From 7c33691b00cd3ab384fbff6bd4769037b1aad9e5 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Mon, 3 Nov 2025 13:43:37 +0000 Subject: [PATCH 1/7] feat: aws subscription ID in subscription response --- service/subscriptions/model.go | 1 + subscription_test.go | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/service/subscriptions/model.go b/service/subscriptions/model.go index ce1d98a..f5e172e 100644 --- a/service/subscriptions/model.go +++ b/service/subscriptions/model.go @@ -153,6 +153,7 @@ func (o Subscription) String() string { type CloudDetail struct { Provider *string `json:"provider,omitempty"` CloudAccountID *int `json:"cloudAccountId,omitempty"` + AWSAccountID *string `json:"awsAccountId,omitempty"` TotalSizeInGB *float64 `json:"totalSizeInGb,omitempty"` Regions []*Region `json:"regions,omitempty"` } diff --git a/subscription_test.go b/subscription_test.go index 2816f79..e1c6697 100644 --- a/subscription_test.go +++ b/subscription_test.go @@ -425,6 +425,7 @@ func TestSubscription_List(t *testing.T) { { "provider": "AWS", "cloudAccountId": 2, + "awsAccountId": "123456789012", "totalSizeInGb": 0.0062, "regions": [ { @@ -509,6 +510,7 @@ func TestSubscription_List(t *testing.T) { { Provider: redis.String("AWS"), CloudAccountID: redis.Int(2), + AWSAccountID: redis.String("123456789012"), TotalSizeInGB: redis.Float64(0.0062), Regions: []*subscriptions.Region{ { @@ -579,6 +581,7 @@ func TestSubscription_Get(t *testing.T) { { "provider": "AWS", "cloudAccountId": 3, + "awsAccountId": "987654321098", "totalSizeInGb": 4, "regions": [ { @@ -624,6 +627,7 @@ func TestSubscription_Get(t *testing.T) { { Provider: redis.String("AWS"), CloudAccountID: redis.Int(3), + AWSAccountID: redis.String("987654321098"), TotalSizeInGB: redis.Float64(4), Regions: []*subscriptions.Region{ { @@ -658,6 +662,7 @@ func TestSubscription_Get_PublicEndpointAccess(t *testing.T) { { "provider": "AWS", "cloudAccountId": 3, + "awsAccountId": "111222333444", "totalSizeInGb": 4, "regions": [ { @@ -704,6 +709,7 @@ func TestSubscription_Get_PublicEndpointAccess(t *testing.T) { { Provider: redis.String("AWS"), CloudAccountID: redis.Int(3), + AWSAccountID: redis.String("111222333444"), TotalSizeInGB: redis.Float64(4), Regions: []*subscriptions.Region{ { From d1edb9d5b05d74a2582b2e69da56244643bc2b12 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Fri, 24 Oct 2025 12:55:53 +0100 Subject: [PATCH 2/7] chore: adding vuln check to CI --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d0818a5..63e54a1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,3 +18,6 @@ jobs: - name: Build run: make + + - name: Check for vulnerabilities + run: go run golang.org/x/vuln/cmd/govulncheck@latest ./... From c6aa580a3514a617d117a88d4f4624ec8d23c2b8 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Fri, 24 Oct 2025 13:00:56 +0100 Subject: [PATCH 3/7] chore: bumping go toolchain as vulnerabilities detected --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 27de6d7..7bd7503 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/RedisLabs/rediscloud-go-api go 1.24.0 -toolchain go1.24.1 +toolchain go1.24.4 require ( github.com/avast/retry-go/v4 v4.7.0 From 22618faf51fd1fba662edf717f45f9d8e1021c87 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Fri, 24 Oct 2025 13:04:53 +0100 Subject: [PATCH 4/7] chore: extract out vuln check to its own pipeline to work in parallel --- .github/workflows/ci.yml | 5 +---- .github/workflows/vulnerability.yml | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/vulnerability.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 63e54a1..d142480 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,6 @@ name: CI -on: [push] +on: [push, pull_request] jobs: build: @@ -18,6 +18,3 @@ jobs: - name: Build run: make - - - name: Check for vulnerabilities - run: go run golang.org/x/vuln/cmd/govulncheck@latest ./... diff --git a/.github/workflows/vulnerability.yml b/.github/workflows/vulnerability.yml new file mode 100644 index 0000000..04c7bd5 --- /dev/null +++ b/.github/workflows/vulnerability.yml @@ -0,0 +1,18 @@ +name: Vulnerability Check + +on: [push, pull_request] + +jobs: + vulncheck: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v5.0.0 + + - name: Install Go + uses: actions/setup-go@v6.0.0 + with: + go-version-file: go.mod + + - name: Check for vulnerabilities + run: go run golang.org/x/vuln/cmd/govulncheck@latest ./... From 7439bd2885b33efee2eb420439bab48db43a7045 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Fri, 24 Oct 2025 13:07:06 +0100 Subject: [PATCH 5/7] chore: enable cache for go installation and modules --- .github/workflows/ci.yml | 1 + .github/workflows/vulnerability.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d142480..14758a4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,6 +15,7 @@ jobs: uses: actions/setup-go@v6.0.0 with: go-version-file: go.mod + cache: true - name: Build run: make diff --git a/.github/workflows/vulnerability.yml b/.github/workflows/vulnerability.yml index 04c7bd5..9c81783 100644 --- a/.github/workflows/vulnerability.yml +++ b/.github/workflows/vulnerability.yml @@ -13,6 +13,7 @@ jobs: uses: actions/setup-go@v6.0.0 with: go-version-file: go.mod + cache: true - name: Check for vulnerabilities run: go run golang.org/x/vuln/cmd/govulncheck@latest ./... From 71083a4900403dc5276c7e824c064ebbaab80785 Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Mon, 3 Nov 2025 14:03:50 +0000 Subject: [PATCH 6/7] docs: update changelog with AWS account ID and security improvements --- CHANGELOG.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 684eab1..4619882 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ All notable changes to this project will be documented in this file. See updating [Changelog example here](https://keepachangelog.com/en/1.0.0/). +## Unreleased + +### Added: +* Added `AWSAccountID` field to `CloudDetail` struct in subscriptions model for AWS account identification +* Added `govulncheck` to CI pipeline for automated vulnerability detection +* New `.github/workflows/vulnerability.yml` workflow for parallel vulnerability checking +* Enabled Go module caching in GitHub Actions for improved build performance + +### Updated: +* Updated Go toolchain to 1.24.4 to address stdlib vulnerabilities (GO-2025-3751, GO-2025-3750, GO-2025-3749, GO-2025-3563) + +### Tests: +* Added AWS account ID to subscription test fixtures (`TestSubscription_List`, `TestSubscription_Get`, `TestSubscription_Get_PublicEndpointAccess`) + ## 0.40.0 (31st October 2025) ### Added: From 6a65c278bbcacecb1257be26f0c389d9d5a6f1bf Mon Sep 17 00:00:00 2001 From: Matthew Long Date: Mon, 3 Nov 2025 14:07:00 +0000 Subject: [PATCH 7/7] chore: update Go toolchain to 1.25.3 to address GO-2025-4007 vulnerability --- CHANGELOG.md | 2 +- go.mod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4619882..909b326 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,7 +11,7 @@ See updating [Changelog example here](https://keepachangelog.com/en/1.0.0/). * Enabled Go module caching in GitHub Actions for improved build performance ### Updated: -* Updated Go toolchain to 1.24.4 to address stdlib vulnerabilities (GO-2025-3751, GO-2025-3750, GO-2025-3749, GO-2025-3563) +* Updated Go toolchain to 1.25.3 to address stdlib vulnerabilities (GO-2025-4007, GO-2025-3751, GO-2025-3750, GO-2025-3749, GO-2025-3563) ### Tests: * Added AWS account ID to subscription test fixtures (`TestSubscription_List`, `TestSubscription_Get`, `TestSubscription_Get_PublicEndpointAccess`) diff --git a/go.mod b/go.mod index 7bd7503..4ed36f9 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/RedisLabs/rediscloud-go-api go 1.24.0 -toolchain go1.24.4 +toolchain go1.25.3 require ( github.com/avast/retry-go/v4 v4.7.0