Skip to content

chore(deps): bump golangci/golangci-lint-action from 7 to 9#2

Merged
royosherove merged 1 commit intomainfrom
dependabot/github_actions/golangci/golangci-lint-action-9
May 9, 2026
Merged

chore(deps): bump golangci/golangci-lint-action from 7 to 9#2
royosherove merged 1 commit intomainfrom
dependabot/github_actions/golangci/golangci-lint-action-9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 2, 2026
edited
Loading

Bumps golangci/golangci-lint-action from 7 to 9.

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.0.0

In the scope of this release, we change Nodejs runtime from node20 to node24 (https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/).

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v8.0.0...v9.0.0

v8.0.0

Requires golangci-lint version >= v2.1.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v7...v8.0.0

v7.0.1

What's Changed

Documentation

Dependencies

New Contributors

Full Changelog: golangci/golangci-lint-action@v7.0.0...v7.0.1

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 2, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/golangci/golangci-lint-action-9 branch 2 times, most recently from d09beaf to 407c63d Compare May 3, 2026 11:00
@dependabot dependabot Bot requested a review from royosherove as a code owner May 3, 2026 11:00
@dependabot dependabot Bot force-pushed the dependabot/github_actions/golangci/golangci-lint-action-9 branch from 407c63d to cb493ce Compare May 3, 2026 11:55
@dependabot dependabot Bot changed the title chore(deps): bump golangci/golangci-lint-action from 6 to 9 chore(deps): bump golangci/golangci-lint-action from 7 to 9 May 3, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/golangci/golangci-lint-action-9 branch 3 times, most recently from f67600a to 6921e1d Compare May 3, 2026 12:02
@royosherove
Copy link
Copy Markdown
Member

royosherove commented May 3, 2026

@dependabot rebase

@dependabot
chore(deps): bump golangci/golangci-lint-action from 7 to 9
e0444b3 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 7 to 9.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v7...v9)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: '9'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/golangci/golangci-lint-action-9 branch from 6921e1d to e0444b3 Compare May 3, 2026 12:13
royosherove added a commit that referenced this pull request May 3, 2026
@royosherove
fix(installer): v0.2.0 — session-dir detection, health timeout, platf…
3119d0a 
…orm preconditions, idempotency, diagnostics (#10)

* fix(setup): fail-fast on unresolvable session-dir / run-as under root (#1)

* fix(setup): bump health timeout to 60s, add --health-timeout (#2)

* feat(setup): unsupported-platform preconditions for Darwin + non-systemd (#3)

* fix(install): default HOME, drop blind set -u (#4)

* fix(setup): skip restart when config unchanged (#5)

* feat(setup): surface last HTTP response in health-check error (#6)

* feat(setup): step-by-step progress output + SilenceUsage (#7)

* docs: TELEMETRON_TOKEN_SECRET env in install.sh --help and setup summary (#8)

* docs: bless install.sh auto-setup (update setup plan + CHANGELOG) (#9)

* chore(lint): satisfy staticcheck error-string rules

---------

Co-authored-by: Roy Osherove <575051+royosherove@users.noreply.github.com>
royosherove added a commit that referenced this pull request May 3, 2026
@royosherove
docs(v0.3.0): simplify enrollment plan — reuse telemetry.loki.run, cl…
92eb7f8 
…ient-side install_id

- Drop v1's standalone-infra approach after discovering lowkey installer
  already generates install_id/machine_id and posts to telemetry.loki.run
- New route POST /v1/enroll as a new Lambda alongside existing install/ingest
- Client sends install_id as OTel resource attr (Roy's call over Codex's #2);
  server strips it before AMP mirror to avoid durable metrics-plane labels
- Defer renewal, revocation, admin CLI, anomaly scoring to v0.3.1
- Scope drops from ~29h to ~12.5h

Codex review v2 pending.
royosherove added a commit that referenced this pull request May 3, 2026
@royosherove
fix(v0.3.0): address code review blockers #2 and #3
2337b52 
Blocker #2 (HIGH): TELEMETRON_TOKEN_SECRET precedence was broken.
Setting the env var suppressed the 'missing token' error but the
secret was never resolved, so setup silently fell through to auto-
enroll. Operators running with a managed-token flow would get an
anonymous token instead, with no warning.

Fix: loadTokenOrEnroll now hard-fails with ErrTokenSecretNotResolved
when TELEMETRON_TOKEN_SECRET is set but no token has been staged and
no --token-file is given. install.sh continues to be the canonical
resolver (fetches from Secrets Manager and stages to
/etc/telemetron/token before invoking setup). Direct 'telemetron
setup' callers that set only TELEMETRON_TOKEN_SECRET now see a clear
error instead of silent downgrade.

Added cmd/telemetron/enrollment_test.go covering:
- TELEMETRON_TOKEN_SECRET + no staged token -> ErrTokenSecretNotResolved
- TELEMETRON_TOKEN_SECRET + staged token -> reads from file
- shouldAttemptAutoEnroll respects all three precedence env vars
- baseline auto-enroll happy path via httptest server

Blocker #3: Plan required Firehose/Athena install_id promotion. The
current loki-telemetry ingester writes to AMP remote_write only with
no Firehose sink. Rather than build a warehouse path with no consumer,
the plan doc is updated to mark Firehose promotion deferred to v0.3.2+
(when a warehouse sink is actually wired). The server-side install_id
rebinding already happens, so the promotion is a trivial no-op layer
to add later.

Also fixed:
- docs/privacy.md now lists deployment_id, tier, environment,
  pack_version as flush-time OTLP resource attributes (completeness)
- CHANGELOG corrected: TELEMETRON_TOKEN_SECRET precedence claim now
  matches the implementation
- DRY: internal/enroll/enroll.go now uses installid.Validate instead
  of maintaining its own UUIDv4 regex

All tests passing, go vet clean.
@royosherove royosherove force-pushed the main branch 6 times, most recently from de8130d to 3b187d8 Compare May 5, 2026 08:26
@royosherove royosherove merged commit 05f62ce into main May 9, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/golangci/golangci-lint-action-9 branch May 9, 2026 22:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@royosherove royosherove Awaiting requested review from royosherove royosherove is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@royosherove