github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ci: Single source of truth for Go version in CI and Dockerfile (#20058) 

ci: Set Go version consistently via .go-version

Ensure Go version is determined consistently for CI and Docker builds
rather than spread across several different files.

The intent is to eventually replace this with use of the `toolchain`
directive in Go 1.21.
pull/20119/head
Michael Zalimeni 11 months ago committed by GitHub
parent
8233303876
commit
3b111277ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 236 additions and 83 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      .github/workflows/build-artifacts.yml
  2. 17
      .github/workflows/build-distros.yml
  3. 58
      .github/workflows/build.yml
  4. 46
      .github/workflows/go-tests.yml
  5. 6
      .github/workflows/nightly-test-integ-peering_commontopo.yml
  6. 14
      .github/workflows/nightly-test-integrations-1.15.x.yml
  7. 14
      .github/workflows/nightly-test-integrations-1.16.x.yml
  8. 17
      .github/workflows/nightly-test-integrations-1.17.x.yml
  9. 17
      .github/workflows/nightly-test-integrations.yml
  10. 5
      .github/workflows/reusable-check-go-mod.yml
  11. 5
      .github/workflows/reusable-dev-build-windows.yml
  12. 5
      .github/workflows/reusable-dev-build.yml
  13. 34
      .github/workflows/reusable-get-go-version.yml
  14. 5
      .github/workflows/reusable-lint.yml
  15. 8
      .github/workflows/reusable-unit-split.yml
  16. 10
      .github/workflows/reusable-unit.yml
  17. 10
      .github/workflows/security-scan.yml
  18. 10
      .github/workflows/test-integrations-windows.yml
  19. 19
      .github/workflows/test-integrations.yml
  20. 1
      .go-version
  21. 7
      Makefile
  22. 2
      build-support/docker/Build-Go.dockerfile

9
.github/workflows/build-artifacts.yml
Unescape View File

@ -30,8 +30,13 @@ jobs:
name: Setup outputs
run: ./.github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build-push:
needs: setup
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -65,7 +70,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env

17
.github/workflows/build-distros.yml
Unescape View File

@ -36,19 +36,25 @@ jobs:
name: Setup outputs
run: ./.github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
check-go-mod:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-check-go-mod.yml
with:
runs-on: ${{ needs.setup.outputs.compute-medium }}
repository-name: ${{ github.repository }}
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
build-386:
needs:
- setup
- get-go-version
- check-go-mod
env:
XC_OS: "freebsd linux windows"
@ -63,7 +69,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: Build
run: |
for os in $XC_OS; do
@ -73,6 +79,7 @@ jobs:
build-amd64:
needs:
- setup
- get-go-version
- check-go-mod
env:
XC_OS: "darwin freebsd linux solaris windows"
@ -87,7 +94,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: Build
run: |
for os in $XC_OS; do
@ -97,6 +104,7 @@ jobs:
build-arm:
needs:
- setup
- get-go-version
- check-go-mod
runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }}
env:
@ -113,7 +121,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: |
sudo apt-get update --allow-releaseinfo-change-suite --allow-releaseinfo-change-version && sudo apt-get install -y gcc-arm-linux-gnueabi gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu
@ -126,6 +134,7 @@ jobs:
if: ${{ endsWith(github.repository, '-enterprise') }}
needs:
- setup
- get-go-version
- check-go-mod
runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }}
steps:
@ -137,7 +146,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: Build
run: GOOS=linux GOARCH=s390x CGO_ENABLED=0 go build -tags "${{ env.GOTAGS }}"

58
.github/workflows/build.yml
Unescape View File

@ -18,6 +18,9 @@ env:
GOPRIVATE: github.com/hashicorp # Required for enterprise deps
jobs:
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
set-product-version:
runs-on: ubuntu-latest
outputs:
@ -81,32 +84,25 @@ jobs:
path: ${{ steps.generate-metadata-file.outputs.filepath }}
build:
needs: set-product-version
needs:
- set-product-version
- get-go-version
runs-on: ubuntu-latest
strategy:
matrix:
include:
- {go: "1.20.12",
goos: "linux", goarch: "386"}
- {go: "1.20.12",
goos: "linux", goarch: "amd64"}
- {go: "1.20.12",
goos: "linux", goarch: "arm"}
- {go: "1.20.12",
goos: "linux", goarch: "arm64"}
- {go: "1.20.12",
goos: "freebsd", goarch: "386"}
- {go: "1.20.12",
goos: "freebsd", goarch: "amd64"}
- {go: "1.20.12",
goos: "windows", goarch: "386"}
- {go: "1.20.12",
goos: "windows", goarch: "amd64"}
- {go: "1.20.12",
goos: "solaris", goarch: "amd64"}
- {goos: "linux", goarch: "386"}
- {goos: "linux", goarch: "amd64"}
- {goos: "linux", goarch: "arm"}
- {goos: "linux", goarch: "arm64"}
- {goos: "freebsd", goarch: "386"}
- {goos: "freebsd", goarch: "amd64"}
- {goos: "windows", goarch: "386"}
- {goos: "windows", goarch: "amd64"}
- {goos: "solaris", goarch: "amd64"}
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -140,7 +136,7 @@ jobs:
with:
product_name: ${{ env.PKG_NAME }}
product_version: ${{ needs.set-product-version.outputs.product-version }}
go_version: ${{ matrix.go }}
go_version: ${{ needs.get-go-version.outputs.go-version }}
os: ${{ matrix.goos }}
arch: ${{ matrix.goarch }}
reproducible: report
@ -186,17 +182,18 @@ jobs:
path: out/${{ env.DEB_PACKAGE }}
build-s390x:
needs: set-product-version
needs:
- set-product-version
- get-go-version
if: ${{ endsWith(github.repository, '-enterprise') }}
runs-on: ubuntu-latest
strategy:
matrix:
include:
- {go: "1.20.12",
goos: "linux", goarch: "s390x"}
- {goos: "linux", goarch: "s390x"}
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -230,7 +227,7 @@ jobs:
with:
product_name: ${{ env.PKG_NAME }}
product_version: ${{ needs.set-product-version.outputs.product-version }}
go_version: ${{ matrix.go }}
go_version: ${{ needs.get-go-version.outputs.go-version }}
os: ${{ matrix.goos }}
arch: ${{ matrix.goarch }}
reproducible: report
@ -238,16 +235,17 @@ jobs:
go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
build-darwin:
needs: set-product-version
needs:
- set-product-version
- get-go-version
runs-on: macos-latest
strategy:
matrix:
goos: [ darwin ]
goarch: [ "amd64", "arm64" ]
go: [ "1.20.12" ]
fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -279,7 +277,7 @@ jobs:
with:
product_name: ${{ env.PKG_NAME }}
product_version: ${{ needs.set-product-version.outputs.product-version }}
go_version: ${{ matrix.go }}
go_version: ${{ needs.get-go-version.outputs.go-version }}
os: ${{ matrix.goos }}
arch: ${{ matrix.goarch }}
reproducible: report

46
.github/workflows/go-tests.yml
Unescape View File

@ -59,19 +59,25 @@ jobs:
name: Setup outputs
run: ./.github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
check-go-mod:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-check-go-mod.yml
with:
runs-on: ${{ needs.setup.outputs.compute-small }}
repository-name: ${{ github.repository }}
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
check-generated-protobuf:
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-medium) }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -81,7 +87,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: make proto-tools
name: Install protobuf
- run: make proto-format
@ -97,6 +103,7 @@ jobs:
check-codegen:
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -106,7 +113,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: make --always-make codegen
- run: |
if ! git diff --exit-code; then
@ -117,6 +124,7 @@ jobs:
lint-enums:
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -126,12 +134,13 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go install github.com/reillywatson/enumcover/cmd/enumcover@master && enumcover ./...
lint-container-test-deps:
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -140,12 +149,13 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: make lint-container-test-deps
lint-consul-retry:
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
@ -155,27 +165,31 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: make lint-consul-retry
lint:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-lint.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
lint-32bit:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-lint.yml
with:
go-arch: "386"
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -183,10 +197,12 @@ jobs:
dev-build:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -194,11 +210,13 @@ jobs:
# if: ${{ endsWith(github.repository, '-enterprise') }}
# needs:
# - setup
# - get-go-version
# uses: ./.github/workflows/reusable-dev-build.yml
# with:
# uploaded-binary-name: 'consul-bin-s390x'
# runs-on: ${{ needs.setup.outputs.compute-large }}
# go-arch: "s390x"
# go-version: ${{ needs.get-go-version.outputs.go-version }}
# repository-name: ${{ github.repository }}
# secrets:
# elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -208,11 +226,13 @@ jobs:
# if: ${{ endsWith(github.repository, '-enterprise') }}
# needs:
# - setup
# - get-go-version
# uses: ./.github/workflows/reusable-dev-build.yml
# with:
# uploaded-binary-name: 'consul-bin-arm64'
# runs-on: ${{ needs.setup.outputs.compute-large }}
# go-arch: "arm64"
# go-version: ${{ needs.get-go-version.outputs.go-version }}
# repository-name: ${{ github.repository }}
# secrets:
# elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -222,6 +242,7 @@ jobs:
# if: ${{ endsWith(github.repository, '-enterprise') }}
# needs:
# - setup
# - get-go-version
# - dev-build-arm64
# uses: ./.github/workflows/reusable-unit-split.yml
# with:
@ -230,6 +251,7 @@ jobs:
# runner-count: 12
# runs-on: "['self-hosted', 'ondemand', 'os=macos-arm', 'arm64']"
# go-test-flags: "${{ (github.ref_name != 'main' && !startsWith(github.ref_name, 'release/')) && '-short' || '' }}"
# go-version: ${{ needs.get-go-version.outputs.go-version }}
# repository-name: ${{ github.repository }}
# secrets:
# elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -239,6 +261,7 @@ jobs:
go-test-ce:
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit-split.yml
with:
@ -248,6 +271,7 @@ jobs:
repository-name: ${{ github.repository }}
go-tags: ""
go-test-flags: "${{ (github.ref_name != 'main' && !startsWith(github.ref_name, 'release/')) && '-short' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -260,6 +284,7 @@ jobs:
if: ${{ endsWith(github.repository, '-enterprise') }}
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit-split.yml
with:
@ -269,6 +294,7 @@ jobs:
repository-name: ${{ github.repository }}
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
go-test-flags: "${{ (github.ref_name != 'main' && !startsWith(github.ref_name, 'release/')) && '-short' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -280,6 +306,7 @@ jobs:
go-test-race:
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit.yml
with:
@ -289,6 +316,7 @@ jobs:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -300,6 +328,7 @@ jobs:
go-test-32bit:
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit.yml
with:
@ -309,6 +338,7 @@ jobs:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -321,6 +351,7 @@ jobs:
# if: ${{ endsWith(github.repository, '-enterprise') }}
# needs:
# - setup
# - get-go-version
# - dev-build-s390x
# uses: ./.github/workflows/reusable-unit.yml
# with:
@ -330,6 +361,7 @@ jobs:
# runs-on: ${{ needs.setup.outputs.compute-large }}
# repository-name: ${{ github.repository }}
# go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
# go-version: ${{ needs.get-go-version.outputs.go-version }}
# permissions:
# id-token: write # NOTE: this permission is explicitly required for Vault auth.
# contents: read
@ -341,6 +373,7 @@ jobs:
go-test-envoyextensions:
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit.yml
with:
@ -348,6 +381,7 @@ jobs:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -359,6 +393,7 @@ jobs:
go-test-troubleshoot:
needs:
- setup
- get-go-version
- dev-build
uses: ./.github/workflows/reusable-unit.yml
with:
@ -366,6 +401,7 @@ jobs:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
go-version: ${{ needs.get-go-version.outputs.go-version }}
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read

6
.github/workflows/nightly-test-integ-peering_commontopo.yml
Unescape View File

@ -37,10 +37,14 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
tests:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl ) }}
needs:
- setup
- get-go-version
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -67,7 +71,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
- name: Build
run: |

14
.github/workflows/nightly-test-integrations-1.15.x.yml
Unescape View File

@ -40,14 +40,20 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs: [setup]
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul-bin'
branch-name: "release/1.15.x"
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -94,6 +100,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- generate-envoy-job-matrices
- dev-build
permissions:
@ -116,7 +123,7 @@ jobs:
ref: ${{ env.BRANCH }}
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@ -186,6 +193,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -208,7 +216,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
# Get go binary from workspace

14
.github/workflows/nightly-test-integrations-1.16.x.yml
Unescape View File

@ -40,14 +40,20 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs: [setup]
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul-bin'
branch-name: "release/1.16.x"
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -94,6 +100,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- generate-envoy-job-matrices
- dev-build
permissions:
@ -116,7 +123,7 @@ jobs:
ref: ${{ env.BRANCH }}
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@ -189,6 +196,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -211,7 +219,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
# Get go binary from workspace

17
.github/workflows/nightly-test-integrations-1.17.x.yml
Unescape View File

@ -40,14 +40,20 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs: [setup]
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul-bin'
branch-name: "release/1.17.x"
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -94,6 +100,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- generate-envoy-job-matrices
- dev-build
permissions:
@ -116,7 +123,7 @@ jobs:
ref: ${{ env.BRANCH }}
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@ -189,6 +196,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -211,7 +219,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
# Get go binary from workspace
@ -314,6 +322,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large ) }}
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -335,7 +344,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
- name: Build image
run: make test-deployer-setup

17
.github/workflows/nightly-test-integrations.yml
Unescape View File

@ -38,13 +38,19 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs: [setup]
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul-bin'
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -91,6 +97,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large ) }}
needs:
- setup
- get-go-version
- generate-envoy-job-matrices
- dev-build
permissions:
@ -113,7 +120,7 @@ jobs:
ref: ${{ inputs.branch }}
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@ -186,6 +193,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large ) }}
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -211,7 +219,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
# Get go binary from workspace
@ -314,6 +322,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large ) }}
needs:
- setup
- get-go-version
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -334,7 +343,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
- name: Build image
run: make test-deployer-setup

5
.github/workflows/reusable-check-go-mod.yml
Unescape View File

@ -10,6 +10,9 @@ on:
repository-name:
required: true
type: string
go-version:
required: true
type: string
secrets:
elevated-github-token:
required: true
@ -25,7 +28,7 @@ jobs:
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ inputs.go-version }}
# Run on all go.mod (include submodules).
- run: make go-mod-tidy
- run: |

5
.github/workflows/reusable-dev-build-windows.yml
Unescape View File

@ -18,6 +18,9 @@ on:
required: false
type: string
default: ""
go-version:
required: true
type: string
secrets:
elevated-github-token:
required: true
@ -32,7 +35,7 @@ jobs:
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ inputs.go-version }}
- name: Build
env:
GOARCH: ${{ inputs.goarch }}

5
.github/workflows/reusable-dev-build.yml
Unescape View File

@ -22,6 +22,9 @@ on:
required: false
type: string
default: ""
go-version:
required: true
type: string
secrets:
elevated-github-token:
required: true
@ -44,7 +47,7 @@ jobs:
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ inputs.go-version }}
- name: Build
env:
GOARCH: ${{ inputs.goarch }}

34
.github/workflows/reusable-get-go-version.yml
Unescape View File

@ -0,0 +1,34 @@
name: get-go-version
on:
workflow_call:
outputs:
go-version:
description: "The Go version detected by this workflow"
value: ${{ jobs.get-go-version.outputs.go-version }}
jobs:
get-go-version:
name: "Determine Go toolchain version"
runs-on: ubuntu-latest
outputs:
go-version: ${{ steps.get-go-version.outputs.go-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Determine Go version
id: get-go-version
# We use .go-version as our source of truth for current Go
# version, because "goenv" can react to it automatically.
#
# In the future, we can transition from .go-version and goenv to
# Go 1.21 `toolchain` directives by updating this workflow rather
# than individually setting `go-version-file` in each `setup-go`
# job (as of 2024-01-03, `setup-go` does not support `toolchain`).
#
# When changing the method of Go version detection, also update
# GOLANG_VERSION detection in the root Makefile; this is used for
# setting the Dockerfile Go version.
run: |
GO_VERSION=$(head -n 1 .go-version)
echo "Building with Go ${GO_VERSION}"
echo "go-version=${GO_VERSION}" >> $GITHUB_OUTPUT

5
.github/workflows/reusable-lint.yml
Unescape View File

@ -7,6 +7,9 @@ on:
required: false
type: string
default: ""
go-version:
required: true
type: string
runs-on:
description: An expression indicating which kind of runners to use.
required: true
@ -46,7 +49,7 @@ jobs:
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ inputs.go-version }}
- run: go env
- name: lint-${{ matrix.directory }}
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0

8
.github/workflows/reusable-unit-split.yml
Unescape View File

@ -37,6 +37,9 @@ on:
required: false
type: string
default: ""
go-version:
required: true
type: string
secrets:
elevated-github-token:
required: true
@ -63,7 +66,7 @@ jobs:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ inputs.go-version }}
- id: set-matrix
run: ./.github/scripts/set_test_package_matrix.sh ${{env.TOTAL_RUNNERS}}
@ -90,8 +93,7 @@ jobs:
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
cache: true
go-version: ${{ inputs.go-version }}
- run: mkdir -p ${{env.TEST_RESULTS}}
- name: go mod download
working-directory: ${{inputs.directory}}

10
.github/workflows/reusable-unit.yml
Unescape View File

@ -34,9 +34,8 @@ on:
type: string
default: ""
go-version:
required: false
required: true
type: string
default: ""
secrets:
elevated-github-token:
required: true
@ -63,15 +62,8 @@ jobs:
if: ${{ endsWith(inputs.repository-name, '-enterprise') }}
run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
if: ${{ inputs.go-version != '' }}
with:
go-version: ${{ inputs.go-version }}
cache: true
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
if: ${{ inputs.go-version == '' }}
with:
go-version-file: 'go.mod'
cache: true
- run: mkdir -p ${{env.TEST_RESULTS}}
- name: go mod download
working-directory: ${{inputs.directory}}

10
.github/workflows/security-scan.yml
Unescape View File

@ -45,8 +45,13 @@ jobs:
name: Setup outputs
run: ./.github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
scan:
needs: [setup]
needs:
- setup
- get-go-version
runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }}
# The first check ensures this doesn't run on community-contributed PRs, who
# won't have the permissions to run this job.
@ -59,8 +64,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
cache: true
go-version: 1.20.12 #TODO move CI build config and this to .go-version or .go-mod
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: Clone Security Scanner repo
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3

10
.github/workflows/test-integrations-windows.yml
Unescape View File

@ -32,12 +32,19 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes_windows.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build-windows.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul.exe'
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -46,6 +53,7 @@ jobs:
envoy-integration-test:
needs:
- setup
- get-go-version
- dev-build
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
permissions:
@ -64,7 +72,7 @@ jobs:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: Fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2

19
.github/workflows/test-integrations.yml
Unescape View File

@ -60,13 +60,19 @@ jobs:
- id: runners
run: .github/scripts/get_runner_classes.sh
get-go-version:
uses: ./.github/workflows/reusable-get-go-version.yml
dev-build:
needs: [setup]
needs:
- setup
- get-go-version
uses: ./.github/workflows/reusable-dev-build.yml
with:
runs-on: ${{ needs.setup.outputs.compute-large }}
repository-name: ${{ github.repository }}
uploaded-binary-name: 'consul-bin'
go-version: ${{ needs.get-go-version.outputs.go-version }}
secrets:
elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
@ -91,6 +97,7 @@ jobs:
- name: Install Go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
# Do not explicitly set Go version here, as it should depend on what Nomad declares.
go-version-file: 'go.mod'
- name: Fetch Consul binary
@ -172,6 +179,7 @@ jobs:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
# Do not explicitly set Go version here, as it should depend on what Vault declares.
go-version-file: 'go.mod'
- name: Install Vault
@ -286,6 +294,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
needs:
- setup
- get-go-version
- generate-envoy-job-matrices
- dev-build
permissions:
@ -305,7 +314,7 @@ jobs:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- name: fetch binary
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@ -378,6 +387,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} # NOTE: do not change without tuning the -p and -parallel flags in go test.
needs:
- setup
- get-go-version
- dev-build
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
@ -393,7 +403,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
- name: docker env
run: |
@ -490,6 +500,7 @@ jobs:
runs-on: ${{ fromJSON(needs.setup.outputs.compute-large ) }}
needs:
- setup
- get-go-version
permissions:
id-token: write # NOTE: this permission is explicitly required for Vault auth.
contents: read
@ -506,7 +517,7 @@ jobs:
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: 'go.mod'
go-version: ${{ needs.get-go-version.outputs.go-version }}
- run: go env
- name: Build image
run: make test-deployer-setup

1
.go-version
Unescape View File

@ -0,0 +1 @@
1.20.12

7
Makefile
Unescape View File

@ -68,6 +68,9 @@ GO_BUILD_TAG?=consul-build-go
UI_BUILD_TAG?=consul-build-ui
BUILD_CONTAINER_NAME?=consul-builder
CONSUL_IMAGE_VERSION?=latest
# When changing the method of Go version detection, also update
# version detection in CI workflows (reusable-get-go-version.yml).
GOLANG_VERSION?=$(shell head -n 1 .go-version)
ENVOY_VERSION?='1.28.0'
CONSUL_DATAPLANE_IMAGE := $(or $(CONSUL_DATAPLANE_IMAGE),"docker.io/hashicorppreview/consul-dataplane:1.3-dev-ubi")
DEPLOYER_CONSUL_DATAPLANE_IMAGE := $(or $(DEPLOYER_CONSUL_DATAPLANE_IMAGE), "docker.io/hashicorppreview/consul-dataplane:1.3-dev")
@ -530,8 +533,8 @@ docker-images: go-build-image ui-build-image
.PHONY: go-build-image
go-build-image: ## Building Golang build container
@echo "Building Golang build container"
@docker build $(NOCACHE) $(QUIET) -t $(GO_BUILD_TAG) - < build-support/docker/Build-Go.dockerfile
@echo "Building Golang $(GOLANG_VERSION) build container"
@docker build $(NOCACHE) $(QUIET) -t $(GO_BUILD_TAG) --build-arg GOLANG_VERSION=$(GOLANG_VERSION) - < build-support/docker/Build-Go.dockerfile
.PHONY: consul-docker
consul-docker: go-build-image ## Builds consul in a docker container and then dumps executable into ./pkg/bin/...

2
build-support/docker/Build-Go.dockerfile
Unescape View File

@ -1,7 +1,7 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: BUSL-1.1
ARG GOLANG_VERSION=1.20.12
ARG GOLANG_VERSION
FROM golang:${GOLANG_VERSION}
WORKDIR /consul

Write Preview
Loading…
Cancel
Save