From 59a7a5270c83eee50c3eb3fc5a1e64f68b049768 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Aug 2025 16:40:45 +0000 Subject: [PATCH 1/4] build(deps): bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit cfb22c9a0f0c250e6fc3323d49c5163a078cd6a2) Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 6 +++--- .github/workflows/validate.yml | 24 ++++++++++++------------ 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7444381b8..f02bc9237 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,7 +44,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Show host info run: | @@ -153,7 +153,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: install deps run: | @@ -177,7 +177,7 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: lima-vm/lima-actions/setup@v1 id: lima-actions-setup diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index ce5f09925..3f0926ec0 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -17,7 +17,7 @@ jobs: keyring: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: check runc.keyring run: make validate-keyring @@ -29,7 +29,7 @@ jobs: checks: write # to allow the action to annotate code in the PR. runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 2 - uses: actions/setup-go@v5 @@ -52,7 +52,7 @@ jobs: go-fix: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 2 - uses: actions/setup-go@v5 @@ -73,7 +73,7 @@ jobs: # Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them. CGO_CFLAGS: -g -O2 -Werror steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: install go uses: actions/setup-go@v5 with: @@ -90,7 +90,7 @@ jobs: codespell: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: install deps # Version of codespell bundled with Ubuntu is way old, so use pip. run: pip install --break-system-packages codespell==v2.3.0 @@ -100,14 +100,14 @@ jobs: shfmt: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: shfmt run: make shfmt shellcheck: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: install shellcheck env: VERSION: v0.10.0 @@ -131,14 +131,14 @@ jobs: space-at-eol: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rm -fr vendor - run: if git -P grep -I -n '\s$'; then echo "^^^ extra whitespace at EOL, please fix"; exit 1; fi deps: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: install go uses: actions/setup-go@v5 with: @@ -176,7 +176,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 - name: install deps @@ -194,7 +194,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 0 @@ -224,7 +224,7 @@ jobs: get-images: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 - name: install bashbrew From 4b76986b98d34b12d8928313f34e83d4e4341987 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 10 Nov 2025 23:19:15 -0800 Subject: [PATCH 2/4] ci: faster git clone For some reason, some jobs in .github/workflows/validate.yml have "fetch-depth: 0" argument to actions/checkout, meaning "all history for all branches and tags". Obviously this is not needed here. Signed-off-by: Kir Kolyshkin (cherry picked from commit e0b00171eb0f338cf024760019abdd4e7dec690f) Signed-off-by: Kir Kolyshkin (cherry picked from commit 0200ccb53d9265c43f203fb98a9862407835eb23) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 3f0926ec0..8d02ead53 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -177,8 +177,6 @@ jobs: steps: - name: checkout uses: actions/checkout@v5 - with: - fetch-depth: 0 - name: install deps run: | sudo apt -qq update @@ -195,8 +193,6 @@ jobs: steps: - name: checkout uses: actions/checkout@v5 - with: - fetch-depth: 0 - name: check CHANGELOG.md run: make verify-changelog @@ -225,8 +221,6 @@ jobs: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v5 - with: - fetch-depth: 0 - name: install bashbrew env: BASEURL: https://github.com/docker-library/bashbrew/releases/download From 99cc7bcb48a5cbc9e486345dd5c548a7b4f10fae Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 10 Nov 2025 23:45:49 -0800 Subject: [PATCH 3/4] ci: add checking Go version from Dockerfile This is to ensure that Go version in Dockerfile (which is used to build release binaries) is: - currently supported; - used in CI tests. Signed-off-by: Kir Kolyshkin (cherry picked from commit df4acc8867a08bd2df2dfec74a5f79fe018c2f4d) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 8d02ead53..a694d99ff 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -186,6 +186,18 @@ jobs: make cfmt git diff --exit-code + check-go: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v5 + - name: check Go version + run: | + GO_VER=$(awk -F= '/^ARG\s+GO_VERSION=/ {print $2; quit}' Dockerfile) + echo "Go version used in Dockerfile: $GO_VER" + echo -n "Checking if Go $GO_VER is supported ... " + curl -fsSL https://go.dev/dl/?mode=json | jq -e 'any(.[]; .version | startswith("go'$GO_VER'"))' + echo -n "Checking if Go $GO_VER is tested against ... " + yq -e '.jobs.test.strategy.matrix.go-version | contains(["'$GO_VER'.x"])' .github/workflows/test.yml release: timeout-minutes: 30 @@ -242,6 +254,7 @@ jobs: all-done: needs: + - check-go - cfmt - codespell - commit From 7a5a90e8075b9869182957474d7cfa371bf39fb6 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Mon, 10 Nov 2025 22:55:30 -0800 Subject: [PATCH 4/4] Use Go 1.24.x for release binaries Since Go 1.23 is no longer supported, we should not use it. Go 1.23 is still supported and is probably the best bet for the release-1.2 branch. Signed-off-by: Kir Kolyshkin --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5c3b933b3..26f124ede 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG GO_VERSION=1.23 +ARG GO_VERSION=1.24 ARG BATS_VERSION=v1.11.0 ARG LIBSECCOMP_VERSION=2.5.6