Commit Graph

146 Commits

Author SHA1 Message Date
Milas Bowman 3b85cd2fa9 test: fix e2e commands on Windows
Instead of trying to make this work nicely cross-platform,
just push the Coverage logic into the GitHub Actions job,
as that's really where we care about it.

(It's surprisingly difficult to make this nicely portable;
to make PowerShell not error out if the path does not exist
you have to ignore ALL errors and the way that env vars are
passed to processes is not the same.)

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2023-03-24 11:50:05 -04:00
Nicolas De Loof a11515e038 introduce `ignore` attribute for watch triggers
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-03-21 18:29:49 +01:00
Guillaume Lours 643557d534 build and push binaries images when a PR is merged or a tag pushed
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
2023-03-16 11:23:49 +01:00
Nicolas De Loof 85ddfde5d6 use go 1.20 -cover support
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-03-10 16:54:39 +00:00
jongwooo 3077234292 ci: Replace deprecated command with environment file
Signed-off-by: jongwooo <jongwooo.han@gmail.com>
2023-02-04 13:17:24 +09:00
Laura Brehm 4ad87463c5 Add 🥒 GHA workflow
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-01-11 14:13:10 +01:00
Joyce Brum c342891f3e Squashed commit of the following:
commit 72293cbe879bcd1fff610eace6929922c4a4d668
Author: Joyce Brum <joycebrum@google.com>
Date:   Thu Nov 3 10:20:52 2022 -0300

    fix: upgrade scorecard action to 2.0.6

    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 39451ef36f4ce71053c59c3a238d95752be05136
Author: Joyce <joycebrumu.u@gmail.com>
Date:   Wed Sep 14 17:52:59 2022 -0300

    Change to the original repository

    Signed-off-by: Joyce <joycebrumu.u@gmail.com>
    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit ddcccaa14b8ef928a4bc8ba38429d8a442806ae9
Author: Joyce <joycebrumu.u@gmail.com>
Date:   Wed Sep 14 17:51:26 2022 -0300

    Add scorecard badge

    Signed-off-by: Joyce <joycebrumu.u@gmail.com>
    Signed-off-by: Joyce Brum <joycebrum@google.com>

commit 8ac265f0ee197e30862c0510b01dce2bc350e129
Author: Joyce <joycebrumu.u@gmail.com>
Date:   Wed Sep 14 17:49:49 2022 -0300

    Configure Scorecard action 2.0.3

    Signed-off-by: Joyce <joycebrumu.u@gmail.com>

Signed-off-by: Joyce Brum <joycebrum@google.com>
2022-12-08 21:11:39 +01:00
Guillaume Lours cc247fdb84 remove go.* from e2e tests directory
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
2022-12-08 19:06:22 +01:00
Umar Faruq Chowdhury 06e71371ff
docs: fix grammatical issues (#9997)
Signed-off-by: Umar Chowdhury <umarfchy@gmail.com>
Co-authored-by: Milas Bowman <milasb@gmail.com>
2022-11-29 10:52:22 -05:00
Guillaume Lours 4bf98c7053
change the default branch of the doc repository
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
2022-11-23 16:28:16 +01:00
Guillaume Lours 09e742b33b
exclude issues with the kind/feature label from stale bot process
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
2022-11-14 11:31:03 +01:00
Ulysses Souza 91eae4f035 Add Codecov
Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com>
2022-10-17 15:32:51 +02:00
Milas Bowman f43a1e3ece github: add feature request template
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-10-13 14:31:11 -04:00
Milas Bowman fa1ae635d1 github: switch to issue template form
Migrate the existing template into the new format and streamline
it a bit.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-10-13 14:31:11 -04:00
Milas Bowman 97a9d02dda ci: update docs repo path
The Docker docs now live at `docker/docs` instead of
`docker/docker.github.io`.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-09-29 13:09:25 -04:00
Laura Brehm 25c4bcef85
Merge pull request #9824 from laurazard/cucumber-test
🥒 Cucumber PoC 🥒
2022-09-27 23:38:44 +02:00
Laura Brehm c1f475d7bd
Add `validate-modules` target to CI matrix
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2022-09-27 02:36:15 +02:00
Alex f44ca01fcf
ci: limit job permissions from default (#9874)
Signed-off-by: Alex <aleksandrosansan@gmail.com>
2022-09-26 15:41:24 -04:00
Laura Brehm 8891d9e2b5
Streamline GHA workflow
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2022-09-21 08:59:09 -04:00
Laura Brehm 6cd68a4bf2
Upgrade `actions/setup-go` to v3
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2022-09-20 11:33:31 -04:00
Laura Brehm 937fa2dc8f
Add GitHub Action workflow to run tests on Mac/Windows runners
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2022-09-20 11:33:28 -04:00
Laura Brehm 723078c593
Remove `/rebase` GitHub Action since it's no longer necessary
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2022-09-19 17:50:41 -04:00
Milas Bowman e81168197a ci: upgrade to Go 1.19.1
Go released 1.18.6 + 1.19.1 today which fix a couple
CVEs. (`golang.org/x/net` also has a related fix.)

This jumps from 1.18.5 -> 1.19.1 since it was on the
to-do list regardless :)

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-09-06 17:46:07 -04:00
Milas Bowman 24bf9789a6
ci: reduce noise from dependabot on Docker deps (#9770)
There's a complex dependency situation with `docker/docker`,
`docker/cli`, and `docker/buildkit`. Upgrading them usually
needs to happen in unison to ensure compatible versions
between them, particularly because `docker/buildx` is not
1.0, so has no guarantees re: compatibility, and `docker/docker`
& `docker/cli` use CalVer rather than SemVer, so also have
different compatibility guarantees than necessarily expected
by Go tooling.

Patch versions are still considered for these to ensure we
don't miss important bugfixes.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-08-30 08:50:23 -04:00
Nick Sieger 63b126622d
ci: bring back individual checksum files
Signed-off-by: Nick Sieger <nick@nicksieger.com>
2022-08-24 09:26:56 -05:00
Nick Sieger c07de59a98
ci: fix checksums checking
Create checksums.txt in a different directory so it doesn't affect the check.

Signed-off-by: Nick Sieger <nick@nicksieger.com>
2022-08-23 10:05:54 -05:00
CrazyMax 0ec04058cd
ci: fix checksums file
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-08-14 22:29:57 +02:00
CrazyMax 5ec20296e4
Better sandboxed workflow and enhanced cross compilation
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-08-12 15:05:58 +02:00
Guillaume Lours 143a40a618 update Docker CLI version use in CI to v20.10.17
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-08-05 10:46:36 +02:00
Guillaume Lours e65ada3984
fix version of golangci-lint to v1.47.3, issue with v1.48.0 for now
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-08-05 10:37:11 +02:00
Milas Bowman b1e4cde2da build: bump to Go 1.18.5
Can give 1.19 a bit of time before we upgrade ;)

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-08-02 13:40:37 -04:00
Guillaume Lours ce740b1ff6
remove unused workflows, especially the pr-closed which always failed
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-07-29 19:30:36 +02:00
Guillaume Lours dae4231810
remove usage of GO111MODULE option in gh actions
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-07-26 10:42:38 +02:00
Guillaume Lours a4c2c4a832
use env variable for golang version and updates gh actions from v2 to v3
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-07-25 23:20:35 +02:00
CrazyMax e1e8c37885 ci(docs): use push-to-fork when creating pr
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-07-22 17:54:14 +02:00
Sebastiaan van Stijn d54cd0445e
update go to 1.18.4
go1.18.4 (released 2022-07-12) includes security fixes to the compress/gzip,
encoding/gob, encoding/xml, go/parser, io/fs, net/http, and path/filepath
packages, as well as bug fixes to the compiler, the go command, the linker,
the runtime, and the runtime/metrics package. See the Go 1.18.4 milestone on the
issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.18.4+label%3ACherryPickApproved

This update addresses:

CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631,
CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, and CVE-2022-32148.

Full diff: https://github.com/golang/go/compare/go1.18.3...go1.18.4

From the security announcement;
https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE

We have just released Go versions 1.18.4 and 1.17.12, minor point releases. These
minor releases include 9 security fixes following the security policy:

- net/http: improper sanitization of Transfer-Encoding header

  The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating
  a "chunked" encoding. This could potentially allow for request smuggling, but
  only if combined with an intermediate server that also improperly failed to
  reject the header as invalid.

  This is CVE-2022-1705 and https://go.dev/issue/53188.

- When `httputil.ReverseProxy.ServeHTTP` was called with a `Request.Header` map
  containing a nil value for the X-Forwarded-For header, ReverseProxy would set
  the client IP as the value of the X-Forwarded-For header, contrary to its
  documentation. In the more usual case where a Director function set the
  X-Forwarded-For header value to nil, ReverseProxy would leave the header
  unmodified as expected.

  This is https://go.dev/issue/53423 and CVE-2022-32148.

  Thanks to Christian Mehlmauer for reporting this issue.

- compress/gzip: stack exhaustion in Reader.Read

  Calling Reader.Read on an archive containing a large number of concatenated
  0-length compressed files can cause a panic due to stack exhaustion.

  This is CVE-2022-30631 and Go issue https://go.dev/issue/53168.

- encoding/xml: stack exhaustion in Unmarshal

  Calling Unmarshal on a XML document into a Go struct which has a nested field
  that uses the any field tag can cause a panic due to stack exhaustion.

  This is CVE-2022-30633 and Go issue https://go.dev/issue/53611.

- encoding/xml: stack exhaustion in Decoder.Skip

  Calling Decoder.Skip when parsing a deeply nested XML document can cause a
  panic due to stack exhaustion. The Go Security team discovered this issue, and
  it was independently reported by Juho Nurminen of Mattermost.

  This is CVE-2022-28131 and Go issue https://go.dev/issue/53614.

- encoding/gob: stack exhaustion in Decoder.Decode

  Calling Decoder.Decode on a message which contains deeply nested structures
  can cause a panic due to stack exhaustion.

  This is CVE-2022-30635 and Go issue https://go.dev/issue/53615.

- path/filepath: stack exhaustion in Glob

  Calling Glob on a path which contains a large number of path separators can
  cause a panic due to stack exhaustion.

  Thanks to Juho Nurminen of Mattermost for reporting this issue.

  This is CVE-2022-30632 and Go issue https://go.dev/issue/53416.

- io/fs: stack exhaustion in Glob

  Calling Glob on a path which contains a large number of path separators can
  cause a panic due to stack exhaustion.

  This is CVE-2022-30630 and Go issue https://go.dev/issue/53415.

- go/parser: stack exhaustion in all Parse* functions

  Calling any of the Parse functions on Go source code which contains deeply
  nested types or declarations can cause a panic due to stack exhaustion.

  Thanks to Juho Nurminen of Mattermost for reporting this issue.

  This is CVE-2022-1962 and Go issue https://go.dev/issue/53616.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-13 12:40:24 +02:00
CrazyMax 0a53d93338
ci: release workflow to open a PR on docs repo with latest changes
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-06-24 18:40:08 +02:00
Sebastiaan van Stijn d2639a8638
update golang to 1.18.3
go1.18.3 (released 2022-06-01) includes security fixes to the crypto/rand,
crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the
compiler, and the crypto/tls and text/template/parse packages. See the Go
1.18.3 milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.18.3+label%3ACherryPickApproved

Hello gophers,

We have just released Go versions 1.18.3 and 1.17.11, minor point releases.

These minor releases include 4 security fixes following the security policy:

- crypto/rand: rand.Read hangs with extremely large buffers
  On Windows, rand.Read will hang indefinitely if passed a buffer larger than
  1 << 32 - 1 bytes.

  Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset,
  for reporting this issue.

  This is [CVE-2022-30634][CVE-2022-30634] and Go issue https://go.dev/issue/52561.
- crypto/tls: session tickets lack random ticket_age_add
  Session tickets generated by crypto/tls did not contain a randomly generated
  ticket_age_add. This allows an attacker that can observe TLS handshakes to
  correlate successive connections by comparing ticket ages during session
  resumption.

  Thanks to GitHub user nervuri for reporting this.

  This is [CVE-2022-30629][CVE-2022-30629] and Go issue https://go.dev/issue/52814.
- `os/exec`: empty `Cmd.Path` can result in running unintended binary on Windows

  If, on Windows, `Cmd.Run`, `cmd.Start`, `cmd.Output`, or `cmd.CombinedOutput`
  are executed when Cmd.Path is unset and, in the working directory, there are
  binaries named either "..com" or "..exe", they will be executed.

  Thanks to Chris Darroch, brian m. carlson, and Mikhail Shcherbakov for reporting
  this.

  This is [CVE-2022-30580][CVE-2022-30580] and Go issue https://go.dev/issue/52574.
- `path/filepath`: Clean(`.\c:`) returns `c:` on Windows

  On Windows, the `filepath.Clean` function could convert an invalid path to a
  valid, absolute path. For example, Clean(`.\c:`) returned `c:`.

  Thanks to Unrud for reporting this issue.

  This is [CVE-2022-29804][CVE-2022-29804] and Go issue https://go.dev/issue/52476.

[CVE-2022-30634]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30634
[CVE-2022-30629]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30629
[CVE-2022-30580]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30580
[CVE-2022-29804]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29804

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-02 09:56:16 +02:00
Guillaume Lours 6b71073ae2
Merge pull request #9453 from glours/go-18
update golang version to 1.18
2022-05-23 10:41:03 +02:00
Guillaume Lours 71600a52bf
update golang version to 1.18
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-05-20 22:13:55 +02:00
Ulysses Souza e51fd0a844 Fix local run of `make e2e-compose-standalone`
Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com>
2022-05-20 21:31:16 +02:00
Randy Fay 97d46a14ef Fix problems with ddev e2e test and minor cleanup, add tmate (#27)
* Add tmate for debugging
* Use -parallel=1 for standaone tests

Signed-off-by: Randy Fay <randy@randyfay.com>
2022-05-19 14:14:03 +02:00
Ulysses Souza a5a1c5f2f1 Add ddev's e2e test
Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com>
2022-05-19 14:14:03 +02:00
Sneha Kanekar1 e0286360a8 add support for ppc64le
Signed-off-by: Sneha Kanekar1 <sneha.kanekar1@ibm.com>
2022-04-14 17:25:01 +05:30
MaxPeal 5d809a2e89 create also a checksums.txt file, add --binary
create also a checksums.txt file
and switch shasum to --binary,
to Fix problems with the verification on different OS systems
fixes https://github.com/docker/compose/issues/9388

Signed-off-by: MaxPeal <30347730+MaxPeal@users.noreply.github.com>
2022-04-14 09:06:35 +02:00
Guillaume Lours 09e0cca9a7 update CI github actions comment to mention docs validation
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-03-18 10:42:05 +01:00
Guillaume Lours d75f22cc7b publish a draft release with auto generate release notes
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
2022-03-08 10:19:06 +01:00
Nicolas De Loof d47dcef1a6
use golangci-lint-action
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-17 18:10:28 +01:00
Ulysses Souza ce7a2412b1 Add dependabot
Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com>
2021-12-14 16:19:41 +01:00
Ulysses Souza 8ae8d99528 Use build tags for selecting e2e test mode
Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com>
2021-12-09 10:52:18 +01:00