diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c587b01..97ffb39 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1dcdcd9..6ce1f87 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3 + uses: github/codeql-action/init@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3 + uses: github/codeql-action/autobuild@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3 + uses: github/codeql-action/analyze@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 768ed3e..a3670ba 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -14,13 +14,13 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: # ensures we fetch tag history for the repository fetch-depth: 0 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index a4d03a3..bb64fd4 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -13,13 +13,13 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: # ensures we fetch tag history for the repository fetch-depth: 0 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index dbff1e4..fcb4440 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -12,10 +12,10 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' @@ -23,7 +23,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@00311c26a97213f93f2fd3a3524d66762e956ae0 # v2 + uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml" @@ -36,10 +36,10 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' @@ -47,7 +47,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@00311c26a97213f93f2fd3a3524d66762e956ae0 # v2 + uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 83f114c..8946a4d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' @@ -28,7 +28,7 @@ jobs: go test -covermode=atomic -coverprofile=coverage.out ./... - name: coverage - uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # v4 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 with: token: ${{ secrets.CODECOV_TOKEN }} file: coverage.out @@ -40,10 +40,10 @@ jobs: steps: - name: checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' @@ -64,13 +64,13 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: # ensures we fetch tag history for the repository fetch-depth: 0 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index c505eee..079cce5 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -13,10 +13,10 @@ jobs: steps: - name: clone - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: # use version from go.mod file go-version-file: 'go.mod' diff --git a/Dockerfile.scp b/Dockerfile.scp index d07100b..0eb3856 100644 --- a/Dockerfile.scp +++ b/Dockerfile.scp @@ -4,7 +4,7 @@ ## docker build --no-cache -t vela-scp:local . ## ############################################################### -FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b +FROM alpine:3.20.2@sha256:0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5 # Build args to be used from the Makefile ARG OPENSSH_VERSION diff --git a/Dockerfile.ssh b/Dockerfile.ssh index db1c53e..28e1828 100644 --- a/Dockerfile.ssh +++ b/Dockerfile.ssh @@ -4,7 +4,7 @@ ## docker build --no-cache -t vela-ssh:local . ## ############################################################### -FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b +FROM alpine:3.20.2@sha256:0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5 # Build args to be used from the Makefile ARG OPENSSH_VERSION diff --git a/Makefile b/Makefile index 32b9635..000d706 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ # the integration tests, and the static build flags for Go. # Note: No space between the equals and the value else issues arise. # renovate: datasource=repology depName=alpine_3_19/openssh versioning=loose -OPENSSH_VERSION=9.6_p1-r0 +OPENSSH_VERSION=9.7_p1-r4 # renovate: datasource=repology depName=alpine_3_19/sshpass versioning=loose SSHPASS_VERSION=1.10-r0 @@ -26,21 +26,18 @@ LD_FLAGS = \ # and prepare the local changes for submission. # # Usage: `make clean` -.PHONY: clean clean: tidy vet fmt fix # The `run` target is intended to build and # execute the Docker image for the plugin. # # Usage: `make run` -.PHONY: run run: build docker-build docker-run # The `tidy` target is intended to clean up # the Go module files (go.mod & go.sum). # # Usage: `make tidy` -.PHONY: tidy tidy: @echo @echo "### Tidying Go module" @@ -50,7 +47,6 @@ tidy: # Go source code for potential issues. # # Usage: `make vet` -.PHONY: vet vet: @echo @echo "### Vetting Go code" @@ -60,7 +56,6 @@ vet: # Go source code to meet the language standards. # # Usage: `make fmt` -.PHONY: fmt fmt: @echo @echo "### Formatting Go Code" @@ -70,7 +65,6 @@ fmt: # Go source code using old APIs. # # Usage: `make fix` -.PHONY: fix fix: @echo @echo "### Fixing Go Code" @@ -80,7 +74,6 @@ fix: # the tests for the Go source code. # # Usage: `make test` -.PHONY: test test: @echo @echo "### Testing Go Code" @@ -91,7 +84,6 @@ test: # open the test coverage report. # # Usage: `make test-cover` -.PHONY: test-cover test-cover: @echo @echo "### Creating test coverage report" @@ -104,7 +96,6 @@ test-cover: # the Go source code into a binary. # # Usage: `make build` -.PHONY: build build: @echo @echo "### Building release/vela-scp binary" @@ -125,7 +116,6 @@ build: # the Go source code into a statically linked binary. # # Usage: `make build-static` -.PHONY: build-static build-static: @echo @echo "### Building static release/vela-scp binary" @@ -147,7 +137,6 @@ build-static: # when used within a CI environment. # # Usage: `make build-static-ci` -.PHONY: build-static-ci build-static-ci: @echo @echo "### Building CI static release/vela-scp binary" @@ -166,7 +155,6 @@ build-static-ci: # dependencies from the Go module that need updates. # # Usage: `make check` -.PHONY: check check: check-install @echo @echo "### Checking dependencies for updates" @@ -176,7 +164,6 @@ check: check-install # dependencies from the Go module that need updates. # # Usage: `make check-direct` -.PHONY: check-direct check-direct: check-install @echo @echo "### Checking direct dependencies for updates" @@ -186,7 +173,6 @@ check-direct: check-install # all dependencies from the Go module. # # Usage: `make check-full` -.PHONY: check-full check-full: check-install @echo @echo "### Checking all dependencies for updates" @@ -196,7 +182,6 @@ check-full: check-install # the tool used to check dependencies from the Go module. # # Usage: `make check-install` -.PHONY: check-install check-install: @echo @echo "### Installing psampaz/go-mod-outdated" @@ -206,7 +191,6 @@ check-install: # non-test dependencies for the Go module. # # Usage: `make bump-deps` -.PHONY: bump-deps bump-deps: check @echo @echo "### Upgrading dependencies" @@ -216,7 +200,6 @@ bump-deps: check # all dependencies for the Go module. # # Usage: `make bump-deps-full` -.PHONY: bump-deps-full bump-deps-full: check @echo @echo "### Upgrading all dependencies" @@ -226,7 +209,6 @@ bump-deps-full: check # the Docker image for the plugin. # # Usage: `make docker-build` -.PHONY: docker-build docker-build: @echo @echo "### Building vela-scp:local image" @@ -238,7 +220,6 @@ docker-build: # for integration testing the plugins work with other systems. # # Usage: `make docker-test` -.PHONY: docker-test docker-test: @test/integration-tests.sh @@ -246,7 +227,6 @@ docker-test: # the Docker image for the scp plugin. # # Usage: `make docker-run-scp` -.PHONY: docker-run-scp docker-run-scp: @echo @echo "### Executing vela-scp:local image" @@ -267,7 +247,6 @@ docker-run-scp: # the Docker image for the ssh plugin. # # Usage: `make docker-run-ssh` -.PHONY: docker-run-ssh docker-run-ssh: @echo @echo "### Executing vela-ssh:local image" diff --git a/go.mod b/go.mod index 7b9a5f3..cb3b191 100644 --- a/go.mod +++ b/go.mod @@ -1,17 +1,17 @@ module github.com/go-vela/vela-openssh -go 1.20 +go 1.23.0 require ( github.com/sirupsen/logrus v1.9.3 github.com/spf13/afero v1.11.0 - github.com/urfave/cli/v2 v2.27.1 + github.com/urfave/cli/v2 v2.27.4 ) require ( - github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect + github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect golang.org/x/sys v0.15.0 // indirect golang.org/x/text v0.14.0 // indirect ) diff --git a/go.sum b/go.sum index 972d0b3..e7cc6f7 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -14,10 +14,10 @@ github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNo github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/urfave/cli/v2 v2.27.1 h1:8xSQ6szndafKVRmfyeUMxkNUJQMjL1F2zmsZ+qHpfho= -github.com/urfave/cli/v2 v2.27.1/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= -github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= -github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= +github.com/urfave/cli/v2 v2.27.4 h1:o1owoI+02Eb+K107p27wEX9Bb8eqIoZCfLXloLUSWJ8= +github.com/urfave/cli/v2 v2.27.4/go.mod h1:m4QzxcD2qpra4z7WhzEGn74WZLViBnMpb1ToCAKdGRQ= +github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4= +github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -26,3 +26,4 @@ golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/test/Dockerfile.ssh-server b/test/Dockerfile.ssh-server index 83bda91..370080a 100644 --- a/test/Dockerfile.ssh-server +++ b/test/Dockerfile.ssh-server @@ -1,9 +1,9 @@ -FROM alpine:3.19.1@sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0 +FROM alpine:3.20.2@sha256:0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5 -# renovate: datasource=repology depName=alpine_3_19/openssh versioning=loose -ENV OPENSSH_VERSION=9.6_p1-r0 -# renovate: datasource=repology depName=alpine_3_19/openssh-sftp-server versioning=loose -ENV OPENSSH_SFTP_SERVER_VERSION=9.6_p1-r0 +# renovate: datasource=repology depName=alpine_3_20_2/openssh versioning=loose +ENV OPENSSH_VERSION=9.7_p1-r4 +# renovate: datasource=repology depName=alpine_3_20_2/openssh-sftp-server versioning=loose +ENV OPENSSH_SFTP_SERVER_VERSION=9.7_p1-r4 RUN apk add openssh=${OPENSSH_VERSION} openssh-sftp-server=${OPENSSH_SFTP_SERVER_VERSION} && \ adduser -D vela -h /home/vela && \ diff --git a/test/integration-tests.sh b/test/integration-tests.sh index 1f443b0..7029ab8 100755 --- a/test/integration-tests.sh +++ b/test/integration-tests.sh @@ -38,7 +38,7 @@ FAILURE_MESSAGES=() setup() { local BINARY=$1 printf "### Building images for %s tests\n" "$BINARY" - if ! docker-compose -f "docker-compose-$BINARY.yml" build; then + if ! docker compose -f "docker-compose-$BINARY.yml" build; then printf "❌ Unable to build integration test %s image" "$BINARY" exit 1 fi @@ -50,7 +50,7 @@ run_tests() { printf "### Testing vela-%s:local image\n" "$BINARY" for TEST_NAME in "$@"; do printf "#### Executing test '%s-%s'\n" "$BINARY" "$TEST_NAME" - if ! docker-compose -f "docker-compose-$BINARY.yml" run --rm "$TEST_NAME"; then + if ! docker compose -f "docker-compose-$BINARY.yml" run --rm "$TEST_NAME"; then FAILURE_MESSAGES+=("❌ Failure testing '$BINARY-$TEST_NAME'") fi done @@ -59,8 +59,8 @@ run_tests() { teardown() { local BINARY=$1 printf "###Cleaning up %s containers\n" "$BINARY" - docker-compose -f "docker-compose-$BINARY.yml" stop -t 1 - docker-compose -f "docker-compose-$BINARY.yml" down + docker compose -f "docker-compose-$BINARY.yml" stop -t 1 + docker compose -f "docker-compose-$BINARY.yml" down } ##############