Skip to content

Commit

Permalink
Upgrade go to 1.22 (#1625)
Browse files Browse the repository at this point in the history
* upgrade go to 1.22

Signed-off-by: cpanato <[email protected]>

* ci housekeeping

Signed-off-by: cpanato <[email protected]>

* fix lints

Signed-off-by: cpanato <[email protected]>

* update go.mod to pin on go1.21.9

Signed-off-by: cpanato <[email protected]>

---------

Signed-off-by: cpanato <[email protected]>
  • Loading branch information
cpanato authored Apr 9, 2024
1 parent 6a32b05 commit 84a3d4e
Show file tree
Hide file tree
Showing 19 changed files with 115 additions and 51 deletions.
19 changes: 19 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,34 @@ updates:
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
groups:
all:
update-types:
- "patch"
- package-ecosystem: "gomod"
directory: "./hack/tools"
schedule:
interval: "weekly"
groups:
all:
update-types:
- "minor"
- "patch"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
all:
update-types:
- "minor"
- "patch"
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "weekly"
groups:
all:
update-types:
- "minor"
- "patch"
10 changes: 7 additions & 3 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,15 @@ jobs:
- name: Checkout repository
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV
# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
name: Install protobuf
with:
Expand Down
10 changes: 7 additions & 3 deletions .github/workflows/container-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ jobs:
name: build
runs-on: ubuntu-latest

if: github.repository == 'sigstore/fulcio'

permissions:
id-token: write
contents: read
Expand All @@ -34,12 +36,14 @@ jobs:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0

- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV
# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- name: deps
run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev
Expand Down
14 changes: 11 additions & 3 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,16 @@ jobs:

steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
name: Install protobuf
with:
Expand All @@ -43,9 +48,12 @@ jobs:

- name: Build
run: make -C $GITHUB_WORKSPACE all

- name: Test
run: go test -v -coverprofile=coverage.txt -covermode=atomic ./...

- name: Upload Coverage Report
uses: codecov/codecov-action@7afa10ed9b269c561c2336fd862446844e0cbf71 # v4.2.0

- name: Ensure no files were modified as a result of the build
run: git update-index --refresh && git diff-index --quiet -I"^\/\/\s+(-\s+)?protoc(-gen-go)?\s+v[0-9]+\.[0-9]+\.[0-9]+$" HEAD -- || git diff -I"^\/\/\s+(-\s+)?protoc(-gen-go)?\s+v[0-9]+\.[0-9]+\.[0-9]+$" --exit-code
2 changes: 1 addition & 1 deletion .github/workflows/protoc-dependabot-hack.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:

dependabot_hack:
name: Ensure dependabot version checks
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:

# update the version in these places manually when Dependabot proposes a change to it here:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/validate-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ jobs:
steps:
- name: Check Signature
run: |
cosign verify ghcr.io/gythialy/golang-cross:v1.21.8-0@sha256:9c86fc6c6763cd5cd9a07f25083fc5a87f3525b5f8d7ff886822e2153f0c8405 \
cosign verify ghcr.io/gythialy/golang-cross:v1.22.2-0@sha256:642fda874607057c34dfbb2d7fce93dfa37bdb9dbc0cc74835d9c3157a7a0e89 \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
--certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.21.8-0"
--certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.22.2-0"
env:
TUF_ROOT: /tmp

Expand All @@ -44,7 +44,7 @@ jobs:
needs:
- check-signature
container:
image: ghcr.io/gythialy/golang-cross:v1.21.8-0@sha256:9c86fc6c6763cd5cd9a07f25083fc5a87f3525b5f8d7ff886822e2153f0c8405
image: ghcr.io/gythialy/golang-cross:v1.22.2-0@sha256:642fda874607057c34dfbb2d7fce93dfa37bdb9dbc0cc74835d9c3157a7a0e89

steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
Expand Down
20 changes: 15 additions & 5 deletions .github/workflows/verify-k8s.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,19 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
check-latest: true

- name: Install kubeval
run: go install github.com/instrumenta/[email protected]

- run: kubeval config/*.yaml

verify-k8s-deployment:
Expand Down Expand Up @@ -64,11 +70,15 @@ jobs:

steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- uses: ko-build/setup-ko@ace48d793556083a76f1e3e6068850c1f4a369aa # v0.6

Expand Down
45 changes: 33 additions & 12 deletions .github/workflows/verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,11 @@

name: Verify

on: [push, pull_request]
on:
push:
branches:
- main
pull_request:

permissions:
contents: read
Expand All @@ -26,13 +30,19 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- name: Install addlicense
run: go install github.com/google/[email protected]

- name: Check license headers
run: |
set -e
Expand All @@ -44,29 +54,40 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: deps
run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- name: golangci-lint
uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
timeout-minutes: 5
timeout-minutes: 10
with:
version: v1.55
version: v1.57

oidc-config:
name: oidc-config
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Extract version of Go to use
run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

# TODO: uncomment when we bump to go1.22 in go.mod
# - name: Extract version of Go to use
# run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ${{ env.GOVERSION }}
go-version: '1.22'
check-latest: true

- name: check-config
run: |
set -e
Expand Down
4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM golang:1.21.8@sha256:c82d4ad02c062cf2b393bf0374df26638c6fed3dfe52cdbd3635d4a7befab86e AS builder
FROM golang:1.22.2@sha256:c4fb952e712efd8f787bcd8e53fd66d1d83b7dc26adabc218e9eac1dbf776bdf AS builder
ENV APP_ROOT=/opt/app-root
ENV GOPATH=$APP_ROOT

Expand All @@ -28,7 +28,7 @@ RUN go build -o server main.go
RUN CGO_ENABLED=1 go build -gcflags "all=-N -l" -o server_debug main.go

# Multi-Stage production build
FROM golang:1.21.8@sha256:c82d4ad02c062cf2b393bf0374df26638c6fed3dfe52cdbd3635d4a7befab86e AS deploy
FROM golang:1.22.2@sha256:c4fb952e712efd8f787bcd8e53fd66d1d83b7dc26adabc218e9eac1dbf776bdf AS deploy

# Retrieve the binary from the previous stage
COPY --from=builder /opt/app-root/src/server /usr/local/bin/fulcio-server
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.ctfe_init
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM golang:1.21.8@sha256:c82d4ad02c062cf2b393bf0374df26638c6fed3dfe52cdbd3635d4a7befab86e AS builder
FROM golang:1.22.2@sha256:c4fb952e712efd8f787bcd8e53fd66d1d83b7dc26adabc218e9eac1dbf776bdf AS builder

WORKDIR /root/

Expand Down
2 changes: 1 addition & 1 deletion cmd/app/grpc.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ type grpcServer struct {
}

func PassFulcioConfigThruContext(cfg *config.FulcioConfig) grpc.UnaryServerInterceptor {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
return func(ctx context.Context, req interface{}, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
// For each request, infuse context with our snapshot of the FulcioConfig.
// TODO(mattmoor): Consider periodically (every minute?) refreshing the ConfigMap
// from disk, so that we don't need to cycle pods to pick up config updates.
Expand Down
2 changes: 1 addition & 1 deletion cmd/app/serve.go
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ func newServeCmd() *cobra.Command {
cmd.Flags().Duration("idle-connection-timeout", 30*time.Second, "The time allowed for connections (HTTP or gRPC) to go idle before being closed by the server")

// convert "http-host" flag to "host" and "http-port" flag to be "port"
cmd.Flags().SetNormalizeFunc(func(f *pflag.FlagSet, name string) pflag.NormalizedName {
cmd.Flags().SetNormalizeFunc(func(_ *pflag.FlagSet, name string) pflag.NormalizedName {
switch name {
case "http-port":
name = "port"
Expand Down
2 changes: 1 addition & 1 deletion cmd/fetch_ca_cert/fetch_ca_cert.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ func fetchCACertificate(ctx context.Context, parent, kmsKey, tinkKeysetPath, tin
if err != nil {
return nil, err
}
signer, _, err = kmsSigner.CryptoSigner(ctx, func(err error) {})
signer, _, err = kmsSigner.CryptoSigner(ctx, func(_ error) {})
if err != nil {
return nil, err
}
Expand Down
4 changes: 1 addition & 3 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
module github.com/sigstore/fulcio

go 1.21

toolchain go1.21.3
go 1.21.9

require (
chainguard.dev/go-grpc-kit v0.17.2
Expand Down
4 changes: 2 additions & 2 deletions pkg/api/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ import (
)

func TestUserAgentOption(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ts := httptest.NewServer(http.HandlerFunc(func(_ http.ResponseWriter, r *http.Request) {
if r.Header.Get("User-Agent") != "foo" {
t.Error(`expected user-agent to be set to "foo"`)
}
Expand All @@ -42,7 +42,7 @@ func TestUserAgentOption(t *testing.T) {
}

func TestTimeoutOption(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ts := httptest.NewServer(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {
time.Sleep(10 * time.Second)
}))

Expand Down
2 changes: 1 addition & 1 deletion pkg/ca/kmsca/kmsca.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func NewKMSCA(ctx context.Context, kmsKey string, certs []*x509.Certificate, opt
if err != nil {
return nil, err
}
signer, _, err := kmsSigner.CryptoSigner(ctx, func(err error) {})
signer, _, err := kmsSigner.CryptoSigner(ctx, func(_ error) {})
if err != nil {
return nil, err
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/log/log.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,12 +90,12 @@ func ContextLogger(ctx context.Context) *zap.SugaredLogger {

func SetupGRPCLogging() (*zap.Logger, []grpc_zap.Option) {
var options []grpc_zap.Option
options = append(options, grpc_zap.WithDecider(func(methodName string, err error) bool {
options = append(options, grpc_zap.WithDecider(func(_ string, _ error) bool {
// TODO: implement filters to eliminate health check log statements
return true
}))
options = append(options, grpc_zap.WithMessageProducer(
func(ctx context.Context, msg string, level zapcore.Level, code codes.Code, err error, duration zapcore.Field) {
func(ctx context.Context, msg string, _ zapcore.Level, code codes.Code, err error, duration zapcore.Field) {
var requestID zap.Field
if md, ok := metadata.FromIncomingContext(ctx); ok {
val := md.Get(string(requestIDMetadataKey))
Expand Down
Loading

0 comments on commit 84a3d4e

Please sign in to comment.