Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update libs dependency #2764

Closed
wants to merge 1 commit into from
Closed

Update libs dependency #2764

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/ISSUE_TEMPLATE/bug_report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ assignees: ""
<!--- Please change the versions below along with your environment -->

- Vald Version: v1.7.14
- Go Version: v1.23.3
- Rust Version: v1.82.0
- Go Version: v1.23.4
- Rust Version: v1.83.0
- Docker Version: v27.3.1
- Kubernetes Version: v1.31.2
- Helm Version: v3.16.2
- Kubernetes Version: v1.31.3
- Helm Version: v3.16.3
- NGT Version: v2.3.4
- Faiss Version: v1.9.0
8 changes: 4 additions & 4 deletions .github/ISSUE_TEMPLATE/security_issue_report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,10 @@ assignees: ""
<!--- Please change the versions below along with your environment -->

- Vald Version: v1.7.14
- Go Version: v1.23.3
- Rust Version: v1.82.0
- Go Version: v1.23.4
- Rust Version: v1.83.0
- Docker Version: v27.3.1
- Kubernetes Version: v1.31.2
- Helm Version: v3.16.2
- Kubernetes Version: v1.31.3
- Helm Version: v3.16.3
- NGT Version: v2.3.4
- Faiss Version: v1.9.0
8 changes: 4 additions & 4 deletions .github/PULL_REQUEST_TEMPLATE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@

<!--- Please change the versions below along with your environment -->
- Vald Version: v1.7.14
- Go Version: v1.23.3
- Rust Version: v1.82.0
- Go Version: v1.23.4
- Rust Version: v1.83.0
- Docker Version: v27.3.1
- Kubernetes Version: v1.31.2
- Helm Version: v3.16.2
- Kubernetes Version: v1.31.3
- Helm Version: v3.16.3
- NGT Version: v2.3.4
- Faiss Version: v1.9.0

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/coverage.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ jobs:
run: |
make coverage
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v4
uses: codecov/codecov-action@v5
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Update required: Codecov Action v5 configuration needs changes

The workflow needs to be updated to align with v5's breaking changes:

  • The file parameter is deprecated in favor of files
  • Current workflow uses the deprecated file parameter

Required changes:

  • Replace file: ./coverage.out with files: ./coverage.out
🔗 Analysis chain

Verify Codecov Action v5 compatibility

The update from v4 to v5 aligns with the PR objective of updating dependencies. However, as this is a major version bump, please ensure compatibility.

Let's verify the Codecov Action v5 requirements and changes:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check Codecov Action v5 release notes and requirements

# Get the latest release information
gh api \
  -H "Accept: application/vnd.github+json" \
  repos/codecov/codecov-action/releases | \
  jq -r '.[] | select(.tag_name == "v5.0.7") | .body'

# Check if the workflow uses any deprecated inputs
rg -l 'codecov/codecov-action@v[0-9]' | \
  xargs rg 'uses: codecov/codecov-action@v[0-9]' -A 5 -B 5

Length of output: 556

Script:

#!/bin/bash
# Let's check the changelog between v4 and v5 by getting the v5.0.0 release notes
gh api \
  -H "Accept: application/vnd.github+json" \
  repos/codecov/codecov-action/releases | \
  jq -r '.[] | select(.tag_name == "v5.0.0") | .body'

# Let's also check our current workflow configuration
cat .github/workflows/coverage.yaml

Length of output: 8069

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Update Required: Breaking Changes in Codecov Action v5

The upgrade to codecov-action@v5 requires modifications to the workflow file due to breaking changes:

  • The file parameter in .github/workflows/coverage.yaml needs to be updated to files
  • Several known issues are currently open with v5, including problems with PR comments and tokenless uploads

Recommend either:

  1. Stay on v4 until the reported issues are resolved, or
  2. Update the workflow file to use the new parameter name:
with:
  files: ./coverage.out  # Changed from 'file' to 'files'
🔗 Analysis chain

LGTM! Verify Codecov action compatibility.

The upgrade to codecov-action@v5 is a good practice for staying current. However, as this is a major version bump, let's verify the compatibility.

⚠️ Caution: Breaking Changes in Codecov Action v5

Based on the release notes, v5 introduces several breaking changes that require attention:

  1. The file parameter is deprecated in favor of files
  2. The plugin parameter is deprecated in favor of plugins
  3. Token handling for public repositories has changed with a new opt-out feature

Additionally, there are active issues reported with v5:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify codecov-action v5 compatibility and check for breaking changes

# Check the changelog and release notes for v5
gh api repos/codecov/codecov-action/releases/tags/v5.0.0 --jq '.body'

# Check if there are any open issues related to v5 migration
gh api search/issues -X GET -f q='repo:codecov/codecov-action is:issue is:open label:bug v5'

Length of output: 36411

Script:

#!/bin/bash
# Check current usage of deprecated parameters
rg -l "file:|plugin:" .github/workflows/

Length of output: 112

Script:

#!/bin/bash
# Check the specific usage of deprecated parameters in the workflow files
rg -A 5 "file:|plugin:" .github/workflows/coverage.yaml .github/workflows/codeql-analysis.yml

Length of output: 971

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider pinning the action to a specific SHA

For security reasons, it's recommended to pin GitHub Actions to specific commit SHAs instead of using major version tags.

-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@e0b68c0bf36cfa71c264a216c38a96ce5d89165f  # v5.0.7
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
uses: codecov/codecov-action@v5
uses: codecov/codecov-action@e0b68c0bf36cfa71c264a216c38a96ce5d89165f # v5.0.7

💡 Codebase verification

Action required: Update deprecated parameters in Codecov Action v5

The workflow is using the deprecated file parameter which needs to be updated to files as per v5 breaking changes. Here are the required changes:

  • Replace file: ./coverage.out with files: ./coverage.out
  • Consider pinning to a specific SHA for security: codecov/[email protected]

Additional notes:

  • The workflow is using a token which is good practice even with the new tokenless feature
  • No other deprecated parameters are in use
🔗 Analysis chain

Verify compatibility with Codecov Action v5

The update from v4 to v5 of codecov/codecov-action is a major version change that might include breaking changes.

Update workflow to handle breaking changes in Codecov Action v5

The update to v5 introduces several breaking changes that need to be addressed:

  • The file parameter has been deprecated in favor of files
  • The plugin parameter has been deprecated in favor of plugins
  • New tokenless upload feature for public repositories is now available

Let's verify the current usage:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for breaking changes between v4 and v5 of codecov/codecov-action

# Get the changelog or release notes for v5
gh api repos/codecov/codecov-action/releases | jq '.[] | select(.tag_name | startswith("v5.")) | {tag_name, body}'

# Check current usage in other workflow files
rg -l "codecov/codecov-action@" .github/workflows/

Length of output: 14443

Script:

#!/bin/bash
# Check current parameters used with codecov action
cat .github/workflows/coverage.yaml

Length of output: 2147

with:
token: ${{secrets.CODECOV_TOKEN}}
file: ./coverage.out
Expand Down
2 changes: 1 addition & 1 deletion apis/grpc/v1/agent/core/agent.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/agent/sidecar/sidecar.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/agent/sidecar/sidecar_vtproto.pb.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ const _ = grpc.SupportPackageIsVersion7
// SidecarClient is the client API for Sidecar service.
//
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
type SidecarClient any
type SidecarClient interface{}

type sidecarClient struct {
cc grpc.ClientConnInterface
Expand Down
2 changes: 1 addition & 1 deletion apis/grpc/v1/discoverer/discoverer.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/filter/egress/egress_filter.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/filter/ingress/ingress_filter.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/meta/meta.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/mirror/mirror.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/payload/payload.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/rpc/errdetails/error_details.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/filter.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/flush.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/index.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/insert.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/object.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/remove.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/search.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/update.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion apis/grpc/v1/vald/upsert.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2,104 changes: 1,064 additions & 1,040 deletions charts/vald/README.md
View file
Open in desktop

Large diffs are not rendered by default.

3 changes: 1 addition & 2 deletions dockers/agent/core/agent/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -94,4 +93,4 @@ LABEL maintainer="vdaas.org vald team <[email protected]>"
COPY --from=builder /usr/bin/agent /usr/bin/agent
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/agent"]
ENTRYPOINT ["/usr/bin/agent"]
3 changes: 1 addition & 2 deletions dockers/agent/core/faiss/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -96,4 +95,4 @@ COPY --from=builder /usr/bin/faiss /usr/bin/faiss
COPY cmd/agent/core/faiss/sample.yaml /etc/server/config.yaml
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/faiss"]
ENTRYPOINT ["/usr/bin/faiss"]
3 changes: 1 addition & 2 deletions dockers/agent/core/ngt/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -95,4 +94,4 @@ COPY --from=builder /usr/bin/ngt /usr/bin/ngt
COPY cmd/agent/core/ngt/sample.yaml /etc/server/config.yaml
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/ngt"]
ENTRYPOINT ["/usr/bin/ngt"]
3 changes: 1 addition & 2 deletions dockers/agent/sidecar/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -85,4 +84,4 @@ LABEL maintainer="vdaas.org vald team <[email protected]>"
COPY --from=builder /usr/bin/sidecar /usr/bin/sidecar
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/sidecar"]
ENTRYPOINT ["/usr/bin/sidecar"]
3 changes: 1 addition & 2 deletions dockers/binfmt/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand All @@ -17,4 +16,4 @@
#

# DO_NOT_EDIT this Dockerfile is generated by https://github.com/vdaas/vald/blob/main/hack/docker/gen/main.go
FROM tonistiigi/binfmt:master AS builder
FROM tonistiigi/binfmt:master AS builder
3 changes: 1 addition & 2 deletions dockers/buildbase/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand All @@ -17,4 +16,4 @@
#

# DO_NOT_EDIT this Dockerfile is generated by https://github.com/vdaas/vald/blob/main/hack/docker/gen/main.go
FROM ubuntu:devel AS builder
FROM ubuntu:devel AS builder
3 changes: 1 addition & 2 deletions dockers/buildkit/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand All @@ -17,4 +16,4 @@
#

# DO_NOT_EDIT this Dockerfile is generated by https://github.com/vdaas/vald/blob/main/hack/docker/gen/main.go
FROM moby/buildkit:master AS builder
FROM moby/buildkit:master AS builder
3 changes: 1 addition & 2 deletions dockers/buildkit/syft/scanner/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand All @@ -17,4 +16,4 @@
#

# DO_NOT_EDIT this Dockerfile is generated by https://github.com/vdaas/vald/blob/main/hack/docker/gen/main.go
FROM docker/buildkit-syft-scanner:edge AS scanner
FROM docker/buildkit-syft-scanner:edge AS scanner
3 changes: 1 addition & 2 deletions dockers/ci/base/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -128,4 +127,4 @@ RUN --mount=type=bind,target=.,rw \
&& rm -rf ${GOPATH}/src/github.com/${ORG}/${REPO}/*
# skipcq: DOK-DL3002
USER root:root
ENTRYPOINT ["/bin/bash"]
ENTRYPOINT ["/bin/bash"]
3 changes: 1 addition & 2 deletions dockers/dev/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -141,4 +140,4 @@ RUN --mount=type=bind,target=.,rw \
&& make faiss/install \
&& rm -rf ${GOPATH}/src/github.com/${ORG}/${REPO}/*
# skipcq: DOK-DL3002
USER root:root
USER root:root
3 changes: 1 addition & 2 deletions dockers/discoverer/k8s/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -86,4 +85,4 @@ COPY --from=builder /usr/bin/discoverer /usr/bin/discoverer
COPY cmd/discoverer/k8s/sample.yaml /etc/server/config.yaml
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/discoverer"]
ENTRYPOINT ["/usr/bin/discoverer"]
3 changes: 1 addition & 2 deletions dockers/example/client/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -93,4 +92,4 @@ LABEL maintainer="vdaas.org vald team <[email protected]>"
COPY --from=builder /usr/bin/client /usr/bin/client
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/client"]
ENTRYPOINT ["/usr/bin/client"]
3 changes: 1 addition & 2 deletions dockers/gateway/filter/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# syntax = docker/dockerfile:latest
# check=error=true
#
# Copyright (C) 2019-2024 vdaas.org vald team <[email protected]>
#
Expand Down Expand Up @@ -86,4 +85,4 @@ COPY --from=builder /usr/bin/filter /usr/bin/filter
COPY cmd/gateway/filter/sample.yaml /etc/server/config.yaml
# skipcq: DOK-DL3002
USER nonroot:nonroot
ENTRYPOINT ["/usr/bin/filter"]
ENTRYPOINT ["/usr/bin/filter"]
Loading
Loading