Commit Graph

40 Commits

Author SHA1 Message Date
Aliaksandr Valialkin
da6c85a2f6
all: follow-up for d99ba3481b 2022-07-13 17:17:08 +03:00
naveensrinivasan
21f80fa137
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-19 11:33:48 +03:00
Dima Lazerka
6e4d84c1f1
Add GitHub workflow for code scanning (#2453)
Add pre-generated workflow definition for GitHub's CodeQL code scanning.
2022-04-16 19:01:37 +03:00
Roman Khavronenko
1e9ba4d133
github/dependabot.yml: disable versions update for vmui (#2449)
The change disables versions autopupdate for vmui package.
The change has no impact on security updates, which have a separate,
internal limit of ten open pull requests.

See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-04-12 14:27:38 +03:00
Aliaksandr Valialkin
c461b39b21
Revert "Add check-rebased Github action (#2002)"
This reverts commit 2104330d4c.

This check doesn't work well for community pull requests, since third-party users
aren't motivated to rebase pull requests to branch head after they are created.

This check is useful for private repositories though.
2022-01-04 11:48:23 +02:00
Dima Lazerka
55b4436804
Add check-rebased Github action (#2002)
It will prevent merging in a branch that's not based on its base branch HEAD, leading to streamlined history.

Note it will not prevent squash commits, nor commits directly to base branch.
2022-01-03 16:57:10 +02:00
Aliaksandr Valialkin
566c9791be
Revert "Add .github/workflows/check-based-on-master (#1991)"
This reverts commit 06cf4e0f70.

This break merge requests to non-master branches - see https://github.com/VictoriaMetrics/VictoriaMetrics/pull/1993#issuecomment-999403963
2021-12-22 11:20:20 +02:00
Dima Lazerka
7462ff3e8c
Add .github/workflows/check-based-on-master (#1991) 2021-12-21 20:31:12 +02:00
Roman Khavronenko
8b67168609
ci: bump go version to 1.17 (#1895)
The bump was required for `vmalert` package.
`vmalert` docs now also contain an updated description.

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2021-12-02 14:51:45 +02:00
Aliaksandr Valialkin
6c1701d908
.github/workflows/main.yml: checkout code before installing dependencies
Dependencies depend on Makefile rules from the code, so code checkout must run first
2021-10-26 22:09:38 +03:00
Aliaksandr Valialkin
d65912e47c
.github/workflows/main.yml: re-use makefile rules for installing goling, errcheck and golangci-lint 2021-10-26 22:05:09 +03:00
Denys Holius
56970caded
fixed wrong path for npm dependabot checks (#1744) 2021-10-26 19:16:35 +03:00
Aliaksandr Valialkin
30d2876c6e .github/dependabot.yml: increase check intervals for gomod and docker ecosystems from daily to weekly
Daily checks are too verbose and result into too many automatic pull requests and commits
2021-09-01 16:08:31 +03:00
Artem Navoiev
c0420634ff add dependency chekcs for (#1535)
- ruby (for docs)
- gomod for monorepo
- npm for vmui
- gomod go small webserver in  vmui
2021-08-15 14:45:53 +03:00
Aliaksandr Valialkin
dea1cdd817 Revert ".github/dependabot.yml: remove automated dependency version checks"
This reverts commit 5b986c95dd.

This check verifies only dependencies needed for github-actions. This is OK.
2021-05-10 12:06:19 +03:00
Aliaksandr Valialkin
36a79b7fd3 Add make check-licenses rule for the ability to manually check licenses in vendored dependencies
This is a follow-up for c687536956
2021-05-10 12:01:37 +03:00
Aliaksandr Valialkin
15ad9deccf .github/dependabot.yml: remove automated dependency version checks
Dependency updates must be under manual control, since the resulting code diffs must be reviewed manually for the sake of security.
It is done with `make vendor-update` now.
2021-05-10 12:01:29 +03:00
Artem Navoiev
632eb82dbd Add vendor license checker, update codecov action, add dependbot for … (#1280)
* Add vendor license checker, update codecov action, add dependbot for github actions

* update gitingore, temprorary turn on check

* fix action name

* change action rules to trigger only when vendor changes

* remove obsolete line from main action
2021-05-10 12:01:20 +03:00
Aliaksandr Valialkin
402543e7c6 .github/workflows/main.yml: update Go version from v1.15 to v1.16 2021-03-01 12:14:14 +02:00
Aliaksandr Valialkin
7f1302688f lib/fs: follow-up after f3a03c4164 2021-02-27 01:09:37 +02:00
Aliaksandr Valialkin
7f4fb34182 app/vmctl: move vmctl code from github.com/VictoriaMetrics/vmctl
It is better developing vmctl tool in VictoriaMetrics repository, so it could be released
together with the rest of vmutils tools such as vmalert, vmagent, vmbackup, vmrestore and vmauth.
2021-02-01 01:18:39 +02:00
Aliaksandr Valialkin
a66af20686 .github/workflows/main.yml: fall back to go get instead of go install for installing aux tools
It is unclear why `go install` doesn't work in Github Actions. Needs additional investigation.
The following error is returned now:

cannot find package "golang.org/x/lint/golint" in any of:
	/opt/hostedtoolcache/go/1.15.5/x64/src/golang.org/x/lint/golint (from $GOROOT)
	/home/runner/go/src/golang.org/x/lint/golint (from $GOPATH)
2020-12-15 14:19:11 +02:00
Aliaksandr Valialkin
3f88e27d0f Do not set GO111MODULE=off during go install, since this doesnt work in Go1.14 and Go1.15 2020-12-15 13:14:41 +02:00
Aliaksandr Valialkin
e17ac90f59 .github/workflows/main.yml: set GO111MODULE=off when installing auxiliary tools via go install 2020-12-15 01:02:13 +02:00
Aliaksandr Valialkin
dafef21001 all: use go install instead of go get for installing auxiliary tools
This is a preparation for Go 1.16, which deprecates `go get` for installing binaries.
See https://tip.golang.org/doc/go1.16#go-command :

  go install, with or without a version suffix (as described above), is now the recommended way
  to build and install packages in module mode. go get should be used with the -d flag to adjust
  the current module's dependencies without building packages, and use of go get to build and install
  packages is deprecated. In a future release, the -d flag will always be enabled.
2020-12-14 20:07:20 +02:00
Artem Navoiev
9f1656145b update go action 2020-10-07 17:48:38 +03:00
Aliaksandr Valialkin
4e8fad94a5 .github/workflows: switch Go version from v1.14 to v1.15 2020-10-05 22:00:47 +03:00
Aliaksandr Valialkin
1e7452e501 .github/workflows: verify builds for vmagent, vmalert, vmbackup and vmrestore 2020-09-29 00:47:54 +03:00
Aliaksandr Valialkin
f68bf12a84 .github/workflows: verify that VictoriaMetrics can be built for GOOS=openbsd 2020-09-29 00:45:38 +03:00
Aliaksandr Valialkin
d1c8b0d6e9 .github/workflows: an attempt to fix loading of golangci-lint 2020-05-15 15:06:42 +03:00
Aliaksandr Valialkin
987fcce93d .github/workflows: install dependencies before code checkout
Othwerise dependencies' install mangles go.mod
2020-04-24 17:55:53 +03:00
Aliaksandr Valialkin
cf68c5f66a .github/workflows: enable Go modules when installing dependencies
Disabled Go modules broke golangci-lint build
2020-04-24 17:40:43 +03:00
Aliaksandr Valialkin
48320cffe0 .github/workflows: install golangci-lint at Dependencies step 2020-04-24 15:37:55 +03:00
Aliaksandr Valialkin
de7887fbf4 .github/workflows: update Go version in actions/setup-go from v1.13 to v1.14 2020-04-24 15:31:12 +03:00
Aliaksandr Valialkin
8d76795be5 .github/workflows: use master branch for 'actions/setup-go' and 'actions/checkout' 2020-04-24 14:42:06 +03:00
Aliaksandr Valialkin
7d7fbf890e app/{vmbackup,vmrestore}: add vmbackup and vmrestore tools for creating backups on s3 or gcs from instant snapshots
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/203
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/38
2019-11-07 21:26:43 +02:00
Aliaksandr Valialkin
5b01b7fb01 all: add support for GOARCH=386 and fix all the issues related to 32-bit architectures such as GOARCH=arm
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/212
2019-10-17 18:27:49 +03:00
Artem Navoiev
62b424bc4c [ci] github actions - run pipeline on pull request. Fix running of test in external PR from forks 2019-09-11 14:54:45 +03:00
Artem Navoiev
dc6e4151b0 [ci] bump version of go to 1.13 in github actions config 2019-09-08 19:52:05 +03:00
Aliaksandr Valialkin
8f81908b1f .github/workflows: added GitHub actions 2019-08-28 23:11:26 +03:00