number of runs in nightly action
...
Single run takes up to 30s. Let's reduce number of runs to reduce chance
of timeout.
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com >
2023-01-14 09:29:12 +01:00
yanggang
ebf1e3bb1a
Bump go to 1.19.5
...
Signed-off-by: yanggang <gang.yang@daocloud.io >
2023-01-11 14:42:31 +08:00
Benjamin Wang
c9a9968d40
Merge pull request #15074 from etcd-io/dependabot/github_actions/actions/upload-artifact-3.1.2
...
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
2023-01-10 09:08:02 +08:00
dependabot[bot]
9f93448500
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561support@github.com >
2023-01-09 17:12:51 +00:00
dependabot[bot]
ad315b38fa
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15support@github.com >
2023-01-09 17:12:44 +00:00
Benjamin Wang
a60db1192d
Added 'secrets.GITHUB_TOKEN' for the static-analysis workflow
...
Refer to: https://github.com/arduino/setup-protoc/issues/63
Signed-off-by: Benjamin Wang <wachao@vmware.com >
2022-12-28 15:43:44 +08:00
dependabot[bot]
0fcd828de9
build(deps): bump ossf/scorecard-action from 2.1.0 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](937ffa90d7...e38b1902aesupport@github.com >
2022-12-26 17:18:42 +00:00
dependabot[bot]
429f66e12a
build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...937ffa90d7support@github.com >
2022-12-20 09:28:23 +08:00
dependabot[bot]
ef02c159f2
build(deps): bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.36...959cbb7472c4d4ad70cdfe6f4976053fe48ab394 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-19 17:09:20 +00:00
ArkaSaha30
2d47811407
Move trivy scan workflow of specific versions to respective branches
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com >
2022-12-16 10:43:55 +05:30
dependabot[bot]
a59276c171
build(deps): bump actions/setup-go from 2.2.0 to 3.5.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce...6edd4406fasupport@github.com >
2022-12-14 08:59:29 +08:00
Benjamin Wang
cb5b7c2ec7
Merge pull request #14928 from ArkaSaha30/trivy-nightly-scan
...
etcd: add `trivy-nightly-scan` for etcd images
2022-12-14 08:52:44 +08:00
ArkaSaha30
f4d3fa91db
Add permissions: read-all to the workflow
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com >
2022-12-13 12:42:51 +05:30
Benjamin Wang
e103e2c18c
Merge pull request #14946 from etcd-io/dependabot/github_actions/actions/checkout-3.2.0
...
build(deps): bump actions/checkout from 2.5.0 to 3.2.0
2022-12-13 14:29:41 +08:00
Benjamin Wang
9cb4c817f3
Merge pull request #14940 from etcd-io/dependabot/github_actions/actions/upload-artifact-3.1.1
...
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.1
2022-12-13 14:28:12 +08:00
ArkaSaha30
941fe6b877
Add newline at end of file
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com >
2022-12-13 11:34:57 +05:30
dependabot[bot]
ffd26d6a0a
build(deps): bump actions/checkout from 2.5.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.5.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.5.0...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-13 03:36:57 +00:00
dependabot[bot]
7a55adcfd1
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2.3.1...83fd05a356d7e2593de66fc9913b3002723633cb )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-13 03:36:52 +00:00
dependabot[bot]
0fabbebeaa
build(deps): bump golangci/golangci-lint-action from 3.3.0 to 3.3.1
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](07db5389c9...0ad9a0988bsupport@github.com >
2022-12-13 03:36:49 +00:00
Benjamin Wang
ee9db729da
Merge pull request #14860 from ahrtr/fix_release_20221126
...
Trigger release in current branch for github workflow case
2022-12-12 17:46:19 +08:00
Benjamin Wang
bf5c094f3c
secure the github workflow
...
https://app.stepsecurity.io/secureworkflow/etcd-io/etcd/tests.yaml/main?enable=pin
1. Copy the existing yaml file and paste into the textbox,
2. Click "SECURE WORKFLOW"
3. Copy the manifest from the textbox and paste into etcd repo.
Signed-off-by: Benjamin Wang <wachao@vmware.com >
2022-12-12 16:23:13 +08:00
ArkaSaha30
e30ced0d2f
etcd: add trivy-nightly-scan for etcd images
...
This PR will add `trivy-nightly-scan` for etcd images with versions `3.4.22` and `3.5.6` to scan for vulnerabilities everyday at 2AM UTC.
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com >
2022-12-12 12:33:13 +05:30
Benjamin Wang
5d78d6d4b1
release: support kick off release in current branch
...
Currently when triggering release, it always pull remote repo and
checkout main branch. Any changes which are merged into the target
release branch (e.g. release-3.5) will be ignored. It isn't
convenient for test, including in github workflow and local environment.
So we need to support triggering release in current branch.
Note: --current-branch should only be called with DRY_RUN=true
Signed-off-by: Benjamin Wang <wachao@vmware.com >
2022-12-12 09:35:03 +08:00
Benjamin Wang
808099dc24
Pin govulncheck to v0.0.0-20221208180742-f2dca5ff4cc3
...
go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...
shell: /usr/bin/bash -e {0}
env:
GOROOT: /opt/hostedtoolcache/go/1.19.4/x64
go: golang.org/x/vuln/cmd/govulncheck@latest: no matching versions for query "latest"
Signed-off-by: Benjamin Wang <wachao@vmware.com >
2022-12-09 18:23:53 +08:00
