Merge pull request #3161 from sourcenetwork/release/0.14.0

Release v0.14.0

.github/composites/install-sourcehub/action.yml

@@ -0,0 +1,36 @@
+# Copyright 2024 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: 'Install SourceHub'
+
+description: 'Composite action to install sourcehub'
+
+inputs:
+  ref:
+    description: 'The branch, tag or SHA to install'
+    required: true
+    default: 'coverage_default'
+
+runs:
+  # This is a composite action, setting this is required.
+  using: "composite"
+
+  steps:
+    - name: Checkout sourcehub code into the directory
+      uses: actions/checkout@v4
+      with:
+        repository: sourcenetwork/sourcehub
+        path: _sourceHub
+        ref: ${{ inputs.ref }}
+
+    - name: Install SourceHub CLI
+      working-directory: _sourceHub
+      shell: bash # It's required for run step to specify shell in a composite action.
+      run: make install

.github/composites/setup-defradb/action.yml

@@ -0,0 +1,70 @@
+# Copyright 2024 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: 'Setup DefraDB Composite'
+
+description: 'Composite action to setup defradb'
+
+runs:
+  # This is a composite action, setting this is required.
+  using: "composite"
+
+  steps:
+    - name: Setup Go environment explicitly
+      uses: actions/setup-go@v5
+      with:
+        go-version-file: 'go.mod'
+        check-latest: true
+        cache: false
+
+    - name: Set cache paths
+      id: cache-paths
+      shell: bash # It's required for run step to specify shell in a composite action.
+      run: |
+        echo "GO_CACHE=$(go env GOCACHE)" >> "${GITHUB_OUTPUT}"
+        echo "GO_MODCACHE=$(go env GOMODCACHE)" >> "${GITHUB_OUTPUT}"
+        echo "CARGO_CACHE=~/.cargo" >> "${GITHUB_OUTPUT}"
+
+    - name: Go cache/restore
+      uses: actions/cache@v4
+      with:
+        key: ${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}
+        path: |
+          ${{ steps.cache-paths.outputs.GO_CACHE }}
+          ${{ steps.cache-paths.outputs.GO_MODCACHE }}
+
+    - name: Cargo cache/restore
+      # A very cool post: https://blog.arriven.wtf/posts/rust-ci-cache
+      uses: actions/cache@v4
+      with:
+        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
+          # Here are some directories we shouldn't forget about:
+          # ~/.cargo/.*
+          # ~/.cargo/bin/
+          # ~/.cargo/git/db/
+          # ~/.cargo/registry/cache/
+          # ~/.cargo/registry/index/
+          # **/target/*/*.d
+          # **/target/*/*.rlib
+          # **/target/*/.fingerprint
+          # **/target/*/build
+          # **/target/*/deps
+        path: |
+          ${{ steps.cache-paths.outputs.CARGO_CACHE }}
+          **/target/
+
+    - name: Restore modified time
+      uses: chetan/git-restore-mtime-action@v2
+
+    - name: Build dependencies
+      shell: bash # It's required for run step to specify shell in a composite action.
+      run: |
+        make deps:modules
+        make deps:test

.github/composites/test-coverage-with-artifact/action.yml

@@ -0,0 +1,44 @@
+# Copyright 2024 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: 'Test Coverage And Save Artifact'
+
+description: 'Composite action to run the test with coverage and save the report as artifact'
+
+inputs:
+  coverage-artifact-name:
+    description: 'Name of the artifact that will save coverage report'
+    required: true
+    default: 'coverage_default'
+
+  coverage-path:
+    description: 'Path to coverage file'
+    required: false
+    default: 'coverage.txt'
+
+runs:
+  # This is a composite action, setting this is required.
+  using: "composite"
+
+  steps:
+    - name: Run integration tests
+      shell: bash # It's required for run step to specify shell in a composite action.
+      run: make test:coverage
+
+    - name: Upload coverage artifact
+      uses: actions/upload-artifact@v4
+      with:
+        # Make sure the name is always unique per job as artifacts are now immutable.
+        # Note Issue: https://github.com/actions/upload-artifact/issues/478
+        # Solve: https://github.com/actions/upload-artifact/issues/478#issuecomment-1885470013
+        name: ${{ inputs.coverage-artifact-name }}
+        path: ${{ inputs.coverage-path }}
+        if-no-files-found: error
+        retention-days: 7

.github/workflows/check-data-format-changes.yml

@@ -34,17 +34,8 @@ jobs:
       - name: Checkout code into the directory
         uses: actions/checkout@v4
 
-      - name: Setup Go environment explicitly
-        uses: actions/setup-go@v5
-        with:
-          go-version-file: 'go.mod'
-          check-latest: true
-          cache: false
-
-      - name: Build dependencies
-        run: |
-          make deps:modules
-          make deps:test
+      - name: Setup defradb
+        uses: ./.github/composites/setup-defradb
 
       - name: Run data format change detection tests
         run: make test:changes

.github/workflows/check-tidy.yml

@@ -9,8 +9,8 @@
 # licenses/APL.txt.
 
 # This workflow checks that go mod tidy command we have set for the specific
-# go version is not broken, for example `go mod tidy -go=1.21.3`. This
-# can cause some head scratching at times, so better catch this in the PR.
+# go version is not broken. This can cause some head scratching at times,
+# so better catch this in the PR.
 #
 # Inaddition to that also checks that we are currently in a `tidy` state.
 name: Check Tidy Workflow

.github/workflows/check-vulnerabilities.yml

@@ -30,10 +30,32 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Run govulncheck
-        uses: golang/govulncheck-action@v1
+      - name: Checkout code into the directory
+        uses: actions/checkout@v4
+
+      - name: Setup Go environment explicitly
+        uses: actions/setup-go@v5
         with:
-          go-version-input: "1.21"
-          go-package: ./...
+          go-version-file: 'go.mod'
           check-latest: true
           cache: false
+
+      - name: Install govulncheck
+        run: make deps:vulncheck
+
+      - name: Run govulncheck scan
+        run: govulncheck -C . -format text ./... | tee govulncheck.txt
+
+      - name: Check if only known vulnerabilities were found (there are new vulnerabilities if this fails)
+        run: cat govulncheck.txt | grep "Your code is affected by 2 vulnerabilities from 1 module."
+
+    # Use the steps below once the x/crisis (crisis.init) bug is fixed or if the
+    # ability to silence is implemented: https://github.com/golang/go/issues/61211
+    #steps:
+    # - name: Run govulncheck
+    #   uses: golang/govulncheck-action@v1
+    #   with:
+    #     go-version-file: 'go.mod'
+    #     check-latest: true
+    #     cache: false
+    #     go-package: ./...

.github/workflows/lint.yml

@@ -50,7 +50,7 @@ jobs:
           # Required: the version of golangci-lint is required.
           # Note: The version should not pick the patch version as the latest patch
           #  version is what will always be used.
-          version: v1.54
+          version: v1.61
 
           # Optional: working directory, useful for monorepos or if we wanted to run this
           #  on a non-root directory.