Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: enable govulncheck #2969

Merged
merged 4 commits into from
Jan 2, 2024
Merged

ci: enable govulncheck #2969

merged 4 commits into from
Jan 2, 2024

Conversation

rootulp
Copy link
Collaborator

@rootulp rootulp commented Dec 28, 2023
edited
Loading

Closes #2968
Supersedes #2744

Description

@rootulp rootulp requested a review from rach-id December 28, 2023 05:05
@rootulp rootulp self-assigned this Dec 28, 2023
@rootulp rootulp changed the title ci: govulncheck ci: enable govulncheck Dec 28, 2023
@rootulp rootulp marked this pull request as ready for review December 28, 2023 05:15
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 28, 2023
edited
Loading

Walkthrough

The changes involve updating the Go version to 1.21.5 across various GitHub Actions workflows and the Dockerfile to ensure compatibility and security. A new workflow, govulncheck.yml, has been introduced to run the govulncheck tool, which checks for vulnerabilities in Go projects. The Makefile has been updated to reflect the new Go version and to include a target for running govulncheck.

Changes

File(s) Change Summary
.github/workflows/... Updated the GO_VERSION environment variable from '1.21.1' to '1.21.5'.
.github/workflows/govulncheck.yml Added a new workflow for running govulncheck on pull requests.
Makefile Updated GOLANG_CROSS_VERSION to v1.21.5 and added govulncheck target.
README.md Updated Go version in installation instructions to 1.21.5.
test/testground/Dockerfile Changed the base Go image to golang:1.21.5-alpine3.18 and adjusted formatting for readability.

Assessment against linked issues

Objective Addressed Explanation
CI workflow for go vulncheck (#2968) The new govulncheck.yml workflow addresses this objective by implementing a CI process to run govulncheck.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat with CodeRabbit Bot (@coderabbitai)

Note: Auto-reply has been disabled for this repository by the repository owner. The CodeRabbit bot will not respond to your comments unless it is explicitly tagged.

  • You can tag CodeRabbit on specific lines of code or entire files in the PR by tagging @coderabbitai in a comment. Examples:
    • @coderabbitai generate unit tests for this file.
    • @coderabbitai modularize this function.
  • You can tag @coderabbitai in a PR comment and ask questions about the PR and the codebase. Examples:
    • @coderabbitai generate interesting stats about this repository from git and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit tests.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid.
    • @coderabbitai read the files in the src/scheduler package and generate README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • The JSON schema for the configuration file is available here.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

evan-forbes
evan-forbes previously approved these changes Jan 2, 2024
View reviewed changes
staheri14
staheri14 previously approved these changes Jan 2, 2024
View reviewed changes
cmwaters
cmwaters previously approved these changes Jan 2, 2024
View reviewed changes
@rootulp rootulp dismissed stale reviews from cmwaters, staheri14, and evan-forbes via 0fa0abb January 2, 2024 21:52
@celestia-bot celestia-bot requested a review from a team January 2, 2024 21:52
@rootulp rootulp enabled auto-merge (squash) January 2, 2024 21:53
@rootulp rootulp merged commit 5400fea into celestiaorg:main Jan 2, 2024
29 checks passed
@rootulp rootulp mentioned this pull request Jan 3, 2024
Closed
5 tasks
rootulp pushed a commit to rootulp/celestia-app that referenced this pull request Jan 11, 2024
@fahimahmedx @rootulp
add initial tests for governance modifiable params
182b05c 
add auth, blob, blobstream, and consensus governance param tests

add governance params tests for distribution

add tests for modifying gov params

add tests for modifying ibc params

add tests for modifying slashing params

add tests for modifying staking params

ci: remove version_bump job (celestiaorg#2962)

Closes celestiaorg#2884

- Remove the version_bump and branch_name jobs
- Extract the goreleaser jobs to a new file

Can still create a release. See
https://github.com/rootulp/celestia-app/actions/runs/7324051789/job/19947265102

docs: add column for governance modifiable params in resource_pricing (celestiaorg#2974)

Addresses celestiaorg#2966 by using the governance modifiable params tests in PR
All four of the params are modifiable by governance, which matches the
specs in
[params.md](https://github.com/celestiaorg/celestia-app/blob/main/specs/src/specs/params.md).

- [x] New and updated code has appropriate documentation
- [x] New and updated code has new and/or updated testing
- [x] Required CI checks are passing
- [x] Visual proof for any user facing features like CLI or
documentation updates
- [ ] Linked issues closed with keywords

chore: remove unnecessary conversions (celestiaorg#2975)

Use linter to detect unnecessary type conversions
https://github.com/mdempsky/unconvert

ci: enable govulncheck (celestiaorg#2969)

Closes celestiaorg#2968
Supersedes celestiaorg#2744

- CI workflow is inspired by
https://github.com/celestiaorg/celestia-core/blob/main/.github/workflows/govulncheck.yml
- Bumped to Go 1.21.5 to resolve some vulnerabilities identified by
govulncheck

improve naming of governance params test suite

fix govHandler and remove test for an unmodifiable param.

remove unneeded minter setup
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@evan-forbes evan-forbes evan-forbes approved these changes

@rach-id rach-id rach-id approved these changes

@staheri14 staheri14 Awaiting requested review from staheri14

@cmwaters cmwaters Awaiting requested review from cmwaters

Assignees

@rootulp rootulp

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CI workflow for go vulncheck
5 participants
@rootulp @cmwaters @staheri14 @rach-id @evan-forbes