From fea5cd2b98318f7bc07c601a8c0349d7e9f074d4 Mon Sep 17 00:00:00 2001 From: Chun-Hung Tseng Date: Wed, 15 May 2024 22:15:52 +0200 Subject: [PATCH 1/2] Add Go Vulnerability Checker Signed-off-by: Chun-Hung Tseng --- .github/workflows/govuln.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/govuln.yaml diff --git a/.github/workflows/govuln.yaml b/.github/workflows/govuln.yaml new file mode 100644 index 0000000..43b67c0 --- /dev/null +++ b/.github/workflows/govuln.yaml @@ -0,0 +1,19 @@ +--- +name: Go Vulnerability Checker +on: [push, pull_request] +permissions: read-all +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - id: goversion + run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT" + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + with: + go-version: ${{ steps.goversion.outputs.goversion }} + - run: date + - run: | + set -euo pipefail + + go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./... \ No newline at end of file From 9fa5ca8c95077657d51a436935964ff286116dee Mon Sep 17 00:00:00 2001 From: Chun-Hung Tseng Date: Wed, 15 May 2024 22:16:55 +0200 Subject: [PATCH 2/2] Bump go from 1.21.8 to 1.21.10 Introduce .go-version to align with other etcd-io repo Signed-off-by: Chun-Hung Tseng --- .github/workflows/golangci-lint.yml | 7 +++++-- .github/workflows/govuln.yaml | 2 +- .github/workflows/tests.yml | 6 ++++-- .go-version | 1 + go.mod | 2 ++ 5 files changed, 13 insertions(+), 5 deletions(-) create mode 100644 .go-version diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index bba2a01..07befd0 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -17,9 +17,12 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v5 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - id: goversion + run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT" + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: 1.21.8 + go-version: ${{ steps.goversion.outputs.goversion }} - uses: actions/checkout@v4 - name: golangci-lint uses: golangci/golangci-lint-action@v6 diff --git a/.github/workflows/govuln.yaml b/.github/workflows/govuln.yaml index 43b67c0..7d1ce95 100644 --- a/.github/workflows/govuln.yaml +++ b/.github/workflows/govuln.yaml @@ -16,4 +16,4 @@ jobs: - run: | set -euo pipefail - go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./... \ No newline at end of file + go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./... diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 79b5d39..bf838c8 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -17,9 +17,11 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v5 + - id: goversion + run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT" + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: - go-version: 1.21.8 + go-version: ${{ steps.goversion.outputs.goversion }} - uses: actions/checkout@v4 - name: tests run: | diff --git a/.go-version b/.go-version new file mode 100644 index 0000000..ae7bbdf --- /dev/null +++ b/.go-version @@ -0,0 +1 @@ +1.21.10 diff --git a/go.mod b/go.mod index 73dc63f..e4dcdc5 100644 --- a/go.mod +++ b/go.mod @@ -2,6 +2,8 @@ module go.etcd.io/gofail go 1.21 +toolchain go1.21.10 + require github.com/stretchr/testify v1.9.0 require (