diff --git a/.github/workflows/build-artifacts.yml b/.github/workflows/build-artifacts.yml index f57ea3527d48..e9fdf192fb2e 100644 --- a/.github/workflows/build-artifacts.yml +++ b/.github/workflows/build-artifacts.yml @@ -30,8 +30,13 @@ jobs: name: Setup outputs run: ./.github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + dev-build-push: - needs: setup + needs: + - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. @@ -65,7 +70,7 @@ jobs: - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go env diff --git a/.github/workflows/build-distros.yml b/.github/workflows/build-distros.yml index 10c520893341..ada2869cd3df 100644 --- a/.github/workflows/build-distros.yml +++ b/.github/workflows/build-distros.yml @@ -32,19 +32,25 @@ jobs: name: Setup outputs run: ./.github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + check-go-mod: needs: - setup + - get-go-version uses: ./.github/workflows/reusable-check-go-mod.yml with: runs-on: ${{ needs.setup.outputs.compute-medium }} repository-name: ${{ github.repository }} + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} build-386: needs: - setup + - get-go-version - check-go-mod env: XC_OS: "freebsd linux windows" @@ -59,7 +65,7 @@ jobs: - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: Build run: | for os in $XC_OS; do @@ -69,6 +75,7 @@ jobs: build-amd64: needs: - setup + - get-go-version - check-go-mod env: XC_OS: "darwin freebsd linux solaris windows" @@ -83,7 +90,7 @@ jobs: - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: Build run: | for os in $XC_OS; do @@ -93,6 +100,7 @@ jobs: build-arm: needs: - setup + - get-go-version - check-go-mod runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} env: @@ -109,7 +117,7 @@ jobs: - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: | sudo apt-get update --allow-releaseinfo-change-suite --allow-releaseinfo-change-version && sudo apt-get install -y gcc-arm-linux-gnueabi gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu @@ -122,6 +130,7 @@ jobs: if: ${{ endsWith(github.repository, '-enterprise') }} needs: - setup + - get-go-version - check-go-mod runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} steps: @@ -133,7 +142,7 @@ jobs: - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: Build run: GOOS=linux GOARCH=s390x CGO_ENABLED=0 go build -tags "${{ env.GOTAGS }}" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 036ac59b4a45..6b0a1f85ec38 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,6 +18,9 @@ env: GOPRIVATE: github.com/hashicorp # Required for enterprise deps jobs: + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + set-product-version: runs-on: ubuntu-latest outputs: @@ -81,32 +84,25 @@ jobs: path: ${{ steps.generate-metadata-file.outputs.filepath }} build: - needs: set-product-version + needs: + - set-product-version + - get-go-version runs-on: ubuntu-latest strategy: matrix: include: - - {go: "1.20.12", - goos: "linux", goarch: "386"} - - {go: "1.20.12", - goos: "linux", goarch: "amd64"} - - {go: "1.20.12", - goos: "linux", goarch: "arm"} - - {go: "1.20.12", - goos: "linux", goarch: "arm64"} - - {go: "1.20.12", - goos: "freebsd", goarch: "386"} - - {go: "1.20.12", - goos: "freebsd", goarch: "amd64"} - - {go: "1.20.12", - goos: "windows", goarch: "386"} - - {go: "1.20.12", - goos: "windows", goarch: "amd64"} - - {go: "1.20.12", - goos: "solaris", goarch: "amd64"} + - {goos: "linux", goarch: "386"} + - {goos: "linux", goarch: "amd64"} + - {goos: "linux", goarch: "arm"} + - {goos: "linux", goarch: "arm64"} + - {goos: "freebsd", goarch: "386"} + - {goos: "freebsd", goarch: "amd64"} + - {goos: "windows", goarch: "386"} + - {goos: "windows", goarch: "amd64"} + - {goos: "solaris", goarch: "amd64"} fail-fast: true - name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build + name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -140,7 +136,7 @@ jobs: with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} - go_version: ${{ matrix.go }} + go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report @@ -186,17 +182,18 @@ jobs: path: out/${{ env.DEB_PACKAGE }} build-s390x: - needs: set-product-version + needs: + - set-product-version + - get-go-version if: ${{ endsWith(github.repository, '-enterprise') }} runs-on: ubuntu-latest strategy: matrix: include: - - {go: "1.20.12", - goos: "linux", goarch: "s390x"} + - {goos: "linux", goarch: "s390x"} fail-fast: true - name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build + name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -230,7 +227,7 @@ jobs: with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} - go_version: ${{ matrix.go }} + go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report @@ -238,16 +235,17 @@ jobs: go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false build-darwin: - needs: set-product-version + needs: + - set-product-version + - get-go-version runs-on: macos-latest strategy: matrix: goos: [ darwin ] goarch: [ "amd64", "arm64" ] - go: [ "1.20.12" ] fail-fast: true - name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build + name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -279,7 +277,7 @@ jobs: with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} - go_version: ${{ matrix.go }} + go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report diff --git a/.github/workflows/go-tests.yml b/.github/workflows/go-tests.yml index 8b3f5d66a072..cc6e359102fc 100644 --- a/.github/workflows/go-tests.yml +++ b/.github/workflows/go-tests.yml @@ -59,19 +59,25 @@ jobs: name: Setup outputs run: ./.github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + check-go-mod: needs: - setup + - get-go-version uses: ./.github/workflows/reusable-check-go-mod.yml with: runs-on: ${{ needs.setup.outputs.compute-small }} repository-name: ${{ github.repository }} + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} check-generated-protobuf: needs: - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-medium) }} steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -81,7 +87,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: "go.mod" + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make proto-tools name: Install protobuf - run: make proto-format @@ -100,6 +106,7 @@ jobs: check-generated-deep-copy: needs: - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -109,7 +116,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: "go.mod" + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make --always-make deep-copy - run: | if ! git diff --exit-code; then @@ -123,6 +130,7 @@ jobs: lint-enums: needs: - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -132,7 +140,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: "go.mod" + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go install github.com/reillywatson/enumcover/cmd/enumcover@master && enumcover ./... - name: Notify Slack if: ${{ failure() }} @@ -141,6 +149,7 @@ jobs: lint-container-test-deps: needs: - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -149,7 +158,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: "go.mod" + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: make lint-container-test-deps - name: Notify Slack if: ${{ failure() }} @@ -158,6 +167,7 @@ jobs: lint-consul-retry: needs: - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} steps: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 @@ -167,7 +177,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: "go.mod" + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go install github.com/hashicorp/lint-consul-retry@v1.3.0 && lint-consul-retry - name: Notify Slack if: ${{ failure() }} @@ -176,21 +186,25 @@ jobs: lint: needs: - setup + - get-go-version uses: ./.github/workflows/reusable-lint.yml with: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} lint-32bit: needs: - setup + - get-go-version uses: ./.github/workflows/reusable-lint.yml with: go-arch: "386" runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -198,10 +212,12 @@ jobs: dev-build: needs: - setup + - get-go-version uses: ./.github/workflows/reusable-dev-build.yml with: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -209,11 +225,13 @@ jobs: # if: ${{ endsWith(github.repository, '-enterprise') }} # needs: # - setup + # - get-go-version # uses: ./.github/workflows/reusable-dev-build.yml # with: # uploaded-binary-name: 'consul-bin-s390x' # runs-on: ${{ needs.setup.outputs.compute-large }} # go-arch: "s390x" + # go-version: ${{ needs.get-go-version.outputs.go-version }} # repository-name: ${{ github.repository }} # secrets: # elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -223,11 +241,13 @@ jobs: # if: ${{ endsWith(github.repository, '-enterprise') }} # needs: # - setup + # - get-go-version # uses: ./.github/workflows/reusable-dev-build.yml # with: # uploaded-binary-name: 'consul-bin-arm64' # runs-on: ${{ needs.setup.outputs.compute-large }} # go-arch: "arm64" + # go-version: ${{ needs.get-go-version.outputs.go-version }} # repository-name: ${{ github.repository }} # secrets: # elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -237,6 +257,7 @@ jobs: # if: ${{ endsWith(github.repository, '-enterprise') }} # needs: # - setup + # - get-go-version # - dev-build-arm64 # uses: ./.github/workflows/reusable-unit-split.yml # with: @@ -245,6 +266,7 @@ jobs: # runner-count: 12 # runs-on: "['self-hosted', 'ondemand', 'os=macos-arm', 'arm64']" # go-test-flags: 'if ! [[ "$GITHUB_REF_NAME" =~ ^main$|^release/ ]]; then export GO_TEST_FLAGS="-short"; fi' + # go-version: ${{ needs.get-go-version.outputs.go-version }} # repository-name: ${{ github.repository }} # secrets: # elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -254,6 +276,7 @@ jobs: go-test-ce: needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit-split.yml with: @@ -262,6 +285,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read @@ -274,6 +298,7 @@ jobs: if: ${{ endsWith(github.repository, '-enterprise') }} needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit-split.yml with: @@ -282,6 +307,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read @@ -293,6 +319,7 @@ jobs: go-test-race: needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit.yml with: @@ -302,6 +329,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read @@ -313,6 +341,7 @@ jobs: go-test-32bit: needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit.yml with: @@ -322,6 +351,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read @@ -334,6 +364,7 @@ jobs: # if: ${{ endsWith(github.repository, '-enterprise') }} # needs: # - setup + # - get-go-version # - dev-build-s390x # uses: ./.github/workflows/reusable-unit.yml # with: @@ -343,6 +374,7 @@ jobs: # runs-on: ${{ needs.setup.outputs.compute-large }} # repository-name: ${{ github.repository }} # go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + # go-version: ${{ needs.get-go-version.outputs.go-version }} # permissions: # id-token: write # NOTE: this permission is explicitly required for Vault auth. # contents: read @@ -354,6 +386,7 @@ jobs: go-test-envoyextensions: needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit.yml with: @@ -361,6 +394,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read @@ -372,6 +406,7 @@ jobs: go-test-troubleshoot: needs: - setup + - get-go-version - dev-build uses: ./.github/workflows/reusable-unit.yml with: @@ -379,6 +414,7 @@ jobs: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consulprem consuldev' || '' }}" + go-version: ${{ needs.get-go-version.outputs.go-version }} permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. contents: read diff --git a/.github/workflows/nightly-test-integrations.yml b/.github/workflows/nightly-test-integrations.yml index a03d2c3188b6..d7812bee35ef 100644 --- a/.github/workflows/nightly-test-integrations.yml +++ b/.github/workflows/nightly-test-integrations.yml @@ -38,13 +38,19 @@ jobs: - id: runners run: .github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + dev-build: - needs: [setup] + needs: + - setup + - get-go-version uses: ./.github/workflows/reusable-dev-build.yml with: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} uploaded-binary-name: 'consul-bin' + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -91,6 +97,7 @@ jobs: runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} needs: - setup + - get-go-version - generate-envoy-job-matrices - dev-build permissions: @@ -113,7 +120,7 @@ jobs: ref: ${{ inputs.branch }} - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 @@ -186,6 +193,7 @@ jobs: runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} needs: - setup + - get-go-version - dev-build permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. @@ -208,7 +216,7 @@ jobs: run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go env # Get go binary from workspace diff --git a/.github/workflows/reusable-check-go-mod.yml b/.github/workflows/reusable-check-go-mod.yml index 948d09fc5578..8a41778a89e8 100644 --- a/.github/workflows/reusable-check-go-mod.yml +++ b/.github/workflows/reusable-check-go-mod.yml @@ -10,6 +10,9 @@ on: repository-name: required: true type: string + go-version: + required: true + type: string secrets: elevated-github-token: required: true @@ -25,7 +28,7 @@ jobs: run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ inputs.go-version }} # Run on all go.mod (include submodules). - run: make go-mod-tidy - run: | diff --git a/.github/workflows/reusable-dev-build.yml b/.github/workflows/reusable-dev-build.yml index 2db9670655e4..3f7df9c2d5bb 100644 --- a/.github/workflows/reusable-dev-build.yml +++ b/.github/workflows/reusable-dev-build.yml @@ -18,6 +18,9 @@ on: required: false type: string default: "" + go-version: + required: true + type: string secrets: elevated-github-token: required: true @@ -32,7 +35,7 @@ jobs: run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version-file: 'go.mod' + go-version: ${{ inputs.go-version }} - name: Build env: GOARCH: ${{ inputs.goarch }} diff --git a/.github/workflows/reusable-get-go-version.yml b/.github/workflows/reusable-get-go-version.yml new file mode 100644 index 000000000000..efd936c06c7f --- /dev/null +++ b/.github/workflows/reusable-get-go-version.yml @@ -0,0 +1,34 @@ +name: get-go-version + +on: + workflow_call: + outputs: + go-version: + description: "The Go version detected by this workflow" + value: ${{ jobs.get-go-version.outputs.go-version }} + +jobs: + get-go-version: + name: "Determine Go toolchain version" + runs-on: ubuntu-latest + outputs: + go-version: ${{ steps.get-go-version.outputs.go-version }} + steps: + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - name: Determine Go version + id: get-go-version + # We use .go-version as our source of truth for current Go + # version, because "goenv" can react to it automatically. + # + # In the future, we can transition from .go-version and goenv to + # Go 1.21 `toolchain` directives by updating this workflow rather + # than individually setting `go-version-file` in each `setup-go` + # job (as of 2024-01-03, `setup-go` does not support `toolchain`). + # + # When changing the method of Go version detection, also update + # GOLANG_VERSION detection in the root Makefile; this is used for + # setting the Dockerfile Go version. + run: | + GO_VERSION=$(head -n 1 .go-version) + echo "Building with Go ${GO_VERSION}" + echo "go-version=${GO_VERSION}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/reusable-lint.yml b/.github/workflows/reusable-lint.yml index f7032f986663..3e71c88784a4 100644 --- a/.github/workflows/reusable-lint.yml +++ b/.github/workflows/reusable-lint.yml @@ -7,6 +7,9 @@ on: required: false type: string default: "" + go-version: + required: true + type: string runs-on: description: An expression indicating which kind of runners to use. required: true @@ -43,7 +46,7 @@ jobs: run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ inputs.go-version }} - run: go env - name: lint-${{ matrix.directory }} uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # pin@v3.4.0 diff --git a/.github/workflows/reusable-unit-split.yml b/.github/workflows/reusable-unit-split.yml index 33b9d6badd43..210039e90885 100644 --- a/.github/workflows/reusable-unit-split.yml +++ b/.github/workflows/reusable-unit-split.yml @@ -37,6 +37,9 @@ on: required: false type: string default: "" + go-version: + required: true + type: string secrets: elevated-github-token: required: true @@ -62,7 +65,7 @@ jobs: - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ inputs.go-version }} - id: set-matrix run: ./.github/scripts/set_test_package_matrix.sh ${{env.TOTAL_RUNNERS}} @@ -89,8 +92,7 @@ jobs: run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3.5.0 with: - go-version-file: 'go.mod' - cache: true + go-version: ${{ inputs.go-version }} - run: mkdir -p ${{env.TEST_RESULTS}} - name: go mod download working-directory: ${{inputs.directory}} diff --git a/.github/workflows/reusable-unit.yml b/.github/workflows/reusable-unit.yml index e769a49ff444..431577135a62 100644 --- a/.github/workflows/reusable-unit.yml +++ b/.github/workflows/reusable-unit.yml @@ -34,9 +34,8 @@ on: type: string default: "" go-version: - required: false + required: true type: string - default: "" secrets: elevated-github-token: required: true @@ -62,15 +61,8 @@ jobs: if: ${{ endsWith(inputs.repository-name, '-enterprise') }} run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com" - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 - if: ${{ inputs.go-version != '' }} with: go-version: ${{ inputs.go-version }} - cache: true - - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 - if: ${{ inputs.go-version == '' }} - with: - go-version-file: 'go.mod' - cache: true - run: mkdir -p ${{env.TEST_RESULTS}} - name: go mod download working-directory: ${{inputs.directory}} diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index a09879d62f2a..60c91baf906a 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -45,8 +45,13 @@ jobs: name: Setup outputs run: ./.github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + scan: - needs: [setup] + needs: + - setup + - get-go-version runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} # The first check ensures this doesn't run on community-contributed PRs, who # won't have the permissions to run this job. @@ -59,8 +64,7 @@ jobs: - name: Set up Go uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - cache: true - go-version: 1.20.12 #TODO move CI build config and this to .go-version or .go-mod + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: Clone Security Scanner repo uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 59840246821b..1ebb61aa8f8f 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -32,14 +32,14 @@ concurrency: jobs: conditional-skip: - runs-on: ubuntu-latest + runs-on: ubuntu-latest name: Get files changed and conditionally skip CI outputs: skip-ci: ${{ steps.read-files.outputs.skip-ci }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: - fetch-depth: 0 + fetch-depth: 0 - name: Get changed files id: read-files run: ./.github/scripts/filter_changed_files_go_test.sh @@ -60,13 +60,19 @@ jobs: - id: runners run: .github/scripts/get_runner_classes.sh + get-go-version: + uses: ./.github/workflows/reusable-get-go-version.yml + dev-build: - needs: [setup] + needs: + - setup + - get-go-version uses: ./.github/workflows/reusable-dev-build.yml with: runs-on: ${{ needs.setup.outputs.compute-large }} repository-name: ${{ github.repository }} uploaded-binary-name: 'consul-bin' + go-version: ${{ needs.get-go-version.outputs.go-version }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -91,6 +97,7 @@ jobs: - name: Install Go uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: + # Do not explicitly set Go version here, as it should depend on what Nomad declares. go-version-file: 'go.mod' - name: Fetch Consul binary @@ -116,7 +123,7 @@ jobs: --packages="./command/agent/consul" \ --junitfile $TEST_RESULTS_DIR/results.xml -- \ -run TestConsul - + # NOTE: ENT specific step as we store secrets in Vault. - name: Authenticate to Vault if: ${{ !cancelled() && endsWith(github.repository, '-enterprise') }} @@ -172,6 +179,7 @@ jobs: - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: + # Do not explicitly set Go version here, as it should depend on what Vault declares. go-version-file: 'go.mod' - name: Install Vault @@ -257,12 +265,12 @@ jobs: - name: Generate Envoy Job Matrix id: set-matrix env: - # this is further going to multiplied in envoy-integration tests by the + # this is further going to multiplied in envoy-integration tests by the # other dimensions in the matrix. Currently TOTAL_RUNNERS would be # multiplied by 8 based on these values: # envoy-version: ["1.23.12", "1.24.12", "1.25.11", "1.26.6"] # xds-target: ["server", "client"] - TOTAL_RUNNERS: 4 + TOTAL_RUNNERS: 4 JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' run: | NUM_RUNNERS=$TOTAL_RUNNERS @@ -281,11 +289,12 @@ jobs: | jq --raw-input --argjson runnercount "$NUM_RUNNERS" "$JQ_SLICER" \ | jq --compact-output 'map(join("|"))' } >> "$GITHUB_OUTPUT" - + envoy-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} needs: - setup + - get-go-version - generate-envoy-job-matrices - dev-build permissions: @@ -305,7 +314,7 @@ jobs: - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 @@ -378,6 +387,7 @@ jobs: runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} needs: - setup + - get-go-version - dev-build permissions: id-token: write # NOTE: this permission is explicitly required for Vault auth. @@ -388,7 +398,7 @@ jobs: - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: - go-version-file: 'go.mod' + go-version: ${{ needs.get-go-version.outputs.go-version }} - run: go env - name: docker env run: | @@ -481,7 +491,7 @@ jobs: run: datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml test-integrations-success: - needs: + needs: - conditional-skip - setup - dev-build diff --git a/.go-version b/.go-version new file mode 100644 index 000000000000..adcfeed91395 --- /dev/null +++ b/.go-version @@ -0,0 +1 @@ +1.20.12 \ No newline at end of file diff --git a/GNUmakefile b/GNUmakefile index e7f79a104912..fb0d4841bf3b 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -64,6 +64,9 @@ GO_BUILD_TAG?=consul-build-go UI_BUILD_TAG?=consul-build-ui BUILD_CONTAINER_NAME?=consul-builder CONSUL_IMAGE_VERSION?=latest +# When changing the method of Go version detection, also update +# version detection in CI workflows (reusable-get-go-version.yml). +GOLANG_VERSION?=$(shell head -n 1 .go-version) ENVOY_VERSION?='1.25.4' ################ @@ -331,9 +334,9 @@ other-consul: echo "Found other running consul agents. This may affect your tests." ; \ exit 1 ; \ fi - + .PHONY: fmt -fmt: $(foreach mod,$(GO_MODULES),fmt/$(mod)) +fmt: $(foreach mod,$(GO_MODULES),fmt/$(mod)) .PHONY: fmt/% fmt/%: @@ -410,7 +413,7 @@ docker-images: go-build-image ui-build-image go-build-image: @echo "Building Golang build container" - @docker build $(NOCACHE) $(QUIET) -t $(GO_BUILD_TAG) - < build-support/docker/Build-Go.dockerfile + @docker build $(NOCACHE) $(QUIET) -t $(GO_BUILD_TAG) --build-arg GOLANG_VERSION=$(GOLANG_VERSION) - < build-support/docker/Build-Go.dockerfile ui-build-image: @echo "Building UI build container" diff --git a/build-support/docker/Build-Go.dockerfile b/build-support/docker/Build-Go.dockerfile index fa3bc639b076..cf30ceb1ff57 100644 --- a/build-support/docker/Build-Go.dockerfile +++ b/build-support/docker/Build-Go.dockerfile @@ -1,7 +1,7 @@ # Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 -ARG GOLANG_VERSION=1.20.12 +ARG GOLANG_VERSION FROM golang:${GOLANG_VERSION} WORKDIR /consul