From 8117836ab134d92451c7339d3dd6c8dc5e0a06bc Mon Sep 17 00:00:00 2001 From: Alex Boten <223565+codeboten@users.noreply.github.com> Date: Thu, 19 Sep 2024 10:01:37 -0700 Subject: [PATCH 1/3] chore: add govulncheck check for validator This addresses one of the items in the checklist for https://github.com/open-telemetry/opentelemetry-configuration/issues/52 Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> --- .github/workflows/validator-tests.yaml | 39 ++++++++++++++------------ .gitignore | 1 + Makefile | 3 ++ validator/Makefile | 26 +++++++++++++++++ validator/internal/tools/go.mod | 13 +++++++++ validator/internal/tools/go.sum | 18 ++++++++++++ validator/internal/tools/tools.go | 11 ++++++++ 7 files changed, 93 insertions(+), 18 deletions(-) create mode 100644 validator/internal/tools/go.mod create mode 100644 validator/internal/tools/go.sum create mode 100644 validator/internal/tools/tools.go diff --git a/.github/workflows/validator-tests.yaml b/.github/workflows/validator-tests.yaml index 21b335c..3be5e9c 100644 --- a/.github/workflows/validator-tests.yaml +++ b/.github/workflows/validator-tests.yaml @@ -2,32 +2,35 @@ name: Validator Tests on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] jobs: check-schema: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 + - name: Checkout + uses: actions/checkout@v4 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '~1.22' + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "~1.22" - # TODO: Publish releases - - name: Build - run: make validator + # TODO: Publish releases + - name: Build + run: make validator - - name: Test - run: | - cd validator - go test . + - name: Test + run: | + cd validator + go test . - - name: Run ShellTests - run: | - make validator-run-shelltests + - name: Run ShellTests + run: | + make validator-run-shelltests + - name: Run govulncheck + run: | + make -C validator govulncheck diff --git a/.gitignore b/.gitignore index 72bb05d..896a75b 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,4 @@ out # validator binary otel_config_validator validator/schema +validator/.tools diff --git a/Makefile b/Makefile index 2f6c4a4..4a1c885 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,6 @@ +# Copyright The OpenTelemetry Authors +# SPDX-License-Identifier: Apache-2.0 + SCHEMA_FILES := $(shell find . -path './schema/*.json' -exec basename {} \; | sort) EXAMPLE_FILES := $(shell find . -path './examples/*.yaml' -exec basename {} \; | sort) $(shell mkdir -p out) diff --git a/validator/Makefile b/validator/Makefile index 23f8ec9..052364e 100644 --- a/validator/Makefile +++ b/validator/Makefile @@ -1,3 +1,6 @@ +# Copyright The OpenTelemetry Authors +# SPDX-License-Identifier: Apache-2.0 + ROOT_DIR :=$(realpath $(shell dirname $(lastword $(MAKEFILE_LIST)))) PARENT_DIR :=$(realpath ${ROOT_DIR}/../) SCHEMA_DIR :=${ROOT_DIR}/../schema @@ -8,6 +11,25 @@ DOCKER_SHELLTEST_BUILD_ARGS :=-f ${ROOT_DIR}/Dockerfile --target shelltest -t sh EXAMPLE_FILES := $(shell find ${ROOT_DIR}/../examples -name "*.yaml" -exec basename {} \; | sort) $(shell mkdir -p out) +GO = go + +TOOLS = $(CURDIR)/.tools + +TOOLS_MOD_DIR := ./internal/tools + +$(TOOLS): + @mkdir -p $@ + +$(TOOLS)/%: $(TOOLS_MOD_DIR)/go.mod | $(TOOLS) + cd $(TOOLS_MOD_DIR) && \ + $(GO) build -o $@ $(PACKAGE) + +GOVULNCHECK = $(TOOLS)/govulncheck +$(TOOLS)/govulncheck: PACKAGE=golang.org/x/vuln/cmd/govulncheck + +.PHONY: tools +tools: $(GOVULNCHECK) + validator-copy-schema: cp -R ${SCHEMA_DIR} ${ROOT_DIR}/ @@ -29,4 +51,8 @@ validator-build-shelltest-image: validator-run-shelltests: validator-build-shelltest-image docker run -v ${PARENT_DIR}:/root shelltest:${CURRENT_GIT_REF} -- --plain /root/validator/shelltests +.PHONY: govulncheck +govulncheck: $(OTEL_GO_MOD_DIRS:%=govulncheck/%) + $(GOVULNCHECK) ./... + .PHONY: validator-validate-examples validator-copy-schema validator validator-docker-image diff --git a/validator/internal/tools/go.mod b/validator/internal/tools/go.mod new file mode 100644 index 0000000..82b3033 --- /dev/null +++ b/validator/internal/tools/go.mod @@ -0,0 +1,13 @@ +module otel_config_validator/internal/tools + +go 1.22.7 + +require golang.org/x/vuln v1.1.3 + +require ( + golang.org/x/mod v0.19.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7 // indirect + golang.org/x/tools v0.23.0 // indirect +) diff --git a/validator/internal/tools/go.sum b/validator/internal/tools/go.sum new file mode 100644 index 0000000..3446906 --- /dev/null +++ b/validator/internal/tools/go.sum @@ -0,0 +1,18 @@ +github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU= +github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7 h1:FemxDzfMUcK2f3YY4H+05K9CDzbSVr2+q/JKN45pey0= +golang.org/x/telemetry v0.0.0-20240522233618-39ace7a40ae7/go.mod h1:pRgIJT+bRLFKnoM1ldnzKoxTIn14Yxz928LQRYYgIN0= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= +golang.org/x/vuln v1.1.3 h1:NPGnvPOTgnjBc9HTaUx+nj+EaUYxl5SJOWqaDYGaFYw= +golang.org/x/vuln v1.1.3/go.mod h1:7Le6Fadm5FOqE9C926BCD0g12NWyhg7cxV4BwcPFuNY= diff --git a/validator/internal/tools/tools.go b/validator/internal/tools/tools.go new file mode 100644 index 0000000..9779303 --- /dev/null +++ b/validator/internal/tools/tools.go @@ -0,0 +1,11 @@ +// Copyright The OpenTelemetry Authors +// SPDX-License-Identifier: Apache-2.0 + +//go:build tools +// +build tools + +package tools // import "otel_config_validator/internal/tools" + +import ( + _ "golang.org/x/vuln/cmd/govulncheck" +) From 9b32cd5e6fc76c6fd32db9c9cdca6c3f7c0cded0 Mon Sep 17 00:00:00 2001 From: Alex Boten <223565+codeboten@users.noreply.github.com> Date: Thu, 19 Sep 2024 15:56:58 -0700 Subject: [PATCH 2/3] ensure tools are installed Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> --- validator/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/validator/Makefile b/validator/Makefile index 052364e..9af541c 100644 --- a/validator/Makefile +++ b/validator/Makefile @@ -52,7 +52,7 @@ validator-run-shelltests: validator-build-shelltest-image docker run -v ${PARENT_DIR}:/root shelltest:${CURRENT_GIT_REF} -- --plain /root/validator/shelltests .PHONY: govulncheck -govulncheck: $(OTEL_GO_MOD_DIRS:%=govulncheck/%) +govulncheck: $(TOOLS)/govulncheck $(GOVULNCHECK) ./... .PHONY: validator-validate-examples validator-copy-schema validator validator-docker-image From 2967295f20e992bd025c8c9949f366cd95ea446c Mon Sep 17 00:00:00 2001 From: Alex Boten <223565+codeboten@users.noreply.github.com> Date: Wed, 25 Sep 2024 07:12:08 -0700 Subject: [PATCH 3/3] update order Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> --- .github/workflows/validator-tests.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validator-tests.yaml b/.github/workflows/validator-tests.yaml index 3be5e9c..687e013 100644 --- a/.github/workflows/validator-tests.yaml +++ b/.github/workflows/validator-tests.yaml @@ -18,6 +18,10 @@ jobs: with: go-version: "~1.22" + - name: Run govulncheck + run: | + make -C validator govulncheck + # TODO: Publish releases - name: Build run: make validator @@ -30,7 +34,3 @@ jobs: - name: Run ShellTests run: | make validator-run-shelltests - - - name: Run govulncheck - run: | - make -C validator govulncheck