Commit Graph

400 Commits

Author SHA1 Message Date
Michael Zalimeni d3ad840d8c
[NET-8953] docs: add backport policy section to CONTRIBUTING (#21252)
docs: add backport policy section to CONTRIBUTING

Add detail about Consul's backport policy w.r.t. LTS/CE.

Also update label docs and remove defunct redirect .md files.
2024-06-04 12:46:20 -04:00
Michael Zalimeni 4edf369313
[NET-8953] ci: disable Ent-only nightly tests on CE (#21242)
ci: disable Ent-only nightly tests on CE
2024-06-03 19:09:59 +00:00
Michael Zalimeni 9fb50fa769
Fix Consul versions in nightly 1.19 int tests (#21226)
We should be testing against n-2 + LTS, so we need to replace 1.16 with 1.18.
2024-05-28 12:55:52 -04:00
Dan Stough 54a545d0db
build: prepare for 1.20.0 dev (#21219) 2024-05-24 22:00:14 -04:00
Dan Stough f3d1a8bc78
build: set go-build reproducible to false (#21218) 2024-05-24 15:32:59 -04:00
Dan Stough f70fcab2ab
build: bandaid for action-go-build clean flag (#21217) 2024-05-24 18:54:54 +00:00
Michael Zalimeni d2b107ffe5
ci: update BPA to disable inactive CE backports (#21214)
Follow-up to #21094, which temporarily downgraded BPA to allow for old
CE backport labels to be used during Consul's most recent patch release.

Upgrading fully enforces the version manifest and prevents accidental
backports to no-longer-active CE versions.
2024-05-24 13:52:38 -04:00
Dan Stough cf1c030043
feat: update supported envoy to 1.29 (#21142) 2024-05-24 13:26:07 -04:00
NicoletaPopoviciu d5e92da8af
Update Vault/Nomad versions. (#21193)
* Update Vault/Nomad versions.

* Update test-integrations.yml

amend vault versions

* add nomad binary path to GITHUB_PATH

---------

Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2024-05-22 14:43:04 -04:00
Dan Stough f12ba3f2a5
chore: fix PR Labeler config (#21141)
chore: fix PR labeler config format
2024-05-20 16:25:59 -04:00
Dan Stough 94791f76b5
build: update gha to latest approved tsccr (#21061)
* build: update gha to latest approved tsccr

* chore: update hashicorp gha versions

* fix: update upload artifact workload to have unique ids
2024-05-14 15:49:03 -04:00
Michael Zalimeni d312d0461b
ci: temporarily re-enable retired CE backport labels (#21094)
To ease migration during this week's patch releases, temporarily use the
more permissive version of BPA to allow old + new backport labels to be
used simultaneously.
2024-05-13 18:01:16 +00:00
Jeanne Angeles Franco 0b03a9251e
Roll bpa version and cleanup (#21090) 2024-05-13 16:35:00 +00:00
Jeanne Angeles Franco f51d08052b
Backport assistant onboarding with LTS support #9224 (#21058)
* Config changes to use backport-assistant with lts support

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>

---------

Co-authored-by: claire labry <claire@hashicorp.com>
Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
2024-05-08 10:55:28 -07:00
Michael Zalimeni 093618d923
[NET-9141] ci: skip LICENSE copy for Ent linux packages (#21060)
ci: skip LICENSE copy for Ent linux packages
2024-05-07 12:02:02 -04:00
wangxinyi7 4ad1757dfe
add license file (#21035) 2024-05-03 15:10:04 -07:00
Dan Stough 1793b506d5
chore: fix JIRA workflow (#21037)
fix JIRA workflow
2024-05-03 14:07:12 -04:00
Dan Stough 37e3ebe564
chore: remove workstream from JIRA sync (#21031) 2024-05-02 15:18:17 -04:00
Deniz Onur Duzgun 3a6f2fba18
security: bump envoy version and k8s.io/apimachinery (#21017)
* security: bump envoy version

* add changelog
2024-05-02 13:36:02 -04:00
Michael Zalimeni ad23e96a32
ci: fix Envoy int test versions (#20964)
Follow-up to #20956
2024-04-08 21:27:38 +00:00
Deniz Onur Duzgun 3152ac3702
security: bump go, x/net and envoy versions (#20956)
* Bump go version

* Bump x/net

* Bump envoy version

* Add changelog

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
2024-04-08 19:18:40 +00:00
R.B. Boyer 235747d473
deployer: add a bunch of test coverage and fix a few panics (#20694)
This adds a bunch of coverage of the topology.Compile method. It is not complete, but it is a start.

- A few panics and miscellany were fixed.
- The testing/deployer tests are now also run in CI.
2024-02-22 13:31:50 -06:00
Michael Zalimeni 5862c52642
[NET-7948] Bump Envoy version to address multiple CVEs (#20589)
security: Bump Envoy versions to address CVEs
2024-02-12 22:29:50 +00:00
skpratt 57bad0df85
add traffic permissions excludes and tests (#20453)
* add traffic permissions tests

* review fixes

* Update internal/mesh/internal/controllers/sidecarproxy/builder/local_app.go

Co-authored-by: John Landa <jonathanlanda@gmail.com>

---------

Co-authored-by: John Landa <jonathanlanda@gmail.com>
2024-02-07 20:21:44 +00:00
NicoletaPopoviciu b7b9bb0e83
Update Vault/Nomad versions. (#20322)
Update Vault/Nomad versions to ensure we're testing all the latest versions.

Update Vault/Nomad versions to ensure we're testing all the latest versions .
2024-01-30 16:36:08 -05:00
Curt Bushko 48d1b059d2
add support for more envoy versions for LTS (#20358)
add support for more envoy versions for LTS
2024-01-29 16:46:51 -05:00
David Yu 1c1df4530c
GHA: Update broken-link-check.yml to check once a month (#20368)
Update broken-link-check.yml
2024-01-26 16:11:27 -08:00
Michael Zalimeni a317064764
ci: Use Consul Go version for Vault int tests (#20219)
Unlike the Nomad tests (where Nomad is compiled from source and provides
the tests), Vault is installed as a binary, and local Consul tests are
run.

Fixes incorrect version change introduced in #20058.
2024-01-16 19:24:06 +00:00
John Murret d4b67677c6
always run agent tests alone on their own runner (#20199)
* always run agent tests alone on their own runner

* deal with runner count = 1

* prevent runners less than 2
2024-01-12 13:40:31 -07:00
Semir Patel 98dcfaf783
compliance: license checker to enforce MPL pre-EOY 2023 no longer necessary (#20175) 2024-01-12 09:35:38 -06:00
Michael Zalimeni 76b5de5039
[NET-4968] Upgrade Go to 1.21 (#20062)
* Upgrade Go to 1.21

* ci: detect Go backwards compatibility test version automatically

For our submodules and other places we choose to test against previous
Go versions, detect this version automatically from the current one
rather than hard-coding it.
2024-01-12 09:57:38 -05:00
John Murret 3fa4a21edd
remove the skipping of slow tests in go-tests-ce and go-test-enterprise (#20139)
* remove the skipping of slow tests in go-tests-ce and go-test-enterprise

* add license header
2024-01-10 20:39:34 -07:00
Michael Zalimeni 3b111277ad
ci: Single source of truth for Go version in CI and Dockerfile (#20058)
ci: Set Go version consistently via .go-version

Ensure Go version is determined consistently for CI and Docker builds
rather than spread across several different files.

The intent is to eventually replace this with use of the `toolchain`
directive in Go 1.21.
2024-01-08 17:18:41 -05:00
cskh 3b94efa8de
Fix upgrade test envoy version (#20075)
* ci: fix envoy version in upgrade test
2024-01-03 11:29:05 -05:00
Michael Zalimeni a1c0115a74
ci: increase runner size for security scans (#20068)
We've noticed runners appearing to become resource-starved during heavy
CI traffic. While we should try to prevent this by limiting the
scanner's CPU consumption, increasing the runner size should help in the
interim.
2024-01-02 17:53:35 +00:00
John Murret 62a07b4204
update makefile, compatibility tests, and nightlies to use latest envoy. (#20048) 2023-12-22 15:56:48 +00:00
Michael Zalimeni d0bc091a60
[NET-6969] security: Re-enable Go Module + secrets security scans for release branches (#19978)
* security: re-enable security scan release block

This was previously disabled due to an unresolved false-positive CVE.
Re-enabling both secrets and OSV + Go Modules scanning, which per our
current scan results should not be a blocker to future releases.

* security: run security scans on main and release branches
2023-12-21 15:11:05 +00:00
Valeriia Ruban a87ab8b093
feat: updated github checks with frontend-test-ce end frontend-test-e… (#19995) 2023-12-20 12:47:24 -08:00
Michael Zalimeni 79e02f8a89
ci: upload test results to DataDog on test failure (#19956)
Due to the unintuitive behavior of GHA w.r.t. implicit status check
`success()`, test results were only being uploaded on success (failures
presumably came from retried tests that passed).
2023-12-14 23:13:04 +00:00
John Murret a5d5fd348b
fix actions to no longer use envoy 1.24.x to match supported versions. (#19918) 2023-12-12 12:37:07 -05:00
Ronald 195e3aab8c
[NET-6842] splitting go version on different lines (#19887) 2023-12-11 11:15:32 -05:00
Michael Zalimeni 1d9234a87a
ci: sanitize commit message for Slack failure alerts (#19876)
To ensure that shell code cannot be injected, capture the commit message
in an env var, then format it as needed.

Also fix several other issues with formatting and JSON escaping by
wrapping the entire message in a `toJSON` expression.
2023-12-08 16:04:45 -05:00
Michael Zalimeni 3a78446114
ci: fix escaping for Slack failure notifications (#19838)
Allow '()', '#', and other bash-interpretable special characters by
properly quoting the commit message when shortening.
2023-12-06 21:00:30 +00:00
Ronald 053367a3b2
[NET-6650] Bump go version to 1.20.12 (#19840) 2023-12-06 13:22:00 -05:00
Matt Keeler efe279f802
Retry lint fixes (#19151)
* Add a make target to run lint-consul-retry on all the modules
* Cleanup sdk/testutil/retry
* Fix a bunch of retry.Run* usage to not use the outer testing.T
* Fix some more recent retry lint issues and pin to v1.4.0 of lint-consul-retry
* Fix codegen copywrite lint issues
* Don’t perform cleanup after each retry attempt by default.
* Use the common testutil.TestingTB interface in test-integ/tenancy
* Fix retry tests
* Update otel access logging extension test to perform requests within the retry block
2023-12-06 12:11:32 -05:00
Michael Zalimeni aca8a185ca
ci: fix test failure Slack notifications (#19766)
- Skip notifications for cancelled workflows. Cancellation can be
manual or caused by branch concurrency limits.
- Fix multi-line JSON parsing error by only printing the summary line
of the commit message. We do not need more than this in Slack.
- Update Slack webhook name to match purpose.
2023-12-05 10:24:04 -05:00
Manoj Srinivasamurthy c9f85eb925
NET-6692: Ensure 'upload test results' step is always run (#19783) 2023-12-01 09:23:25 +05:30
emily neil 2eebdb22ba
Remove Duplicate UBI Tags (#19737)
- Amalgamate UBI with Dockerhub and Redhat tags into one step
- Avoids a production incident that errors on duplicate tags:
https://github.com/hashicorp/releng-support/issues/123
2023-11-30 14:49:40 -08:00
Matt Keeler 8f7f15e430
Pin lint-consul-retry to v1.3.0 (#19781)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
2023-11-29 22:44:22 +00:00
Michael Zalimeni 2732376449
ci: Run `go mod tidy` check on submodules (#19744)
Today, we do not enforce a clean `go mod tidy` on submodules. This
allows for drift and can eventually lead to `golangci-lint` failures,
along with the obvious disadvantage of not having an up-to-date
`go.mod`.

Enforce clean `go mod tidy` on all `go.mod` by using our make target
rather than the direct root-level command.
2023-11-27 16:28:35 -05:00