Commit graph

189 commits

Author SHA1 Message Date
bdffa22ad8
Remove duplicate Go test step from CI workflow
Eliminated a redundant "Run go test" step from the GitHub Actions CI configuration. This helps streamline the workflow and avoid unnecessary repetitions in the CI process.
2024-10-27 17:50:36 +01:00
89f29b241e
Add FreeBSD testing to CI workflow
Included FreeBSD versions 13.4, 14.0, and 14.1 in the CI pipeline. Configured the workflow to harden the runner, checkout code, and run tests on the FreeBSD virtual machine.
2024-10-27 17:49:04 +01:00
90e3162a22
Update CI to support older Go versions
Added Go 1.19 and 1.20 to the CI matrix to extend compatibility testing. This ensures that our project continues to work with these older versions of Go.
2024-10-26 17:11:21 +02:00
a815c58571
Update CI workflow to install nullmailer instead of ssmtp
Replacing ssmtp with nullmailer ensures better compatibility with the updated email delivery requirements. The DEBIAN_FRONTEND=noninteractive parameter was also added to avoid interactive prompts during installation.
2024-10-26 16:45:07 +02:00
c33900ca29
Add sudo to apt-get commands in CI workflow
Previously, the apt-get commands lacked the necessary sudo prefix, which could lead to permission issues during the CI process. This change ensures that updates, upgrades, and installations are executed with the appropriate permissions.
2024-10-26 16:26:49 +02:00
4b8bf0507d
Update CI workflow and sendmail test condition
Add the TEST_SENDMAIL environment variable for better control over sendmail tests. Optimize sendmail installation in CI by updating and installing ssmtp. Modify tests to check if TEST_SENDMAIL is set to "true" before running.
2024-10-26 16:25:42 +02:00
9072aef355
Remove support for Go 1.19 and 1.20 in CI workflow
This commit updates the CI configuration to no longer test against Go versions 1.19 and 1.20. The supported Go versions are now 1.21, 1.22, and 1.23, ensuring the CI pipeline aligns with our current support policy.
2024-10-26 15:58:13 +02:00
3aef85e324
Add SPDX license headers to CI workflow file
This change adds SPDX license headers to the .github/workflows/ci.yml file to ensure proper attribution and compliance with the MIT license. The added headers include copyright information and the applicable license type.
2024-10-26 15:57:27 +02:00
f82ac0c5ae
Update concurrency group names in GitHub Actions
This change modifies the concurrency group names to include OS and Go version for better differentiation. This prevents conflicts and ensures that concurrent jobs are properly managed based on their specific matrices.
2024-10-26 15:52:27 +02:00
eeccee0d94
Add checkout step to CI workflow
Ensure CI workflow has access to the latest code by adding a checkout step. This change is necessary for the golangci-lint action to function correctly with the most recent codebase.
2024-10-26 15:50:14 +02:00
9c57ba56cf
Add 'runs-on' directive to lint and govulncheck steps
This ensures the lint and vulnerability check steps run on the 'ubuntu-latest' environment. Establishing a clear execution environment helps maintain consistency across CI runs.
2024-10-26 15:48:10 +02:00
4d4aa1e1df
Add runs-on parameter to dependency review job
This change specifies that the dependency review job should run on the latest version of Ubuntu. It ensures consistency and clarity in the workflow configuration. This modification helps avoid potential issues related to unspecified runner environments.
2024-10-26 15:47:04 +02:00
12e9a0cb5d
Simplify CI workflow branch checks
Removed file path filters on branch triggers in the CI workflow configuration. This allows the CI to run for any changes made in the main branch, ensuring broader test coverage and catching issues early.
2024-10-26 15:37:07 +02:00
9e6c1f0417
Consolidate CI workflows into a single file
Merged separate workflows for Codecov, dependency-review, golangci-lint, govulncheck, offline-tests, reuse compliance, and SonarQube into a unified CI workflow file in `.github/workflows/ci.yml`. This restructuring simplifies our CI setup and ensures more consistent and efficient pipeline management.
2024-10-26 15:33:05 +02:00
dependabot[bot]
87c0575dd4
Bump actions/setup-go from 5.0.2 to 5.1.0
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](0a12ed9d6a...41dfa10bad)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-25 13:39:33 +00:00
dependabot[bot]
9ad77012e3
Bump github/codeql-action from 3.26.13 to 3.27.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f779452ac5...662472033e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 13:16:56 +00:00
dependabot[bot]
63e6fc882d
Bump actions/dependency-review-action from 4.3.4 to 4.3.5
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](5a2ce3f5b9...a6993e2c61)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-22 13:10:46 +00:00
dependabot[bot]
495794184d
Bump github/codeql-action from 3.26.12 to 3.26.13
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](c36620d31a...f779452ac5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 13:18:14 +00:00
dependabot[bot]
7bc19a11dd
Bump actions/upload-artifact from 4.4.2 to 4.4.3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](84480863f2...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-10 13:40:06 +00:00
dependabot[bot]
295390999e
Bump actions/upload-artifact from 4.4.1 to 4.4.2
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](604373da63...84480863f2)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-09 14:07:22 +00:00
0ee1449850
Merge pull request #330 from wneessen/dependabot/github_actions/github/codeql-action-3.26.12
Bump github/codeql-action from 3.26.11 to 3.26.12
2024-10-08 16:00:46 +02:00
dependabot[bot]
44d6a3333f
Bump actions/upload-artifact from 4.4.0 to 4.4.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...604373da63)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 13:54:45 +00:00
dependabot[bot]
4d0e3e2215
Bump github/codeql-action from 3.26.11 to 3.26.12
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.11 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6db8d6351f...c36620d31a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 13:54:42 +00:00
d931050a6f
Update GitHub Actions paths for Go and workflow files
This commit refines the paths in GitHub Actions workflows to more precisely track changes in Go-related files and specific workflow files. General `.github/**` paths have been replaced with explicit references to relevant workflow files within `.github/workflows`.
2024-10-04 15:28:22 +02:00
dependabot[bot]
fe36f3b294
Bump github/codeql-action from 3.26.10 to 3.26.11
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.10 to 3.26.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e2b3eafc8d...6db8d6351f)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-04 13:17:57 +00:00
6f10892d0b
Reduce Go versions in Codecov workflow to only 1.23
This commit updates the Codecov GitHub Actions workflow to run only on Go version 1.23, removing support for 1.19 and 1.20. Simplifying to a single Go version aims to streamline the testing process and reduce potential compatibility issues.
2024-10-03 16:01:58 +02:00
8f596ffae7
Add offline tests workflow and clean up SonarQube config
Introduce a new offline tests workflow to validate Go code across multiple OS and Go versions. This commit also removes unused environment variables and updates the Go version syntax in the SonarQube workflow.
2024-10-03 16:00:58 +02:00
dependabot[bot]
94ed5646c5
Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](aaa42aa062...971e284b60)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-03 13:39:45 +00:00
a41639ec07
Fix secret reference and improve test command options
Corrected the reference for `TEST_PASS_SCRAM` in both workflows. Simplified the Go test command in `codecov.yml` and added the `shuffle=on` option for better test randomness in `sonarqube.yml`.
2024-10-02 16:50:45 +02:00
2bde374d2c
Merge pull request #313 from wneessen/dependabot/github_actions/codecov/codecov-action-4.6.0
Bump codecov/codecov-action from 4.5.0 to 4.6.0
2024-10-02 15:57:23 +02:00
97ad132965
Merge pull request #314 from wneessen/dependabot/github_actions/golang/govulncheck-action-1.0.4
Bump golang/govulncheck-action from 1.0.3 to 1.0.4
2024-10-02 15:57:09 +02:00
cbba4d83d1
Add SCRAM authentication to CI workflows
This commit introduces SCRAM authentication configurations to both `codecov.yml` and `sonarqube.yml` GitHub Action workflow files. The changes include new environment variables for SCRAM host, user, and password to enhance the security and flexibility of the CI processes.
2024-10-02 15:51:56 +02:00
dependabot[bot]
3f3b21348f
Bump golang/govulncheck-action from 1.0.3 to 1.0.4
Bumps [golang/govulncheck-action](https://github.com/golang/govulncheck-action) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/golang/govulncheck-action/releases)
- [Commits](dd0578b371...b625fbe08f)

---
updated-dependencies:
- dependency-name: golang/govulncheck-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-02 13:45:37 +00:00
dependabot[bot]
e037df43a7
Bump codecov/codecov-action from 4.5.0 to 4.6.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e28ff129e5...b9fd7d16f6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-02 13:45:34 +00:00
dependabot[bot]
012082978d
Bump github/codeql-action from 3.26.9 to 3.26.10
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.9 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](461ef6c76d...e2b3eafc8d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 13:36:41 +00:00
077c85bea0
Merge pull request #305 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-884b79409bbd464b2a59edc326a4b77dc56b2195
Bump sonarsource/sonarqube-scan-action from f885e52a7572cf7943f28637e75730227df2dbf2 to 884b79409bbd464b2a59edc326a4b77dc56b2195
2024-09-25 16:00:56 +02:00
dependabot[bot]
b97073db19
Bump github/codeql-action from 3.26.8 to 3.26.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.8 to 3.26.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](294a9d9291...461ef6c76d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-25 13:58:44 +00:00
dependabot[bot]
d75d990124
Bump sonarsource/sonarqube-scan-action
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from f885e52a7572cf7943f28637e75730227df2dbf2 to 884b79409bbd464b2a59edc326a4b77dc56b2195.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](f885e52a75...884b79409b)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-25 13:58:36 +00:00
dependabot[bot]
d6725b2d63
Bump sonarsource/sonarqube-scan-action
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 to f885e52a7572cf7943f28637e75730227df2dbf2.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](0c0f3958d9...f885e52a75)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-24 13:48:36 +00:00
8dfb121aec
Update Go versions in GitHub Actions workflow
Removed Go 1.21 and added Go 1.19 in the codecov.yml file to ensure compatibility with older projects and streamline the CI process. This helps in maintaining backward compatibility and avoids potential issues with unsupported Go versions.
2024-09-20 16:24:59 +02:00
dependabot[bot]
664b7299e6
Bump github/codeql-action from 3.26.7 to 3.26.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.7 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8214744c54...294a9d9291)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-19 13:44:59 +00:00
dependabot[bot]
68109ed40d
Bump github/codeql-action from 3.26.6 to 3.26.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.6 to 3.26.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4dd16135b6...8214744c54)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 13:46:00 +00:00
dependabot[bot]
6d9829776a
Bump step-security/harden-runner from 2.9.1 to 2.10.1
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](5c7944e73c...91182cccc0)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-11 14:09:18 +00:00
dependabot[bot]
6f97bd59b9
Bump actions/upload-artifact from 4.3.6 to 4.4.0
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](834a144ee9...50769540e7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-02 14:04:59 +00:00
dependabot[bot]
fa05b38e31
Bump sonarsource/sonarqube-quality-gate-action
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action) from 72f24ebf1f81eda168a979ce14b8203273b7c3ad to dc2f7b0dd95544cd550de3028f89193576e958b9.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases)
- [Commits](72f24ebf1f...dc2f7b0dd9)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-30 13:19:01 +00:00
dependabot[bot]
52e8265f97
Bump github/codeql-action from 3.26.5 to 3.26.6
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.5 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2c779ab0d0...4dd16135b6)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-29 13:59:21 +00:00
dependabot[bot]
1ea51e2a41
Bump github/codeql-action from 3.26.4 to 3.26.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.4 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f0f3afee80...2c779ab0d0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 14:05:22 +00:00
dependabot[bot]
57139ae50a
Bump github/codeql-action from 3.26.3 to 3.26.4
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.3 to 3.26.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](883d8588e5...f0f3afee80)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 14:05:22 +00:00
dependabot[bot]
7fbcfcc3f8
Bump github/codeql-action from 3.26.2 to 3.26.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.2 to 3.26.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](429e197704...883d8588e5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-20 13:15:19 +00:00
8b69fa92ae
Update Go version in SonarQube workflow
Bump Go version from 1.22.x to 1.23.x in the SonarQube GitHub Actions workflow. This ensures compatibility with the latest features and improvements in Go.
2024-08-16 10:30:20 +02:00