Commit graph

214 commits

Author SHA1 Message Date
29ad32e6d0
Merge pull request #366 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-4.0.0
Bump sonarsource/sonarqube-scan-action from 3.1.0 to 4.0.0
2024-11-13 14:40:23 +01:00
dependabot[bot]
2f97ebabd3
Bump github/codeql-action from 3.27.2 to 3.27.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.2 to 3.27.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9278e42166...396bb3e453)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-13 13:31:52 +00:00
dependabot[bot]
ea70b21c90
Bump sonarsource/sonarqube-scan-action from 3.1.0 to 4.0.0
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 3.1.0 to 4.0.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](13990a6956...94d4f8ac4a)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-13 13:31:45 +00:00
dependabot[bot]
cff789883f
Bump github/codeql-action from 3.27.1 to 3.27.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4f3212b617...9278e42166)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-12 13:13:53 +00:00
935a523fa7
Change license to MIT
Updated SPDX identifiers from CC0-1.0 to MIT across multiple files, including `.github`, `CONTRIBUTING.md`, `README.md`, and more. Deleted the `LICENSES/CC0-1.0.txt` file as it is no longer relevant.
2024-11-11 20:16:09 +01:00
dependabot[bot]
5d977e7206
Bump github/codeql-action from 3.27.0 to 3.27.1
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](662472033e...4f3212b617)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-11 13:21:05 +00:00
dependabot[bot]
a3ef47ac93
Bump sonarsource/sonarqube-scan-action from 3.0.0 to 3.1.0
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](884b79409b...13990a6956)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-08 14:05:00 +00:00
ec10e0b132
Remove redundant upgrade command in CI workflow
The `sudo apt-get -y upgrade` command was removed from the CI workflow's "Install sendmail" step. This change simplifies the installation process by ensuring only the necessary updates and installations are performed, which can contribute to faster and more reliable CI runs.
2024-11-01 16:36:06 +01:00
0fcde10768
Remove output redirection from sendmail install
This change ensures that the output of the apt-get commands is no longer redirected to /dev/null. This aids in debugging by making command outputs visible in the CI logs.
2024-11-01 16:33:48 +01:00
d7e0b48567
Merge pull request #350 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.4.0
Bump actions/dependency-review-action from 4.3.5 to 4.4.0
2024-10-29 14:59:58 +01:00
dependabot[bot]
9ea960b796
Bump sonarsource/sonarqube-quality-gate-action
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action) from dc2f7b0dd95544cd550de3028f89193576e958b9 to 8406f4f1edaffef38e9fb9c53eb292fc1d7684fa.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases)
- [Commits](dc2f7b0dd9...8406f4f1ed)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-29 13:17:03 +00:00
dependabot[bot]
fc3d9749c0
Bump actions/dependency-review-action from 4.3.5 to 4.4.0
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.5 to 4.4.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](a6993e2c61...4081bf99e2)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-29 13:16:58 +00:00
8bc9b8b7fd
Add base-ref and head-ref to Dependency Review action
This update ensures that the Dependency Review action has the correct references for base and head in pull request events. It helps in accurately reviewing dependency changes between the branches. Reference: https://github.com/actions/dependency-review-action/issues/456#issuecomment-1537840047
2024-10-28 22:59:16 +01:00
d39953c837
Update environment variables in CI workflow
Standardize variables by using expressions for consistency. This change ensures that all environment variables for Unix and Sendmail tests are sourced from GitHub variables.
2024-10-28 16:32:24 +01:00
e7e0fe03bb
Remove redundant OS version from CI matrix
This commit eliminates the duplication of the '14.1' OS version in the CI workflow matrix configuration. Simplifying the matrix helps in avoiding redundant test runs and ensures a clearer CI process.
2024-10-27 21:00:22 +01:00
c0c4049964
Enable Unix write tests and fix OS version matrix.
Added a test environment variable to control Unix write tests and included their setup in the test function. Also corrected the OS version matrix by uncommenting '14.0' and '13.4'.
2024-10-27 20:59:24 +01:00
e74adb8b90
Update CI configuration for FreeBSD
Commented out older OS versions and added no copyback option. Adjusted the go test run step to include workspace directory change.
2024-10-27 18:22:22 +01:00
7b9df7de47
Remove harden-runner step from CI workflow
The harden-runner step has been removed from the FreeBSD testing matrix in the CI workflow. This change simplifies the workflow and removes an additional security auditing step.
2024-10-27 17:55:12 +01:00
bdffa22ad8
Remove duplicate Go test step from CI workflow
Eliminated a redundant "Run go test" step from the GitHub Actions CI configuration. This helps streamline the workflow and avoid unnecessary repetitions in the CI process.
2024-10-27 17:50:36 +01:00
89f29b241e
Add FreeBSD testing to CI workflow
Included FreeBSD versions 13.4, 14.0, and 14.1 in the CI pipeline. Configured the workflow to harden the runner, checkout code, and run tests on the FreeBSD virtual machine.
2024-10-27 17:49:04 +01:00
90e3162a22
Update CI to support older Go versions
Added Go 1.19 and 1.20 to the CI matrix to extend compatibility testing. This ensures that our project continues to work with these older versions of Go.
2024-10-26 17:11:21 +02:00
a815c58571
Update CI workflow to install nullmailer instead of ssmtp
Replacing ssmtp with nullmailer ensures better compatibility with the updated email delivery requirements. The DEBIAN_FRONTEND=noninteractive parameter was also added to avoid interactive prompts during installation.
2024-10-26 16:45:07 +02:00
c33900ca29
Add sudo to apt-get commands in CI workflow
Previously, the apt-get commands lacked the necessary sudo prefix, which could lead to permission issues during the CI process. This change ensures that updates, upgrades, and installations are executed with the appropriate permissions.
2024-10-26 16:26:49 +02:00
4b8bf0507d
Update CI workflow and sendmail test condition
Add the TEST_SENDMAIL environment variable for better control over sendmail tests. Optimize sendmail installation in CI by updating and installing ssmtp. Modify tests to check if TEST_SENDMAIL is set to "true" before running.
2024-10-26 16:25:42 +02:00
9072aef355
Remove support for Go 1.19 and 1.20 in CI workflow
This commit updates the CI configuration to no longer test against Go versions 1.19 and 1.20. The supported Go versions are now 1.21, 1.22, and 1.23, ensuring the CI pipeline aligns with our current support policy.
2024-10-26 15:58:13 +02:00
3aef85e324
Add SPDX license headers to CI workflow file
This change adds SPDX license headers to the .github/workflows/ci.yml file to ensure proper attribution and compliance with the MIT license. The added headers include copyright information and the applicable license type.
2024-10-26 15:57:27 +02:00
f82ac0c5ae
Update concurrency group names in GitHub Actions
This change modifies the concurrency group names to include OS and Go version for better differentiation. This prevents conflicts and ensures that concurrent jobs are properly managed based on their specific matrices.
2024-10-26 15:52:27 +02:00
eeccee0d94
Add checkout step to CI workflow
Ensure CI workflow has access to the latest code by adding a checkout step. This change is necessary for the golangci-lint action to function correctly with the most recent codebase.
2024-10-26 15:50:14 +02:00
9c57ba56cf
Add 'runs-on' directive to lint and govulncheck steps
This ensures the lint and vulnerability check steps run on the 'ubuntu-latest' environment. Establishing a clear execution environment helps maintain consistency across CI runs.
2024-10-26 15:48:10 +02:00
4d4aa1e1df
Add runs-on parameter to dependency review job
This change specifies that the dependency review job should run on the latest version of Ubuntu. It ensures consistency and clarity in the workflow configuration. This modification helps avoid potential issues related to unspecified runner environments.
2024-10-26 15:47:04 +02:00
12e9a0cb5d
Simplify CI workflow branch checks
Removed file path filters on branch triggers in the CI workflow configuration. This allows the CI to run for any changes made in the main branch, ensuring broader test coverage and catching issues early.
2024-10-26 15:37:07 +02:00
9e6c1f0417
Consolidate CI workflows into a single file
Merged separate workflows for Codecov, dependency-review, golangci-lint, govulncheck, offline-tests, reuse compliance, and SonarQube into a unified CI workflow file in `.github/workflows/ci.yml`. This restructuring simplifies our CI setup and ensures more consistent and efficient pipeline management.
2024-10-26 15:33:05 +02:00
dependabot[bot]
87c0575dd4
Bump actions/setup-go from 5.0.2 to 5.1.0
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](0a12ed9d6a...41dfa10bad)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-25 13:39:33 +00:00
dependabot[bot]
9ad77012e3
Bump github/codeql-action from 3.26.13 to 3.27.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f779452ac5...662472033e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 13:16:56 +00:00
dependabot[bot]
63e6fc882d
Bump actions/dependency-review-action from 4.3.4 to 4.3.5
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](5a2ce3f5b9...a6993e2c61)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-22 13:10:46 +00:00
dependabot[bot]
495794184d
Bump github/codeql-action from 3.26.12 to 3.26.13
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](c36620d31a...f779452ac5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 13:18:14 +00:00
dependabot[bot]
7bc19a11dd
Bump actions/upload-artifact from 4.4.2 to 4.4.3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](84480863f2...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-10 13:40:06 +00:00
dependabot[bot]
295390999e
Bump actions/upload-artifact from 4.4.1 to 4.4.2
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](604373da63...84480863f2)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-09 14:07:22 +00:00
0ee1449850
Merge pull request #330 from wneessen/dependabot/github_actions/github/codeql-action-3.26.12
Bump github/codeql-action from 3.26.11 to 3.26.12
2024-10-08 16:00:46 +02:00
dependabot[bot]
44d6a3333f
Bump actions/upload-artifact from 4.4.0 to 4.4.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...604373da63)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 13:54:45 +00:00
dependabot[bot]
4d0e3e2215
Bump github/codeql-action from 3.26.11 to 3.26.12
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.11 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6db8d6351f...c36620d31a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 13:54:42 +00:00
d931050a6f
Update GitHub Actions paths for Go and workflow files
This commit refines the paths in GitHub Actions workflows to more precisely track changes in Go-related files and specific workflow files. General `.github/**` paths have been replaced with explicit references to relevant workflow files within `.github/workflows`.
2024-10-04 15:28:22 +02:00
dependabot[bot]
fe36f3b294
Bump github/codeql-action from 3.26.10 to 3.26.11
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.10 to 3.26.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e2b3eafc8d...6db8d6351f)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-04 13:17:57 +00:00
6f10892d0b
Reduce Go versions in Codecov workflow to only 1.23
This commit updates the Codecov GitHub Actions workflow to run only on Go version 1.23, removing support for 1.19 and 1.20. Simplifying to a single Go version aims to streamline the testing process and reduce potential compatibility issues.
2024-10-03 16:01:58 +02:00
8f596ffae7
Add offline tests workflow and clean up SonarQube config
Introduce a new offline tests workflow to validate Go code across multiple OS and Go versions. This commit also removes unused environment variables and updates the Go version syntax in the SonarQube workflow.
2024-10-03 16:00:58 +02:00
dependabot[bot]
94ed5646c5
Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](aaa42aa062...971e284b60)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-03 13:39:45 +00:00
a41639ec07
Fix secret reference and improve test command options
Corrected the reference for `TEST_PASS_SCRAM` in both workflows. Simplified the Go test command in `codecov.yml` and added the `shuffle=on` option for better test randomness in `sonarqube.yml`.
2024-10-02 16:50:45 +02:00
2bde374d2c
Merge pull request #313 from wneessen/dependabot/github_actions/codecov/codecov-action-4.6.0
Bump codecov/codecov-action from 4.5.0 to 4.6.0
2024-10-02 15:57:23 +02:00
97ad132965
Merge pull request #314 from wneessen/dependabot/github_actions/golang/govulncheck-action-1.0.4
Bump golang/govulncheck-action from 1.0.3 to 1.0.4
2024-10-02 15:57:09 +02:00
cbba4d83d1
Add SCRAM authentication to CI workflows
This commit introduces SCRAM authentication configurations to both `codecov.yml` and `sonarqube.yml` GitHub Action workflow files. The changes include new environment variables for SCRAM host, user, and password to enhance the security and flexibility of the CI processes.
2024-10-02 15:51:56 +02:00