From 209816edbceff185050c571491033d1f1ede0745 Mon Sep 17 00:00:00 2001 From: Chad Wilson Date: Mon, 8 Apr 2024 11:18:06 +0800 Subject: [PATCH] Bump minor dependencies for release (#2520) * Bump minor dependencies for release Signed-off-by: Chad Wilson * Make sure we are building/testing with latest Go patch release This is better for security and determinism as otherwise the action uses whatever happens to be cached, which might be old. Signed-off-by: Chad Wilson * Fix deprecation of grpc.Dial Signed-off-by: Chad Wilson --------- Signed-off-by: Chad Wilson --- .github/workflows/benchmark.yml | 2 +- .github/workflows/codeql-analysis.yml | 65 ++++++++++++++------------- .github/workflows/golangci-lint.yml | 1 + .github/workflows/release.yml | 4 +- .github/workflows/tests.yml | 15 +++---- go.mod | 6 +-- go.sum | 12 ++--- plugin/plugin.go | 2 +- release.sh | 13 ------ runner/grpcRunner.go | 8 +++- version/version.go | 2 +- 11 files changed, 59 insertions(+), 71 deletions(-) delete mode 100755 release.sh diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index c8b92cce0..b8e198ec9 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -27,9 +27,9 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'gauge/go.mod' cache-dependency-path: 'gauge/go.sum' - id: go - name: Setup java uses: actions/setup-java@v4 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 376cdd127..8dba41476 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -22,35 +22,36 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: 'go.mod' - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - # Override language selection by uncommenting this and choosing your languages - # with: - # languages: go, javascript, csharp, python, cpp, java - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + check-latest: true + go-version-file: 'go.mod' + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + # Override language selection by uncommenting this and choosing your languages + # with: + # languages: go, javascript, csharp, python, cpp, java + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 1c4d64517..afbb882ff 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -22,6 +22,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - name: golangci-lint uses: golangci/golangci-lint-action@v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 66cb0dd9d..1a1e41fbf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,8 +15,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - name: Compile gauge run: go run build/make.go --all-platforms --skip-windows @@ -39,8 +39,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - name: Prep installer generation shell: powershell diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 922770219..95c6cb141 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -22,9 +22,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - - name: Test run: go run build/make.go --test --verbose @@ -40,9 +39,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - - name: Set up Nodejs uses: actions/setup-node@v4 with: @@ -108,9 +106,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - - name: Setup java uses: actions/setup-java@v4 with: @@ -208,9 +205,8 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'go.mod' - id: go - - name: Build distro for ${{ matrix.os }} run: go run build/make.go && go run build/make.go --distro @@ -239,10 +235,9 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: + check-latest: true go-version-file: 'gauge/go.mod' cache-dependency-path: 'gauge/go.sum' - id: go - - name: Setup java uses: actions/setup-java@v4 with: diff --git a/go.mod b/go.mod index 42ca9b0ba..310332f3d 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.5 google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda - google.golang.org/grpc v1.62.1 + google.golang.org/grpc v1.63.0 google.golang.org/protobuf v1.33.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c ) @@ -33,8 +33,8 @@ require ( github.com/kr/text v0.2.0 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect - golang.org/x/net v0.22.0 // indirect - golang.org/x/sys v0.18.0 // indirect + golang.org/x/net v0.24.0 // indirect + golang.org/x/sys v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index a2e57bd91..adc4fb136 100644 --- a/go.sum +++ b/go.sum @@ -60,17 +60,17 @@ github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda h1:LI5DOvAxUPMv/50agcLLoo+AdWc1irS9Rzz4vPuD1V4= google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= -google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= -google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= +google.golang.org/grpc v1.63.0 h1:WjKe+dnvABXyPJMD7KDNLxtoGk5tgk+YFWN6cBWjZE8= +google.golang.org/grpc v1.63.0/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/plugin/plugin.go b/plugin/plugin.go index f1ff22326..c1ce1c234 100644 --- a/plugin/plugin.go +++ b/plugin/plugin.go @@ -252,7 +252,7 @@ func startGRPCPlugin(pd *PluginDescriptor, command []string) (*plugin, error) { return nil, fmt.Errorf("timed out connecting to %s", pd.ID) } logger.Debugf(true, "Attempting to connect to grpc server at port: %s", port) - gRPCConn, err := grpc.Dial(fmt.Sprintf("%s:%s", "127.0.0.1", port), + gRPCConn, err := grpc.NewClient(fmt.Sprintf("%s:%s", "127.0.0.1", port), grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithDefaultCallOptions(grpc.MaxCallSendMsgSize(1024*1024*1024), grpc.MaxCallRecvMsgSize(1024*1024*1024)), grpc.WithBlock()) diff --git a/release.sh b/release.sh deleted file mode 100755 index 492634f00..000000000 --- a/release.sh +++ /dev/null @@ -1,13 +0,0 @@ -if [ -z "$GITHUB_TOKEN" ]; then - echo "GITHUB_TOKEN is not set." - echo "Please create an personal access token with repo:public_repo scopes." - exit 1 -fi - -curl \ - -X POST \ - -H "Authorization: token $GITHUB_TOKEN" \ - -H "Accept: application/vnd.github.ant-man-preview+json" \ - -H "Content-Type: application/json" \ - https://api.github.com/repos/getgauge/gauge/deployments \ - --data '{"ref": "master", "required_contexts": [], "environment": "production"}' \ No newline at end of file diff --git a/runner/grpcRunner.go b/runner/grpcRunner.go index f91575b36..a48b9d91c 100644 --- a/runner/grpcRunner.go +++ b/runner/grpcRunner.go @@ -227,7 +227,11 @@ func (r *GrpcRunner) ExecuteAndGetStatus(m *gm.Message) *gm.ProtoExecutionResult } return &gauge_messages.ProtoExecutionResult{Failed: true, ErrorMessage: err.Error()} } - if res != nil { return res.ExecutionStatusResponse.ExecutionResult } else { return nil } + if res != nil { + return res.ExecutionStatusResponse.ExecutionResult + } else { + return nil + } } // Alive check if the runner process is still alive @@ -333,7 +337,7 @@ func StartGrpcRunner(m *manifest.Manifest, stdout, stderr io.Writer, timeout tim return nil, fmt.Errorf("Timed out connecting to %s", m.Language) } logger.Debugf(true, "Attempting to connect to grpc server at port: %s", port) - conn, err := grpc.Dial(fmt.Sprintf("%s:%s", host, port), + conn, err := grpc.NewClient(fmt.Sprintf("%s:%s", host, port), grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(oneGB), grpc.MaxCallSendMsgSize(oneGB)), grpc.WithBlock()) diff --git a/version/version.go b/version/version.go index 4aa25933e..125aac1b5 100644 --- a/version/version.go +++ b/version/version.go @@ -14,7 +14,7 @@ import ( ) // CurrentGaugeVersion represents the current version of Gauge -var CurrentGaugeVersion = &Version{1, 6, 5} +var CurrentGaugeVersion = &Version{1, 6, 6} // BuildMetadata represents build information of current release (e.g, nightly build information) var BuildMetadata = ""