Luke Heath
6ebc308eb4
[StepSecurity] ci: Harden GitHub Actions ( #17780 )
2024-03-22 15:32:23 -05:00
Luke Heath
91db043094
Use go variable to set version in workflows ( #14890 )
2023-11-03 09:42:27 -05:00
Roberto Dip
ad9e30f120
Update Go to v1.21.3 ( #14634 )
...
for #14633
2023-10-19 10:01:05 -03:00
Roberto Dip
ea6b59f179
upgrade Go version to 1.21.1 ( #13877 )
...
For #13715 , this:
- Upgrades the Go version to `1.21.1`, infrastructure changes are
addressed separately at https://github.com/fleetdm/fleet/pull/13878
- Upgrades the linter version, as the current version doesn't work well
after the Go upgrade
- Fixes new linting errors (we now get errors for memory aliasing in
loops! 🎉 )
After this is merged people will need to:
1. Update their Go version. I use `gvm` and I did it like:
```
$ gvm install go1.21.1
$ gvm use go1.21.1 --default
```
2. Update the local version of `golangci-lint`:
```
$ go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.54.2
```
3. (optional) depending on your setup, you might need to re-install some
packages, for example:
```
# goimports to automatically import libraries
$ go install golang.org/x/tools/cmd/goimports@latest
# gopls for the language server
$ go install golang.org/x/tools/gopls@latest
# etc...
```
2023-09-13 15:59:35 -03:00
Lucas Manuel Rodriguez
9a3b4cd365
Attempt to stabilize the broken integration.yml workflow ( #13653 )
...
#13547
This is an attempt to stabilize this workflow that has been broken for
4-6 months.
# Issue and proposed solution
Github runner VMs re-use UUIDs, which is not supported by Orbit (this
causes a host to be enrolled as two hosts in Fleet), thus, until that is
fixed in https://github.com/fleetdm/fleet/issues/8021 I propose we
stabilize this workflow by testing all `stable` channels only (which is
better than having the build broken all the time IMO).
Once https://github.com/fleetdm/fleet/issues/8021 is fixed we can re-add
the edge channels.
2023-09-01 12:25:17 -03:00
Roberto Dip
5ad734d617
upgrade go to v1.19.12 ( #13617 )
2023-08-31 13:49:24 -05:00
Luke Heath
204f082fe5
Pin all workflow actions versions by commit ( #13462 )
2023-08-31 12:09:21 -05:00
Lucas Manuel Rodriguez
f701dc55ed
CI: Add shell cmd for windows runner and add some debug logs to help troubleshoot ( #13592 )
...
After @rfairburn made the DNS change the clouldflared tunnel started
working again (after months of being broken).
#13547
Run: https://github.com/fleetdm/fleet/actions/runs/6025182774
This PR adds some fixes to the two workflows that make use of
cloudflared.
There are still some issues to fix but these are some changes needed to
continue/help troubleshooting.
2023-08-30 15:49:47 -03:00
Roberto Dip
d9de78e9fc
upgrade Go version to 1.19.11 ( #12902 )
2023-07-26 11:09:22 -07:00
dependabot[bot]
0730246723
Bump actions/setup-go from 2.1.3 to 4.0.1 ( #12294 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.1.3
to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame "><code>@dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354 ">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov "><code>@IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359 ">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370 ">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1 ">https://github.com/actions/setup-go/compare/v4...v4.0.1 </a></p>
<h2>v4.0.0</h2>
<p>In scope of release we enable cache by default. The action won’t
throw an error if the cache can’t be restored or saved. The action will
throw a warning message but it won’t stop a build process. The cache can
be disabled by specifying <code>cache: false</code>.</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ‘1.19’
- run: go run hello.go
</code></pre>
<p>Besides, we introduce such changes as</p>
<ul>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/305 ">Allow to
use only GOCACHE for cache</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/315 ">Bump
json5 from 2.2.1 to 2.2.3</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/323 ">Use
proper version for primary key in cache</a></li>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/351 ">Always add
Go bin to the PATH</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/350 ">Add
step warning if go-version input is empty</a></li>
</ul>
<h2>Add support for stable and oldstable aliases</h2>
<p>In scope of this release we introduce aliases for the
<code>go-version</code> input. The <code>stable</code> alias instals the
latest stable version of Go. The <code>oldstable</code> alias installs
previous latest minor release (the stable is 1.19.x -> the oldstable
is 1.18.x).</p>
<h3>Stable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 'stable'
- run: go run hello.go
</code></pre>
<h3>OldStable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fac708d667https://redirect.github.com/actions/setup-go/issues/374 ">#374</a>)</li>
<li><a
href="dd84a9531ahttps://redirect.github.com/actions/setup-go/issues/370 ">#370</a>)</li>
<li><a
href="41c2024c46https://redirect.github.com/actions/setup-go/issues/359 ">#359</a>)</li>
<li><a
href="8dbf352f06https://redirect.github.com/actions/setup-go/issues/354 ">#354</a>)</li>
<li><a
href="4d34df0c23https://redirect.github.com/actions/setup-go/issues/348 ">#348</a>)</li>
<li><a
href="fdc0d672a1https://redirect.github.com/actions/setup-go/issues/351 ">#351</a>)</li>
<li><a
href="ebfdf6ac95https://redirect.github.com/actions/setup-go/issues/350 ">#350</a>)</li>
<li><a
href="b27d76912ehttps://redirect.github.com/actions/setup-go/issues/349 ">#349</a>)</li>
<li><a
href="c51a720768https://redirect.github.com/actions/setup-go/issues/332 ">#332</a>)</li>
<li><a
href="6b848af622https://redirect.github.com/actions/setup-go/issues/343 ">#343</a>
from akv-platform/reusable-workflow</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-go/compare/v2.1.3...v4.0.1 ">compare
view</a></li>
</ul>
</details>
<br />
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 12:38:42 -07:00
dependabot[bot]
ffcfdbc15d
Bump slackapi/slack-github-action from 1.18.0 to 1.24.0 ( #12293 )
...
Bumps
[slackapi/slack-github-action](https://github.com/slackapi/slack-github-action )
from 1.18.0 to 1.24.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/slackapi/slack-github-action/releases ">slackapi/slack-github-action's
releases</a>.</em></p>
<blockquote>
<h2>Slack Send V1.24.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add in testing instructions for maintainer's guide and standardize
bullet point punctuation by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/140 ">slackapi/slack-github-action#140</a></li>
<li>Added checks for bot token and webhook url length by <a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li>Add channel_id output parameter by <a
href="https://github.com/maso7 "><code>@maso7</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a
href="https://redirect.github.com/slackapi/slack-github-action/issues/171 ">#171</a>
Update Technique 2 to use Actions context instead of values property by
<a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li>Fix interpolation of variables in file-based payloads by <a
href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
<li>Update README.md with variable usage and links to example workflows
by <a href="https://github.com/filmaj "><code>@filmaj</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/201 ">slackapi/slack-github-action#201</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/koki-develop "><code>@koki-develop</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/124 ">slackapi/slack-github-action#124</a></li>
<li><a href="https://github.com/maso7 "><code>@maso7</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/149 ">slackapi/slack-github-action#149</a></li>
<li><a href="https://github.com/mwbrooks "><code>@mwbrooks</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/172 ">slackapi/slack-github-action#172</a></li>
<li><a href="https://github.com/hnarimiya "><code>@hnarimiya</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/200 ">slackapi/slack-github-action#200</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 ">https://github.com/slackapi/slack-github-action/compare/v1.23.0...v1.24.0 </a></p>
<h2>Slack Send V1.23.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump node from 12 to 16 by <a
href="https://github.com/quinnjn "><code>@quinnjn</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li>Bump eslint from 8.23.0 to 8.24.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/135 ">slackapi/slack-github-action#135</a></li>
<li>Bump <code>@actions/core</code> from 1.9.1 to 1.10.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/134 ">slackapi/slack-github-action#134</a></li>
<li>Bump <code>@actions/github</code> from 5.0.3 to 5.1.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/133 ">slackapi/slack-github-action#133</a></li>
<li>Use https proxy agent by <a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li>Release v1.23.0 by <a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/quinnjn "><code>@quinnjn</code></a> made
their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/128 ">slackapi/slack-github-action#128</a></li>
<li><a
href="https://github.com/EHitchcockIAG "><code>@EHitchcockIAG</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/132 ">slackapi/slack-github-action#132</a></li>
<li><a
href="https://github.com/hello-ashleyintech "><code>@hello-ashleyintech</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/139 ">slackapi/slack-github-action#139</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 ">https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0 </a></p>
<h2>Slack Send V1.22.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(message): support multiple channel IDs by <a
href="https://github.com/treemmett "><code>@treemmett</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a>
(fixes <a
href="https://redirect.github.com/slackapi/slack-github-action/issues/118 ">#118</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/treemmett "><code>@treemmett</code></a>
made their first contribution in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/126 ">slackapi/slack-github-action#126</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 ">https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0 </a></p>
<h2>Slack Send V1.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>updated to 1.21.0, fixed update-ts by <a
href="https://github.com/stevengill "><code>@stevengill</code></a> in <a
href="https://redirect.github.com/slackapi/slack-github-action/pull/110 ">slackapi/slack-github-action#110</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 ">https://github.com/slackapi/slack-github-action/compare/v1.20.0...v1.21.0 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e28cf165c9f07b4a2d032c8b741a82https://redirect.github.com/slackapi/slack-github-action/issues/201 ">#201</a>)</li>
<li><a
href="81a1dc0cd9https://redirect.github.com/slackapi/slack-github-action/issues/200 ">#200</a>)</li>
<li><a
href="4eb7313607https://redirect.github.com/slackapi/slack-github-action/issues/194 ">#194</a>)</li>
<li><a
href="17394c7ff6https://redirect.github.com/slackapi/slack-github-action/issues/195 ">#195</a>)</li>
<li><a
href="2746ea8222https://redirect.github.com/slackapi/slack-github-action/issues/196 ">#196</a>)</li>
<li><a
href="1b89efce66https://redirect.github.com/slackapi/slack-github-action/issues/197 ">#197</a>)</li>
<li><a
href="0e608ca738https://redirect.github.com/slackapi/slack-github-action/issues/188 ">#188</a>)</li>
<li><a
href="02b50ad38bhttps://redirect.github.com/slackapi/slack-github-action/issues/189 ">#189</a>)</li>
<li>Additional commits viewable in <a
href="16b6c78ee7...e28cf165c9
2023-06-23 12:32:30 -07:00
Roberto Dip
ab9ac28538
upgrade go version to 1.19.10 ( #12187 )
...
for #12177
2023-06-07 17:59:30 -03:00
KanchiMoe
9e9fd633c7
Update 'install go' Github Actions to use tag as it uses deprecated commands ( #11408 )
...
At the moment, in Github Actions, when a job has `uses:
actions/setup-go` it uses a specific commit from that repo.
In that commit, it used `set-output` somewhere, which is now deprecated
and will be disabled within the next month or so.
See here for more information:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
This PR changes every instance where `actions/setup-go@...` was used and
replaces it with release `v2.1.3`. [From the release
notes](https://github.com/actions/setup-go/releases/tag/v2.1.3 ):
> Updated communication with runner to use environment files rather then
workflow commands
Which is what the above Github blog recommends doing.
---
Addationally, the latest version of this Github Action is
[`v4.0.0`](https://github.com/actions/setup-go/releases/tag/v4.0.0 ),
which you may want to update to in the future.
2023-05-17 15:56:16 -05:00
KanchiMoe
3496011e35
Convert remaining uses of set-output for Github Actions ( #11352 )
2023-04-27 16:11:27 -05:00
KanchiMoe
503a30092f
Fix integration Github action using the deprecated command set-output ( #11282 )
2023-04-26 10:15:23 -05:00
dependabot[bot]
672c0d9239
Bump actions/upload-artifact from 3.1.0 to 3.1.2 ( #10183 )
...
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact )
from 3.1.0 to 3.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases ">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.2</h2>
<ul>
<li>Update all <code>@actions/*</code> NPM packages to their latest
versions- <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a></li>
<li>Update all dev dependencies to their most recent versions - <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a></li>
</ul>
<h2>v3.1.1</h2>
<ul>
<li>Update actions/core package to latest version to remove
<code>set-output</code> deprecation warning <a
href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/351 ">#351</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b7f8abb15https://github-redirect.dependabot.com/actions/upload-artifact/issues/312 ">#312</a>)</li>
<li><a
href="013d2b89bahttps://github-redirect.dependabot.com/actions/upload-artifact/issues/375 ">#375</a>)</li>
<li><a
href="055b8b3f04https://github-redirect.dependabot.com/actions/upload-artifact/issues/374 ">#374</a>)</li>
<li><a
href="7a5d4831f7https://github-redirect.dependabot.com/actions/upload-artifact/issues/315 ">#315</a>)</li>
<li><a
href="e0057a5b76https://github-redirect.dependabot.com/actions/upload-artifact/issues/352 ">#352</a>)</li>
<li><a
href="7fe6c13ac8https://github-redirect.dependabot.com/actions/upload-artifact/issues/363 ">#363</a>)</li>
<li><a
href="83fd05a356https://github-redirect.dependabot.com/actions/upload-artifact/issues/356 ">#356</a>)</li>
<li>See full diff in <a
href="3cea537223...0b7f8abb15https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=3.1.0&new-version=3.1.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 11:27:56 -07:00
Lucas Manuel Rodriguez
2c6bd879f8
Notify Go and Integration CI failures to new channel ( #10235 )
2023-03-01 20:14:07 -03:00
dependabot[bot]
74a86ff0ab
Bump dawidd6/action-download-artifact from 2.23.0 to 2.26.0 ( #10218 )
...
Bumps
[dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact )
from 2.23.0 to 2.26.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e780fc7bbhttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/227 ">#227</a>)</li>
<li><a
href="b59d8c6a6chttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/225 ">#225</a>)</li>
<li><a
href="5004d5476ehttps://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/219 ">#219</a>
from dawidd6/dependabot-npm_and_yarn-actions-artifact...</li>
<li><a
href="b1a9c91d1fbd10f381a9https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/218 ">#218</a>
from dawidd6/dependabot-npm_and_yarn-adm-zip-0.5.10</li>
<li><a
href="61a654a8cedcadc4bd45https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/211 ">#211</a>
from koplo199/master</li>
<li><a
href="ceeb280c4f806bb52fe0e6e25ac3a2https://github-redirect.dependabot.com/dawidd6/action-download-artifact/issues/209 ">#209</a>
from dawidd6/v2</li>
<li>Additional commits viewable in <a
href="7847792dd4...5e780fc7bbhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dawidd6/action-download-artifact&package-manager=github_actions&previous-version=2.23.0&new-version=2.26.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-03-01 11:32:47 -08:00
Zach Wasserman
64cd97fc83
Remove debug on failure from integration test action ( #10202 )
...
This would cause the job to take much longer to report a failure.
Instead, just add this line if debugging is necessary.
2023-02-28 17:23:52 -08:00
Roberto Dip
e5f38f0015
fix integration.yml CI workflow by setting a Go version ( #8516 )
...
We don't have a `matrix.go-version` defined, so the task was using
`go1.17.13` as the default.
This explicitly sets the version to `go1.19.1`, I didn't use a `matrix`
definition because at least for now, we only want to run this test using a
single Go version.
Since I was there, I also updated test-native-tooling-packaging.yml to
use `go1.19.1` too.
2022-11-01 09:34:52 -03:00
Michal Nicpon
56f3cb62ef
add concurrency to ci ( #8271 )
...
* add concurrency to ci
* add readme for workflows
2022-10-24 14:01:00 -06:00
dependabot[bot]
35ae71502f
Bump actions/setup-go from 3.2.1 to 3.3.0 ( #7470 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](84cbf80943...268d8c0ca0
2022-10-10 18:55:13 -03:00
Michal Nicpon
9056b22874
set default shell in workflows ( #8108 )
...
* wait for mysql in workflows
2022-10-07 09:43:56 -06:00
dependabot[bot]
74839bc134
Bump dawidd6/action-download-artifact from 2.22.0 to 2.23.0 ( #7471 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](ea71f332a9...7847792dd4
2022-08-31 07:49:57 -03:00
dependabot[bot]
200ddfaaff
Bump actions/checkout from 2 to 3.0.2 ( #7301 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 07:44:22 -03:00
dependabot[bot]
56ea9ee1b3
Bump dawidd6/action-download-artifact from 2.21.1 to 2.22.0 ( #7132 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.21.1 to 2.22.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](6765a42d86...ea71f332a9
2022-08-09 16:02:11 -03:00
dependabot[bot]
ec31f523eb
Bump actions/setup-go from 3.2.0 to 3.2.1 ( #6590 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](b22fbbc292...84cbf80943
2022-07-18 14:24:51 -03:00
dependabot[bot]
985eccc442
Bump dawidd6/action-download-artifact from 2.19.0 to 2.21.1 ( #6418 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.19.0 to 2.21.1.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](b2abf17054...6765a42d86
2022-06-28 18:31:16 -07:00
dependabot[bot]
3b86836c3f
Bump actions/upload-artifact from 3.0.0 to 3.1.0 ( #5835 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](6673cd052c...3cea537223
2022-06-22 16:07:08 -03:00
Lucas Manuel Rodriguez
33bb7886b6
Add automation for orbit shell (with TUF) ( #5856 )
...
* fix old root dir in orbit
* add changes
* Add automation for orbit shell (with TUF)
* Fix workflow syntax
* Add logging to latest fleetctl preview action
* Add changes to fix workflow
* Use macOS host for TUF server and package generation
* Remove copy/paste if clause
* Fix orbit logs on macOS, Ubuntu
* Simplify TUF and generation of packages
* Set enroll secret instead of getting it
* Increase timeouts
* Add step id
* Fixes to the upload/download of artifacts
* Rearrange steps to not lose the downloads
* Fix copy/paste
* Add fleetctl login step
* Add missing config set
* Fix quotes on Windows
* Increase timeout
* Fix job termination
* Disable FLEET_DESKTOP for now
* Checkout repository on macOS
* Fix logs path
* Enable fleet desktop
* Use cancel, nitpick
Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-06-01 13:54:16 -03:00
dependabot[bot]
de3e19e52f
Bump actions/setup-go from 3.0.0 to 3.2.0 ( #5917 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8...b22fbbc292
2022-05-31 10:13:26 -03:00
gillespi314
4a4e832d3a
Increase minimum password length to 12 characters ( #5712 )
2022-05-18 12:03:00 -05:00
Lucas Manuel Rodriguez
d50e97d250
Upload logs on fleetctl preview action ( #5745 )
...
* Upload logs on fleetctl preview action
* Group logs
* Avoid hidden folder
2022-05-16 18:39:31 -03:00
Lucas Manuel Rodriguez
a5349672eb
Amend fleetctl package to support /var/lib legacy orbit (legacy would mean <= 0.0.11) ( #5532 )
...
* Add logs to troubleshoot orbit
* Run journalctl on a different step
* Add legacy orbit support to opt version of fleetctl
* Fix macos logs permission error
* Checkout repository
* Compile fleetctl from branch
2022-05-03 16:46:02 -03:00
Lucas Manuel Rodriguez
f806cbc638
Update slack webhook urls to use new channel ( #5373 )
2022-04-26 14:44:46 -03:00
Lucas Manuel Rodriguez
77f3513020
Add fleet-desktop test to test-packaging.yml ( #5289 )
...
* Add fleet-desktop test to test-packaging.yml
* Add itself to be able to trigger action
* Use stable
* Add --fleet-desktop flag to integration.yml
2022-04-25 10:21:00 -03:00
Lucas Manuel Rodriguez
15636cd760
Add slack notif when integration test fails ( #5332 )
2022-04-22 14:39:55 -03:00
Lucas Manuel Rodriguez
2e7bbf960a
Add pre and post remove scripts for rpm and deb packages ( #5150 )
2022-04-19 09:32:47 -03:00
dependabot[bot]
1a0b39fee3
Bump dawidd6/action-download-artifact from 2.16.0 to 2.19.0 ( #5207 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.16.0 to 2.19.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](09385b76de...b2abf17054
2022-04-18 19:14:13 -07:00
dependabot[bot]
83ffcc4b7d
Bump actions/upload-artifact from 2.3.1 to 3 ( #4637 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](82c141cc51...6673cd052c
2022-04-18 19:09:17 -07:00
dependabot[bot]
5e1da4b28a
Bump actions/download-artifact from 2.1.0 to 3 ( #5205 )
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2.1.0 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](f023be2c48...fb598a63ae
2022-04-18 18:59:59 -07:00
Guillaume Ross
e6c6b7e840
Added explicit read permissions + tweaked permissions ( #4843 )
...
* Added explicit read permissions + tweaked permissions
As a part of #4698 - this should fix the remaining warnings we get from the OSSF scorecard in relation to github workflows. They now all have explicit read permissions with more granular permissions granted in jobs.
* Update tfsec.yml
New workflow that I had not fixed in this PR.
2022-03-28 16:20:31 -04:00
Guillaume Ross
62d3b9145f
4620 pin action dependencies ( #4622 )
...
* Update build-binaries.yaml
Pin action versions + add read only token to build-binaries.yaml
* Update codeql-analysis.yml
Pin dependencies with hash for codeql-analysis.yml
* Update deploy-fleet-website.yml
Pin dependencies in deploy-fleet-website.yml
* Update docs.yml
Pin dependencies for docs.yml
* Update fleet-and-orbit.yml
Pinning dependencies for fleet-and-orbit.yml
* Update generate-osqueryd-app-tar-gz.yml
Pin dependencies for generate-osqueryd-app-tar-gz.yml
* Pin dependencies in goreleaser workflows
Pinned dependencies in the 3 goreleaser workflows
* Update integration.yml
Pinned dependencies with hash
* Update pr-helm.yaml
Pinned dependencies with hash
* Update push-osquery-perf-to-ecr.yml
Pinned dependencies with a hash
* Update release-helm.yaml
Pinned one dependency with a hash
* Update semgrep-analysis.yml
Pinned dependencies with hashes
* Update test-go.yaml
Pinned dependencies with hash
* Update test-packaging.yml
Pinned dependencies with hashes
* Update test-website.yml
Pinned dependencies with hashes
* Update test.yml
Pinned dependencies with hashes
2022-03-16 15:42:28 -04:00
Lucas Manuel Rodriguez
e39ba93a90
Orbit to wait for osqueryd extension manager socket to be ready ( #3836 )
...
* Wait for osquery extension manager socket to be ready
* PR review feedback
* Add WIP Github Action to test orbit
* Set fleet address on fleetctl
* Add logging for troubleshooting
* Add prepare db statement
* Use tls-skip-verify on fleetctl
* Move steps around
* Fix addresses
* Fix fleetctl path
* Add certs.pem to orbit root dir
* Add orbit logs
* Increase timeout
* Add proper orbit log paths
* Fix tmp path orbit
* Add get hosts command to troubleshoot
* Fix orbit job termination
* Add comments to workflows
* Wait for server to go down
* Add orbit Windows job
* Use bash on windws-latest
* Fix missing quote
* Run orbit on Ubuntu
* Bump host count
* Increase timeout for extensions and not terminate on err
* Add comment to clarify high timeout value
* Revert change, we do want to exit in case of err
2022-02-22 15:05:32 -03:00
Zach Wasserman
9c845ec26b
Integration test packaging ( #3633 )
2022-01-13 13:59:22 -08:00
