| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* reverseproxy: Mask the WS close message when we're the client
* weakrand
* Bump golangci-lint version so path ignores work on Windows
* gofmt
* ugh, gofmt everything, I guess
|
|
* ci: set least privilged token for github actions
Signed-off-by: Ashish Kurmi <[email protected]>
* ci:reverting github actions permissions for all but lint workflow
Signed-off-by: Ashish Kurmi <[email protected]>
|
|
|
|
|
|
|
|
|
|
* ci: sign artifacts using cosign
* include SBOM
|
|
|
|
|
|
* chore: Add .gitattributes to force *.go to LF
* What if I remove this flag
|
|
|
|
* ci: Fix build caching on Windows
I was getting tired of Windows being slow as molasses in our CI jobs, so I went to look at our trusty source of github actions + golang information, and found a somewhat recent commit that actually fixed it. See https://github.com/mvdan/github-actions-golang/commit/4b754729baa709da219a5889c459010d4eda1888
I'll do a 2nd empty commit to re-trigger CI shortly to confirm that it actually fixes it.
* Retrigger CI
|
|
|
|
|
|
* ci: Ensure we always check for latest version of Go
* Try to force 1.18.1, 1.17.9
* Use includes for the actual go semver
* Use `~` for semver here, apparently
* Try to make tests still run on 1.18.0 for Mac, for now
|
|
Signed-off-by: cuishuang <[email protected]>
|
|
|
|
* ci: Build on Go 1.18, bump actions versions
* Revert linter version bump for now
* Try linter again
|
|
Some files had the old copyright or were missing the license comment entirely.
Also change Light Code Labs to Dyanim in security contact and releases.
|
|
|
|
This generated way too many test jobs, which weren't really that useful. Cross-build is just to keep us posted on which architectures are building okay, so it's not necessary to do it twice. Only plan9 is not working at this point (see https://github.com/caddyserver/caddy/issues/3615)
|
|
The commit goreleaser/goreleaser@013bd69126459125694d7cb2c434dd9ba63e5a5b of GoReleaser is now checking the `go version` prior to executing any of the pre-hooks, which involves setting the current dir of the command to the `build.dir` of the build config. At the time of version check, the buil dir does not exist. It's created in the pre-hook. As a workaround, the build-dir is now created in the Github Action prior to executing goreleaser action.
|
|
|
|
While the Caddy project has had very few valid security bug reports over the years, we have a low signal-to-noise ratio with them (lots of invalid reports). Most are out of scope, and it can take too much valuable time for us to determine that. We would prefer researchers do this first. Hopefully these paragraphs spell out much more clearly what we do and don't accept.
|
|
We decided that we'll use branches like `2.4` as the target for any changes that we might want to release in a `2.4.x` version like `2.4.1`, so that we can continue to merge changes targeting the next minor release (e.g. `2.5.0`) on master.
Our CI config wasn't set up for this to work properly though, since it was only running checks on PRs targeting master. This should fix it.
I couldn't find a way to do a pattern to only match digits for the branch names from Github's docs, it just looks like a pretty generic glob syntax. But this should do until we get to 3.0
|
|
Minor spelling fixes to make this document even better
|
|
* ci: Build and test on Go 1.16
* ci: Drop Go 1.14 support
|
|
|
|
|
|
|
|
* ci: Add pushing to cloudsmith
* ci: Update comments, remove env TODO
* ci: Fix Cloudsmith installation by setting PATH
* docs: Add Cloudsmith attribution to README
* ci: Switch to keeping armv7 as the armhf .deb
|
|
* ci: reject tags if not signed by Matthew Holt's key
* ci: don't reject tags if an intermediate commits are not signed
|
|
* ci: Use golangci's github action for linting
Signed-off-by: Dave Henderson <[email protected]>
* Fix most of the staticcheck lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the prealloc lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the misspell lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the varcheck lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the errcheck lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the bodyclose lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the deadcode lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the unused lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the gosec lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the gosimple lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the ineffassign lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Fix the staticcheck lint errors
Signed-off-by: Dave Henderson <[email protected]>
* Revert the misspell change, use a neutral English
Signed-off-by: Dave Henderson <[email protected]>
* Remove broken golangci-lint CI job
Signed-off-by: Dave Henderson <[email protected]>
* Re-add errantly-removed weakrand initialization
Signed-off-by: Dave Henderson <[email protected]>
* don't break the loop and return
* Removing extra handling for null rootKey
* unignore RegisterModule/RegisterAdapter
Co-authored-by: Mohammed Al Sahaf <[email protected]>
* single-line log message
Co-authored-by: Matt Holt <[email protected]>
* Fix lint after a1808b0dbf209c615e438a496d257ce5e3acdce2 was merged
Signed-off-by: Dave Henderson <[email protected]>
* Revert ticker change, ignore it instead
Signed-off-by: Dave Henderson <[email protected]>
* Ignore some of the write errors
Signed-off-by: Dave Henderson <[email protected]>
* Remove blank line
Signed-off-by: Dave Henderson <[email protected]>
* Use lifetime
Signed-off-by: Dave Henderson <[email protected]>
* close immediately
Co-authored-by: Matt Holt <[email protected]>
* Preallocate configVals
Signed-off-by: Dave Henderson <[email protected]>
* Update modules/caddytls/distributedstek/distributedstek.go
Co-authored-by: Mohammed Al Sahaf <[email protected]>
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
Between Github Actions deprecting a command we use[0] and Fuzzit planning to deprecate their standalone service after being acquired by Gitlab[1][2], there are no reasons to keep this job.
[0] https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/
[1] https://about.gitlab.com/press/releases/2020-06-11-gitlab-acquires-peach-tech-and-fuzzit-to-expand-devsecops-offering.html
[2] https://fuzzit.dev/2020/06/11/news-fuzzit-is-acquired-by-gitlab/
|
|
|
|
|
|
* ci: Try Go 1.15 RC1 out of curiosity
* Go 1.15 was released; let's try it
* Update to latest quic-go
* Attempt at fixing broken test
Co-authored-by: Matthew Holt <[email protected]>
|
|
|
|
As of early August 2020 the VM has been down for several days due to
lack of power due related to bad weather at the data center... sigh.
|
|
* ci: include tracking of GOOS for which Caddy fails to build
* ci: split cross-build check into separate workflow
* ci: cross-build check: make it clear the cross-build check is not a blocker
* ci: cross-build check: set annotation instead of failing the build
* ci: cross-build check: explicitly set continue-on-error to force success marker
* ci: cross-build check: send stderr to /dev/null
* ci: Simplify workflow names
Co-authored-by: Francis Lavoie <[email protected]>
Co-authored-by: Francis Lavoie <[email protected]>
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
Looks like event payloads need to be prefixed with `github.event` to get the actual payload contents. Didn't dig deep enough.
https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
|
|
https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#literals
https://github.com/caddyserver/caddy/actions/runs/147953515
|
|
* ci: don't run s390x tests on PRs of forks
* ci: check if fork by matchinging name from event against name of repo
|
|
|
|
* ci: lay out foundation for s390x tests
* ci: uncomment the s390x test script & replace placeholders with real values
* ci: amend the s390x test job name to be more consistent with others
|
|
|
|
|
