Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tag releases with semver tag #327

Closed
rturner3 opened this issue Aug 9, 2023 · 5 comments
Closed

Tag releases with semver tag #327

rturner3 opened this issue Aug 9, 2023 · 5 comments

Comments

@rturner3
Copy link

rturner3 commented Aug 9, 2023

Some projects prefer to pin GitHub Actions dependencies by commit SHA rather than major version tag to prevent possible release pipeline vulnerabilities if a malicious tag is pushed to an external project.

If you pin the dependency on this action by commit SHA rather than major version tag, e.g. v2, dependabot doesn't ever detect minor release version updates, seemingly because:

  • The existing major version tag changes to point to a different commit, which doesn't get detected by dependabot
  • There is no version tag containing the full semver tag, e.g. v2.20.0, there is only a release branch, and dependabot seems to only detect new releases when new tags are added to a repository

Other GitHub Actions tag their releases with full semver tags, and this is not a problem with those projects, e.g. actions/checkout.

Going forward, it would be really nice if each release had a semver tag so that projects depending on this step could get automatic update PRs sent by dependabot.
rturner3 pushed a commit to rturner3/spire that referenced this issue Aug 9, 2023
Update msys2/setup-msys2 GitHub Action
14f1a63 
This project generates releases by just creating a new release branch
without a corresponding semver tag, and changing the major version tag
to point to the release branch, which isn't enough for dependabot to
automatically detect the new versions,
see msys2/setup-msys2#327

Manually update this step for now to the current commit pointed to by
the `v2` tag (`v2.20.0`): https://github.com/msys2/setup-msys2/tree/v2

Signed-off-by: Ryan Turner <turner@uber.com>
@rturner3 rturner3 mentioned this issue Aug 9, 2023
Merged
rturner3 pushed a commit to rturner3/spire that referenced this issue Aug 9, 2023
Update msys2/setup-msys2 GitHub Action
5d582fb 
This project generates releases by just creating a new release branch
without a corresponding semver tag, and changing the major version tag
to point to the release branch, which isn't enough for dependabot to
automatically detect the new versions,
see msys2/setup-msys2#327

Manually update this step for now to the current commit pointed to by
the `v2` tag (`v2.20.0`): https://github.com/msys2/setup-msys2/tree/v2

Signed-off-by: Ryan Turner <turner@uber.com>
rturner3 added a commit to spiffe/spire that referenced this issue Aug 9, 2023
@rturner3
Update msys2/setup-msys2 GitHub Action (#4421)
0527653 
This project generates releases by just creating a new release branch
without a corresponding semver tag, and changing the major version tag
to point to the release branch, which isn't enough for dependabot to
automatically detect the new versions,
see msys2/setup-msys2#327

Manually update this step for now to the current commit pointed to by
the `v2` tag (`v2.20.0`): https://github.com/msys2/setup-msys2/tree/v2

Signed-off-by: Ryan Turner <turner@uber.com>
@lazka
Copy link
Member

lazka commented Aug 10, 2023

thanks, sounds good. I'll have a look.

@lazka
Copy link
Member

lazka commented Aug 11, 2023
edited
Loading

Done now.

For future reference:

  • I've merged all separate release branches into one branch here: https://github.com/msys2/setup-msys2/commits/dist (cherry-picked while ignoring all old files each time)
  • I've added tags for all releases on that branch
  • I've renamed the old release branches from "vX.Y.Z" to "legacy-vX.Y.Z" to keep the old commits reachable and avoid naming conflicts with the new tags
  • I've released v2.20.1 just now with some minor updates to test the release process

@lazka lazka closed this as completed Aug 11, 2023
@rturner3
Copy link
Author

Hmm, I didn't see that dependabot raised a PR for the new release. Perhaps you have to create a GitHub release for the new releases to get noticed by dependabot?

@lazka
Copy link
Member

lazka commented Aug 11, 2023

done

@lazka
Copy link
Member

lazka commented Aug 13, 2023

From what I see it still didn't work (??)

faisal-memon pushed a commit to faisal-memon/spire that referenced this issue Sep 12, 2023
@rturner3 @faisal-memon
Update msys2/setup-msys2 GitHub Action (spiffe#4421)
33b1d20 
This project generates releases by just creating a new release branch
without a corresponding semver tag, and changing the major version tag
to point to the release branch, which isn't enough for dependabot to
automatically detect the new versions,
see msys2/setup-msys2#327

Manually update this step for now to the current commit pointed to by
the `v2` tag (`v2.20.0`): https://github.com/msys2/setup-msys2/tree/v2

Signed-off-by: Ryan Turner <turner@uber.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>
@rturner3 rturner3 mentioned this issue Sep 13, 2023
Merged
azdagron added a commit to azdagron/spire that referenced this issue Sep 13, 2023
@azdagron @faisal-memon
@dependabot @zmt @chiragk25 @rturner3 @MarcosDY @sorindumitru
Db api test2 (#39)
dab9ad6 
* Populate and prune entry event table

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (spiffe#4412)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.15.0...v0.15.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump golang.org/x/sys from 0.10.0 to 0.11.0 (spiffe#4409)

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.10.0 to 0.11.0.
- [Commits](golang/sys@v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* [docker buildx] Create tls context if needed (spiffe#4405)

Signed-off-by: Zack Train <ztrain@uber.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump golang.org/x/net from 0.13.0 to 0.14.0 (spiffe#4413)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.13.0 to 0.14.0.
- [Commits](golang/net@v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add telemetry instrumentation for delegated identity API and add latency telemetry util (spiffe#4399)

* Add telemetry instrumentation for delegated identity API and add latency telemetry util

Signed-off-by: chiragk25 <chirag.d.kapadia@gmail.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.109.1 to 1.110.1 (spiffe#4416)

Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.109.1 to 1.110.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ec2/v1.109.1...service/ec2/v1.110.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump actions/setup-go from 4.0.1 to 4.1.0 (spiffe#4418)

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@fac708d...93397be)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump google.golang.org/api from 0.134.0 to 0.136.0 (spiffe#4420)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.134.0 to 0.136.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.134.0...v0.136.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.2 (spiffe#4419)

Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update msys2/setup-msys2 GitHub Action (spiffe#4421)

This project generates releases by just creating a new release branch
without a corresponding semver tag, and changing the major version tag
to point to the release branch, which isn't enough for dependabot to
automatically detect the new versions,
see msys2/setup-msys2#327

Manually update this step for now to the current commit pointed to by
the `v2` tag (`v2.20.0`): https://github.com/msys2/setup-msys2/tree/v2

Signed-off-by: Ryan Turner <turner@uber.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump actions/dependency-review-action from 3.0.6 to 3.0.7 (spiffe#4425)

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@1360a34...7d90b4f)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager (spiffe#4428)

Bumps [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.21.0/CHANGELOG.md)
- [Commits](aws/aws-sdk-go-v2@v1.20.1...service/s3/v1.21.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/secretsmanager
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.110.1 to 1.111.0 (spiffe#4431)

Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.110.1 to 1.111.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ec2/v1.110.1...service/ec2/v1.111.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Set up feature flag

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.0 to 1.7.1 (spiffe#4432)

Bumps [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.7.0...sdk/azcore/v1.7.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump google.golang.org/api from 0.136.0 to 0.137.0 (spiffe#4433)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.136.0 to 0.137.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.136.0...v0.137.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove prune events interval from docs

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Fix outdated comments

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update pkg/server/datastore/sqlstore/sqlstore.go

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add var names for consistency

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump version and CHANGELOG after v1.7.2 release (spiffe#4441)

Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update golangci-lint and Markdown linter (spiffe#4440)

Also fix new Markdown linter errors

Signed-off-by: Ryan Turner <turner@uber.com>
Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.111.0 to 1.112.0 (spiffe#4434)

Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.111.0 to 1.112.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ec2/v1.111.0...service/ec2/v1.112.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump actions/dependency-review-action from 3.0.7 to 3.0.8 (spiffe#4435)

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@7d90b4f...f6fff72)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump cloud.google.com/go/storage from 1.31.0 to 1.32.0 (spiffe#4436)

Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.31.0 to 1.32.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@pubsub/v1.31.0...pubsub/v1.32.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/GoogleCloudPlatform/cloudsql-proxy (spiffe#4437)

Bumps [github.com/GoogleCloudPlatform/cloudsql-proxy](https://github.com/GoogleCloudPlatform/cloudsql-proxy) from 1.33.9 to 1.33.10.
- [Release notes](https://github.com/GoogleCloudPlatform/cloudsql-proxy/releases)
- [Changelog](https://github.com/GoogleCloudPlatform/cloud-sql-proxy/blob/v1.33.10/CHANGELOG.md)
- [Commits](GoogleCloudPlatform/cloud-sql-proxy@v1.33.9...v1.33.10)

---
updated-dependencies:
- dependency-name: github.com/GoogleCloudPlatform/cloudsql-proxy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump k8s.io/client-go from 0.27.4 to 0.28.0 (spiffe#4439)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.27.4 to 0.28.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.27.4...v0.28.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity (spiffe#4442)

Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.3.0...sdk/azcore/v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove node selector cruft cleanup code (spiffe#4443)

SPIRE v1.6.3 introduced code to clean up node selector cruft in the database.
This code can be removed in v1.8.0.

Fixes: spiffe#3945

Signed-off-by: Andrew Harding <azdagron@gmail.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove SDS v2 API (spiffe#4444)

The SDS v2 API has been removed for Envoy for several years. We cannot
reasonably support it any longer, and we expect most users should no
longer be using it anymore.

Signed-off-by: Ryan Turner <turner@uber.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump google.golang.org/api from 0.137.0 to 0.138.0 (spiffe#4446)

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.137.0 to 0.138.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.137.0...v0.138.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.112.0 to 1.113.0 (spiffe#4448)

Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.112.0 to 1.113.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ec2/v1.112.0...service/ec2/v1.113.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add the ability to configure the refresh hint of the local bundle (spiffe#4400)

* spire-server: add support for configuring a static bundle refresh_hint

This allows us to move to a place where we are closer to the
recommendation of the SPIFFE spec which says that client of the trust
bundle endpoint should default to a low refresh interval to be able to
retrieve updated trust bundles in a timely manner.

Signed-off-by: Sorin Dumitru <sdumitru@bloomberg.net>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Upgrade to go1.21.0 (spiffe#4450)

Also the go compiler version is now always reported with a patch version
so we can remove the whole go_version_full/go_version distinction in the
Makefile.

Fixed up the compiler tarball URL to match what is now present on the
Go downloads page.

Signed-off-by: Andrew Harding <azdagron@gmail.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Bump k8s.io/kube-aggregator from 0.27.4 to 0.28.0 (spiffe#4447)

Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.27.4 to 0.28.0.
- [Commits](kubernetes/kube-aggregator@v0.27.4...v0.28.0)

---
updated-dependencies:
- dependency-name: k8s.io/kube-aggregator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove startup entry scan (spiffe#4449)

Quite some time ago we added a scan to first warn and then eventually
delete entries with invalid SPIFFE IDs. This scan is no longer needed,
since entries will have already been removed by previous upgrades and
can be removed.

Signed-off-by: Andrew Harding <azdagron@gmail.com>
Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Clean up fflag in sqlstore.go

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove mysql specifics

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update pruning interval

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add prune unit tests, sql lite support

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Make prune test more resillient

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Fix postgres issues with pruning

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add more unit tests for listing events

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add test for prune events task

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove pagination

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Remove platform specific prune functions

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update pkg/common/telemetry/server/datastore/event.go

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add unit tests for configurable

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Update pkg/server/endpoints/entryfetcher_test.go

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Add ctx.Done()

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* Fix some rebase conflicts

Signed-off-by: Faisal Memon <fymemon@yahoo.com>

* run prune events only when feature flag is active

Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com>

---------

Signed-off-by: Faisal Memon <fymemon@yahoo.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Zack Train <ztrain@uber.com>
Signed-off-by: chiragk25 <chirag.d.kapadia@gmail.com>
Signed-off-by: Ryan Turner <turner@uber.com>
Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com>
Signed-off-by: Andrew Harding <azdagron@gmail.com>
Signed-off-by: Sorin Dumitru <sdumitru@bloomberg.net>
Co-authored-by: Faisal Memon <fymemon@yahoo.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zachary M. Train <no1@zmt.org>
Co-authored-by: Chirag Kapadia <chirag.d.kapadia@gmail.com>
Co-authored-by: Ryan Turner <rturner3@users.noreply.github.com>
Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com>
Co-authored-by: Sorin Dumitru <sdumitru@bloomberg.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lazka @rturner3