Skip to content

Commit

Permalink
[go] upgrade to 1.23 (#283)
Browse files Browse the repository at this point in the history 
Update build dependencies and perform required maintenance + chore tasks for the upgrade to go-1.23
----------------------------
build: bump containerd/containerd to 1.7.24
build: bump github.com/golang-jwt/jwt/v4
build: bump github.com/golang-jwt/jwt/v4 to v4.5.1
build: bump k8s.io/apiserver to v0.32.1
build: bump versions for github actions
build: go module updates
build: go.mod upgrade and update to 1.23
build: udpate go github action workflow
build: udpate release github action workflow
build: update .golangci.yml for deprecations
build: update .nancy-ignore for unused packages
build: update allowed compilers for 1.23
build: update for multiarchitecture builds and upx installation
build: update github action workflow for go 1.23
build: update github.com/containerd/containerd v1.7.25
build: update github.com/containerd/imgcrypt
build: update github.com/containerd/imgcrypt@v1.1.11
build: update golangci configuration
build: update security workflow for go1.23
build: update tools for golangci-lint for github dependency matching
fix: error check for fernet keygeneration output
fix: rand.Seed deprecated
fix: remove reference to SSL30
fix: update bundle-remapper example
fix: update celPackageGetSecret with correct type
fix: update golang version to 1.23.2
fix: update paseto transformer with required inputs
----------------------------

Signed-off-by: Ben Stickel <ben.stickel@elastic.co>
  • Loading branch information
@fin09pcap
fin09pcap authored Jan 27, 2025
1 parent dea6965 commit 4733361
Show file tree
Hide file tree
Showing 121 changed files with 1,894 additions and 4,642 deletions.
2 changes: 1 addition & 1 deletion .github/CODEOWNERS
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
* @Zenithar
* @fin09pcap
2 changes: 1 addition & 1 deletion .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.19
go-version: 1.23
-
name: Build Harp
run: |
Expand Down
61 changes: 30 additions & 31 deletions .github/workflows/go.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,50 +26,49 @@ concurrency:
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

jobs:
# Check if there any dirty change for go mod tidy
# Check if there are any dirty change for go mod tidy
go-mod:
name: "Check go modules declaration"
runs-on: ubuntu-latest
steps:
-
name: Install Go
uses: actions/setup-go@v3
uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: 1.23
-
name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Check go mod and go.sum
run: |
go mod tidy -v
git --no-pager diff go.mod go.sum
git --no-pager diff --quiet go.mod go.sum
# Try compile all binaries first
# Try to compile all binaries first
compile-dryrun:
name: "Compile"
strategy:
fail-fast: true
matrix:
go-version:
- "1.19"
- "1.18.10"
- "1.23.2"
runs-on: ubuntu-latest
needs: [golangci-lint, go-mod]
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
check-latest: true
-
name: Cache Go modules
uses: actions/cache@v3.0.3
uses: actions/cache@v4.2.0
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
Expand All @@ -90,14 +89,14 @@ jobs:
steps:
-
name: Install Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: 1.19
go-version: 1.23
-
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Lint code
uses: golangci/golangci-lint-action@v3
uses: golangci/golangci-lint-action@v6
with:
version: latest
args: --timeout=10m
Expand All @@ -109,15 +108,15 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Install Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: 1.19
go-version: 1.23
-
name: Cache Go modules
uses: actions/cache@v3.0.3
uses: actions/cache@v4.2.0
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
Expand All @@ -128,9 +127,9 @@ jobs:
run: go mod download
-
name: Setup gotestsum
uses: autero1/action-gotestsum@v1.0.0
uses: autero1/action-gotestsum@v2.0.0
with:
gotestsum_version: 1.7.0
gotestsum_version: 1.12.0
-
name: Run tests
run: gotestsum --format short-verbose ./pkg/...
Expand All @@ -142,12 +141,12 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Install Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: 1.19
go-version: 1.23.2
-
name: Cache Go modules
uses: actions/cache@v3.0.3
Expand All @@ -161,9 +160,9 @@ jobs:
run: go mod download
-
name: Setup gotestsum
uses: autero1/action-gotestsum@v1.0.0
uses: autero1/action-gotestsum@v2.0.0
with:
gotestsum_version: 1.7.0
gotestsum_version: 1.12.0
-
name: Run tests
run: gotestsum --format short-verbose ./pkg/...
Expand All @@ -175,15 +174,15 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Install Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: 1.19
go-version: 1.23.2
-
name: Cache Go modules
uses: actions/cache@v3.0.3
uses: actions/cache@v4.2.0
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
Expand All @@ -194,9 +193,9 @@ jobs:
run: go mod download
-
name: Setup gotestsum
uses: autero1/action-gotestsum@v1.0.0
uses: autero1/action-gotestsum@v2.0.0
with:
gotestsum_version: 1.7.0
gotestsum_version: 1.12.0
-
name: Run tests
run: gotestsum --format short-verbose ./pkg/...
9 changes: 4 additions & 5 deletions .github/workflows/releaser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,12 @@ jobs:
run: git fetch --prune --unshallow
-
name: Set up Go
uses: actions/setup-go@v3
uses: actions/setup-go@v4
with:
go-version: '1.19'
check-latest: true
go-version: '1.23.2'
-
name: Cache Go modules
uses: actions/cache@v3.0.3
uses: actions/cache@v4.2.0
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
Expand All @@ -47,7 +46,7 @@ jobs:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-
name: Install Cosign
uses: sigstore/cosign-installer@v2.3.0
uses: sigstore/cosign-installer@v3.7.0
-
name: Import Code-Signing Certificates
uses: Apple-Actions/import-codesign-certs@v1
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/security.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
-
uses: actions/setup-go@v3
with:
go-version: 1.19
go-version: 1.23
-
name: Run go list
run: go list -json -m all > go.list
Expand Down
45 changes: 19 additions & 26 deletions .golangci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,13 @@
issues:
exclude-dirs-use-default: true
uniq-by-line: true
exclude-files:
- ".*\\.pb\\.go$"
- ".*\\.gen\\.go$"
- ".*\\_gen\\.go$"
- "mock_.*\\.go"
- ".*\\.resolvers\\.go$"

run:
# default concurrency is a available CPU number
concurrency: 4
Expand All @@ -8,17 +18,6 @@ run:
# include test files or not, default is true
tests: false

skip-files:
- ".*\\.pb\\.go$"
- ".*\\.gen\\.go$"
- ".*\\_gen\\.go$"
- "mock_.*\\.go"
- ".*\\.resolvers\\.go$"

# default is true. Enables skipping of directories:
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
skip-dirs-use-default: true

# by default isn't set. If set we pass it to "go list -mod={option}". From "go help modules":
# If invoked with -mod=readonly, the go command is disallowed from the implicit
# automatic updating of go.mod described above. Instead, it fails when any changes
Expand All @@ -37,17 +36,14 @@ run:
output:
# colored-line-number|line-number|json|tab|checkstyle|code-climate|junit-xml|github-actions
# default is "colored-line-number"
format: colored-line-number
formats: colored-line-number

# print lines of code with issue, default is true
print-issued-lines: true

# print linter name in the end of issue text, default is true
print-linter-name: true

# make issues output unique by line, default is true
uniq-by-line: true

# add a prefix to the output file references; default is no prefix
path-prefix: ""

Expand Down Expand Up @@ -142,7 +138,7 @@ linters-settings:
# [deprecated] comma-separated list of pairs of the form pkg:regex
# the regex is used to ignore names within pkg. (default "fmt:.*").
# see https://github.com/kisielk/errcheck#the-deprecated-method for details
ignore: fmt:.*,io/ioutil:^Read.*
exclude-functions: fmt:.*,io/ioutil:^Read.*
exhaustive:
# check switch statements in generated files also
check-generated: false
Expand All @@ -151,8 +147,7 @@ linters-settings:
# switch
default-signifies-exhaustive: false
govet:
# report about shadowed variables
check-shadowing: true
shadow: true
goimports:
local: "github.com/elastic"
golint:
Expand All @@ -161,6 +156,9 @@ linters-settings:
simplify: true
gocyclo:
min-complexity: 15
gosec:
excludes:
- G115 # integer overflow conversion
misspell:
locale: US
lll:
Expand All @@ -170,7 +168,8 @@ linters-settings:
# put imports beginning with prefix after 3rd-party packages;
# only support one prefix
# if not set, use goimports.local-prefixes
local-prefixes: github.com/elastic
sections:
- prefix(github.com/elastic)
gocognit:
# minimal code complexity to report, 30 by default (but we recommend 10-20)
min-complexity: 20
Expand All @@ -182,11 +181,6 @@ linters-settings:
nestif:
# minimal complexity of if statements to report, 5 by default
min-complexity: 4
gomnd:
settings:
mnd:
# don't include the "operation" and "assign"
checks: argument,case,condition,return
unused:
# treat code as a program (not a library) and report unused exported identifiers; default is false.
# XXX: if you enable this setting, unused will report a lot of false-positives in text editors:
Expand Down Expand Up @@ -258,7 +252,7 @@ linters:
# - dupl
- errcheck
- errorlint
- exportloopref
- copyloopvar
- exhaustive
- forbidigo
- funlen
Expand All @@ -269,7 +263,6 @@ linters:
- gofmt
- goheader
- goimports
# - gomnd
- goprintffuncname
- gosec
- gosimple
Expand Down
44 changes: 26 additions & 18 deletions .nancy-ignore
View file
Original file line number Diff line number Diff line change
@@ -1,36 +1,44 @@
# consul issues - can be ignore because consul is not actively used as a server
CVE-2024-10086
CVE-2022-29153
# etcd issues - can be ignored because etcd is not used.
CVE-2020-15114
CVE-2020-15136
CVE-2020-15115
# end
# golang-jwt/jwt
CVE-2024-51744
# end
# go-jwt issues - can be ignored because not used
CVE-2020-26160
# end
# vault server indirect dependencies - false positive
CVE-2024-2660
CVE-2019-5736
# end
# kubernetes indirect dependencies - false positive
CVE-2020-8558
CVE-2019-11248
CVE-2019-11247
CVE-2018-1002102
CVE-2019-100210
CVE-2019-1002100
CVE-2019-1002101
CVE-2019-11243
CVE-2021-25741
CVE-2019-9946
CVE-2020-8552
CVE-2019-11253
CVE-2020-8559
CVE-2021-25735
CVE-2019-11244
CVE-2019-11246
CVE-2019-11247
CVE-2019-11248
CVE-2019-11249
CVE-2019-11250
CVE-2019-11251
CVE-2019-11253
CVE-2019-11254
CVE-2019-11249
CVE-2019-11246
CVE-2019-100210
CVE-2019-9946
CVE-2020-8552
CVE-2020-8555
CVE-2019-11251
CVE-2019-1002101
CVE-2020-8563
CVE-2020-8557
CVE-2019-11244
CVE-2019-1002100
CVE-2018-1002102
CVE-2020-8558
CVE-2020-8559
CVE-2020-8561
CVE-2020-8563
CVE-2021-25735
CVE-2021-25741
# end
Loading

0 comments on commit 4733361

Please sign in to comment.