diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 13eb96af8..9170f8a35 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,3 +1,4 @@ +--- version: 2 updates: - package-ecosystem: gomod diff --git a/.github/issue_labeler.yml b/.github/issue_labeler.yml index 0821bc8fe..0b5782354 100644 --- a/.github/issue_labeler.yml +++ b/.github/issue_labeler.yml @@ -1,2 +1,4 @@ +--- needs_triage: - '.*' +... diff --git a/.github/workflows/build_binary_from_ref.yml b/.github/workflows/build_binary_from_ref.yml index f31aff5f2..8761c5524 100644 --- a/.github/workflows/build_binary_from_ref.yml +++ b/.github/workflows/build_binary_from_ref.yml @@ -1,5 +1,6 @@ +--- name: "Build binary from arbitratry repo / ref" -on: +on: # yamllint disable-line rule:truthy workflow_dispatch: inputs: repository: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fe0553eb3..faa9efd0a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,3 +1,4 @@ +--- # For most projects, this workflow file will not need changing; you simply need # to commit it to your repository. # @@ -11,12 +12,12 @@ # name: "CodeQL" -on: +on: # yamllint disable-line rule:truthy push: - branches: [ "devel", release_* ] + branches: ["devel", release_*] pull_request: # The branches below must be a subset of the branches above - branches: [ "devel" ] + branches: ["devel"] schedule: - cron: '18 2 * * 5' @@ -32,41 +33,41 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'go', 'python' ] + language: ['go', 'python'] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - - name: Checkout repository - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh + # Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/coverage_reporting.yml b/.github/workflows/coverage_reporting.yml index 7fdb3aef7..085ba516b 100644 --- a/.github/workflows/coverage_reporting.yml +++ b/.github/workflows/coverage_reporting.yml @@ -6,6 +6,9 @@ on: # yamllint disable-line rule:truthy push: branches: [devel] +env: + DESIRED_GO_VERSION: '1.20' + jobs: go_test_coverage: name: go test coverage @@ -21,14 +24,14 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: - go-version: "1.20" + go-version: ${{ env.DESIRED_GO_VERSION }} - uses: actions/cache@v4 with: + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} path: | ~/.cache/go-build ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- diff --git a/.github/workflows/devel_image.yml b/.github/workflows/devel_image.yml index 5701cfc6a..67ef3fa86 100644 --- a/.github/workflows/devel_image.yml +++ b/.github/workflows/devel_image.yml @@ -2,7 +2,7 @@ name: Publish devel image -on: +on: # yamllint disable-line rule:truthy push: branches: [devel] diff --git a/.github/workflows/devel_whl.yml b/.github/workflows/devel_whl.yml index e45b0fa0f..3c525ab7f 100644 --- a/.github/workflows/devel_whl.yml +++ b/.github/workflows/devel_whl.yml @@ -2,7 +2,7 @@ name: Publish nightly wheel -on: +on: # yamllint disable-line rule:truthy push: branches: [devel] diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index c0b5c91c2..6af6ca135 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -1,6 +1,6 @@ --- name: Promote Release -on: +on: # yamllint disable-line rule:truthy release: types: [published] diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 0f3961c75..4c8d714d7 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -79,17 +79,17 @@ jobs: if: ${{ failure() }} run: find /tmp/receptor-testing -name controlsock -delete - - name: Artifact receptor data + - name: Artifact receptor data for ${{ matrix.go-version }} uses: actions/upload-artifact@v4 if: ${{ failure() }} with: - name: test-logs + name: test-logs-${{ matrix.go-version }} path: /tmp/receptor-testing - - name: Archive receptor binary + - name: Archive receptor binary for ${{ matrix.go-version }} uses: actions/upload-artifact@v4 with: - name: receptor + name: receptor-${{ matrix.go-version }} path: /usr/local/bin/receptor receptorctl: @@ -112,6 +112,7 @@ jobs: python-version: ${{ matrix.python-version }} session: tests-${{ matrix.python-version }} download-receptor: true + go-version: '1.20' lint-receptorctl: name: Lint receptorctl${{ '' }} # Nest jobs under the same sidebar category @@ -189,7 +190,7 @@ jobs: - name: Download the `receptor` binary uses: actions/download-artifact@v4 with: - name: receptor + name: receptor-${{ env.DESIRED_GO_VERSION }} path: /usr/local/bin/ - name: Set executable bit on the `receptor` binary diff --git a/.github/workflows/reusable-nox.yml b/.github/workflows/reusable-nox.yml index 82f2b8e88..7da3517a1 100644 --- a/.github/workflows/reusable-nox.yml +++ b/.github/workflows/reusable-nox.yml @@ -1,7 +1,7 @@ --- name: Receptorctl nox sessions -on: +on: # yamllint disable-line rule:truthy workflow_call: inputs: python-version: @@ -17,7 +17,10 @@ on: description: Whether to perform go binary download. required: false default: false - + go-version: + type: string + description: The Go version to use. + required: false env: FORCE_COLOR: 1 NOXSESSION: ${{ inputs.session }} @@ -30,32 +33,32 @@ jobs: Run `receptorctl` ${{ inputs.session }} session steps: - - name: Download the `receptor` binary - if: fromJSON(inputs.download-receptor) - uses: actions/download-artifact@v4 - with: - name: receptor - path: /usr/local/bin/ - - - name: Set executable bit on the `receptor` binary - if: fromJSON(inputs.download-receptor) - run: sudo chmod a+x /usr/local/bin/receptor - - - name: Set up nox - uses: wntrblm/nox@2024.04.15 - with: - python-versions: ${{ inputs.python-version }} - - - name: Check out the source code from Git - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Needed for the automation in Nox to find the last tag - sparse-checkout: receptorctl - - - name: Provision nox environment for ${{ env.NOXSESSION }} - run: nox --install-only - working-directory: ./receptorctl - - - name: Run `receptorctl` nox ${{ env.NOXSESSION }} session - run: nox --no-install - working-directory: ./receptorctl + - name: Download the `receptor` binary + if: fromJSON(inputs.download-receptor) + uses: actions/download-artifact@v4 + with: + name: receptor-${{ inputs.go-version }} + path: /usr/local/bin/ + + - name: Set executable bit on the `receptor` binary + if: fromJSON(inputs.download-receptor) + run: sudo chmod a+x /usr/local/bin/receptor + + - name: Set up nox + uses: wntrblm/nox@2024.04.15 + with: + python-versions: ${{ inputs.python-version }} + + - name: Check out the source code from Git + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Needed for the automation in Nox to find the last tag + sparse-checkout: receptorctl + + - name: Provision nox environment for ${{ env.NOXSESSION }} + run: nox --install-only + working-directory: ./receptorctl + + - name: Run `receptorctl` nox ${{ env.NOXSESSION }} session + run: nox --no-install + working-directory: ./receptorctl diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml index 6b734f9a5..18dbbc114 100644 --- a/.github/workflows/stage.yml +++ b/.github/workflows/stage.yml @@ -1,6 +1,6 @@ --- name: Stage Release -on: +on: # yamllint disable-line rule:truthy workflow_dispatch: inputs: version: @@ -58,13 +58,13 @@ jobs: - name: Install dependencies run: | python3 -m pip install build - + # setup qemu and buildx - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3 - name: Log in to registry run: | diff --git a/.github/workflows/triage_new.yml b/.github/workflows/triage_new.yml index de0f171a4..ed3ac64bd 100644 --- a/.github/workflows/triage_new.yml +++ b/.github/workflows/triage_new.yml @@ -1,6 +1,7 @@ +--- name: Triage -on: +on: # yamllint disable-line rule:truthy issues: types: - opened