chore: upgrade to go 1.17.8 #8866

crenshaw-dev · 2022-03-23T14:37:08Z

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

terrytangyuan

Good to know. Let me know when you find out about why these CVEs aren't showing up. I am also upgrading this in Workflows.

crenshaw-dev · 2022-03-23T15:19:06Z

Thinking we should cherry-pick this onto any 2.3 patch releases, maybe 2.2 and 2.1 as well. I'd consider this a relatively low-risk, high-reward change.

crenshaw-dev · 2022-03-23T15:49:56Z

Weird, it's still showing merging blocked even though you're a reviewer now. @alexmt is that expected?

terrytangyuan · 2022-03-23T15:58:18Z

I think reviewer is only able to review and the actual "approve" still needs to be done by an approver.

terrytangyuan · 2022-03-23T17:20:07Z

@crenshaw-dev Discussing this upgrade for Workflows in argoproj/argo-workflows#8222 (comment) too. Perhaps we should just use 1.17 if we want the latest version.

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

codecov · 2022-03-23T17:27:55Z

Codecov Report

Merging #8866 (94eedf0) into master (a6c664b) will decrease coverage by 0.02%.
The diff coverage is 18.75%.

@@            Coverage Diff             @@
##           master    #8866      +/-   ##
==========================================
- Coverage   42.87%   42.85%   -0.03%     
==========================================
  Files         186      186              
  Lines       23335    23359      +24     
==========================================
+ Hits        10006    10011       +5     
- Misses      11898    11914      +16     
- Partials     1431     1434       +3

Impacted Files	Coverage Δ
controller/cache/cache.go	`20.76% <0.00%> (ø)`
pkg/apis/application/v1alpha1/app_project_types.go	`51.83% <0.00%> (-0.28%)`	⬇️
server/application/application.go	`31.37% <7.14%> (-0.19%)`	⬇️
controller/appcontroller.go	`51.61% <38.46%> (-0.21%)`	⬇️
util/settings/settings.go	`48.10% <0.00%> (ø)`

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update af03b29...94eedf0. Read the comment docs.

crenshaw-dev · 2022-03-23T17:29:11Z

I'm split between wanting a deterministic build and wanting to avoid maintenance overhead of bumping the golang version. Open to ideas either way.

Looks like differences between golang patches are very minimal, so I'm leaning towards preferring just 1.17.

alexmt

I think 1.17 is a good compromise. Goland version is available via argocd version so we can always find the exact go version used for release

rimasgo · 2022-04-04T12:13:06Z

Hello, thanks for doing the changes!

Just a quick question. On which version argocd release this will be adopted? I just check the source code for 2.3.3 which was released 5 days ago and it's still pointing to hardcoded 1.17.6 value for builder image.

crenshaw-dev · 2022-04-04T14:35:45Z

@rimasgo good question. I think I'll be doing the next 2.3 release, so I'll plan to cherry pick it then.

* chore: upgrade to go 1.17.8 Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: use 1.17 so it's always latest in the series Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

* chore: upgrade to go 1.17.8 Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: use 1.17 so it's always latest in the series Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: wojtekidd <wojtek.cichon@protonmail.com>

* fix(ui): Applications page incorrectly resets to tiles view. Fixes argoproj#8702 (argoproj#8718) Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> * fix: correct jsonnet paths resolution (argoproj#8721) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: Bump stable version of application set addon (argoproj#8744) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * fix: Retry checkbox unchecked unexpectedly; Sync up with YAML (argoproj#8682) (argoproj#8720) Signed-off-by: Keith Chong <kykchong@redhat.com> * Bump version to 2.3.1 * Bump version to 2.3.1 * Merge pull request from GHSA-2f5v-8r3f-8pww * fix: application resource APIs must enforce project restrictions Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Fix unit tests Signed-off-by: jannfis <jann@mistrust.net> Co-authored-by: jannfis <jann@mistrust.net> * chore: remove lint-docs CI task (argoproj#8722) (argoproj#8858) * chore: remove lint-docs CI task Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: remove not longer necessary url-allow-list Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: fix imports (argoproj#8859) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.3.2 * Bump version to 2.3.2 * fix: Set QPS and burst rate for resource ops client (argoproj#8915) * fix: Set QPS and burst rate for resource ops client Signed-off-by: jannfis <jann@mistrust.net> * fix: prevent excessive repo-server disk usage for large repos (argoproj#8845) (argoproj#8897) fix: prevent excessive repo-server disk usage for large repos (argoproj#8845) (argoproj#8897) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix: bump gitops engine version to v0.6.2 Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * docs: update v2.4+ roadmap items (argoproj#8593) Signed-off-by: ishitasequeira <isequeir@redhat.com> * docs: reflect v2.3 release changes in roadmap.md (argoproj#8747) docs: reflect v2.3 release changes in roadmap.md (argoproj#8747) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * Bump version to 2.3.3 * Bump version to 2.3.3 * fix: Fix docs build error (argoproj#8895) * work with specific jinja version Signed-off-by: pashavictorovich <pavel@codefresh.io> * fix: fix broken monaco editor collapse icons (argoproj#8709) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: upgrade to go 1.17.8 (argoproj#8866) (argoproj#9004) * chore: upgrade to go 1.17.8 Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: use 1.17 so it's always latest in the series Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix: allow cli/ui to follow logs (argoproj#8987) (argoproj#9065) Signed-off-by: Daniel Helfand <helfand.4@gmail.com> * Merge pull request from GHSA-xmg8-99r8-jc2j Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-6gcg-hp2x-q54h * fix: do not allow symlinks from directory-type applications Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: add new util file Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: lint Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: use t.TempDir for simpler tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * address comments Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-r642-gv9p-2wjj Signed-off-by: jannfis <jann@mistrust.net> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.3.4 * Bump version to 2.3.4 * test: fix ErrorContains (argoproj#9445) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix: missing Helm params (argoproj#9565) (argoproj#9566) * fix: missing Helm params Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * use absolute paths, fix tests Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix race in test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: upgrade golangci-lint to v1.46.2 (argoproj#9448) * chore: upgrade golangci-lint to v1.46.2 Because: * Installation of golangci-lint v1.45.2 is currently broken and fails silently due to a redacted dependency (blizzy78/varnamelen#13) This commit: * Upgrades golangci-lint to v1.46.2 Signed-off-by: Tommaso Sardelli <lacapannadelloziotom@gmail.com> * fix: lint Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix: lint Signed-off-by: Tommaso Sardelli <lacapannadelloziotom@gmail.com> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * fix: test race (argoproj#9469) Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: lint issues Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: update golangci-lint (argoproj#8988) * chore: update golangci-lint Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: remove obsolete repo-server unit test (argoproj#9559) Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: Make unit tests run on platforms other than amd64 (argoproj#8995) Signed-off-by: jannfis <jann@mistrust.net> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: eliminate go-mpatch dependency (argoproj#9045) * chore: eliminate go-mpatch dependency Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: abstract out resource list function Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: don't exit the program in anything but the main function Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: better error messages Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: better error messages Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * test: directory app manifest generation (argoproj#9503) * test: directory app manifest generation Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * git doesn't support empty dirs Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-h4w9-6x78-8vrj Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-2m7h-86qq-fp4v Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix references Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> use long enough state param for oauth2 Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> typo Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more entropy Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix test Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-q4w5-4gq2-98vm Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Merge pull request from GHSA-jhqp-vf4w-rpwq Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> defer instead of multiple close calls Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> oops Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> don't count jsonnet against max Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix codegen Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> add caveat about 300x ratio Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix versions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix tests/lint Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * chore: fix docs gen Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> * Bump version to 2.3.5 * Bump version to 2.3.5 * docs: Changes for v2.3.5 Documented key decision factors to use Argo CD v2.3.5. Contributes to: automation-saas/automation-saas/native-AWS#1972 Signed-off-by: Sujeily Fonseca <sujeily.fonseca@ibm.com> Co-authored-by: Yuan Tang <terrytangyuan@gmail.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Keith Chong <kykchong@redhat.com> Co-authored-by: argo-bot <argoproj@gmail.com> Co-authored-by: jannfis <jann@mistrust.net> Co-authored-by: Michael Crenshaw <michael@crenshaw.dev> Co-authored-by: Ishita Sequeira <46771830+ishitasequeira@users.noreply.github.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io> Co-authored-by: Daniel Helfand <helfand.4@gmail.com> Co-authored-by: Tommaso Sardelli <lacapannadelloziotom@gmail.com>

chore: upgrade to go 1.17.8

1db4bd0

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

terrytangyuan reviewed Mar 23, 2022

View reviewed changes

crenshaw-dev added the cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch label Mar 23, 2022

crenshaw-dev marked this pull request as ready for review March 23, 2022 15:40

crenshaw-dev requested a review from terrytangyuan March 23, 2022 15:40

terrytangyuan approved these changes Mar 23, 2022

View reviewed changes

chore: use 1.17 so it's always latest in the series

94eedf0

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

alexmt approved these changes Mar 23, 2022

View reviewed changes

alexmt merged commit f313db9 into argoproj:master Mar 23, 2022

rimasgo mentioned this pull request Apr 4, 2022

Vulnerable golang version used to package applicationset-controller argoproj/applicationset#571

Open

crenshaw-dev deleted the go-1.17.8 branch April 4, 2022 14:35

github-actions bot mentioned this pull request May 18, 2022

Updating argoproj/argo-cd kryptn/infra#24

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: upgrade to go 1.17.8 #8866

chore: upgrade to go 1.17.8 #8866

crenshaw-dev commented Mar 23, 2022

terrytangyuan left a comment

crenshaw-dev commented Mar 23, 2022

crenshaw-dev commented Mar 23, 2022

terrytangyuan commented Mar 23, 2022

terrytangyuan commented Mar 23, 2022 •

edited

codecov bot commented Mar 23, 2022 •

edited

crenshaw-dev commented Mar 23, 2022 •

edited

alexmt left a comment

rimasgo commented Apr 4, 2022

crenshaw-dev commented Apr 4, 2022

chore: upgrade to go 1.17.8 #8866

chore: upgrade to go 1.17.8 #8866

Conversation

crenshaw-dev commented Mar 23, 2022

terrytangyuan left a comment

Choose a reason for hiding this comment

crenshaw-dev commented Mar 23, 2022

crenshaw-dev commented Mar 23, 2022

terrytangyuan commented Mar 23, 2022

terrytangyuan commented Mar 23, 2022 • edited

codecov bot commented Mar 23, 2022 • edited

Codecov Report

crenshaw-dev commented Mar 23, 2022 • edited

alexmt left a comment

Choose a reason for hiding this comment

rimasgo commented Apr 4, 2022

crenshaw-dev commented Apr 4, 2022

terrytangyuan commented Mar 23, 2022 •

edited

codecov bot commented Mar 23, 2022 •

edited

crenshaw-dev commented Mar 23, 2022 •

edited