Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin tool versions with hack/go.mod #5622

Merged
merged 2 commits into from Apr 2, 2024
Merged

Pin tool versions with hack/go.mod #5622

merged 2 commits into from Apr 2, 2024

Conversation

karlkfi
Copy link
Contributor

@karlkfi karlkfi commented Mar 20, 2024
edited

This change centralizes the tracking of versions for tools used for development and testing. This way, the tools and all their dependencies have their checksums stored in hack/go.sum, which improves supply chain security.

Depends on:

Go work sync & mod tidy are in a 2nd commit to make it easier to review the rest.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Mar 20, 2024
@k8s-ci-robot k8s-ci-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Mar 20, 2024
This was referenced Mar 20, 2024
Closed
Merged
@koba1t
Copy link
Member

koba1t commented Mar 21, 2024

@karlkfi
I approved the below 2 PRs.
Please rebase master for this PR.

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 21, 2024
@k8s-ci-robot
Copy link
Contributor

This PR has multiple commits, and the default merge method is: merge.
You can request commits to be squashed using the label: tide/merge-method-squash

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 21, 2024
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 21, 2024
@karlkfi
Copy link
Contributor Author

karlkfi commented Mar 21, 2024

Sigh... why is this test depending on the response error code from example.com?? -_-
#5624

@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 21, 2024
@karlkfi karlkfi mentioned this pull request Mar 26, 2024
Merged
@koba1t
Copy link
Member

koba1t commented Mar 27, 2024

HI @karlkfi
I merged #5624.

Could you try rebase master?
I think that resolves the failure in CI.

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 27, 2024
@karlkfi
Copy link
Contributor Author

karlkfi commented Mar 27, 2024

@koba1t Rebased and passing tests now!

@karlkfi
Copy link
Contributor Author

karlkfi commented Mar 27, 2024

/assign @koba1t

@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 28, 2024
koba1t
koba1t reviewed Mar 28, 2024
View reviewed changes
hack/go.mod Outdated Show resolved Hide resolved
@koba1t
Copy link
Member

koba1t commented Mar 28, 2024

HI @karlkfi
I think this PR almost looks good!
Thanks for your work!

So, I have one minor comment. Could you check that above?

@karlkfi karlkfi force-pushed the karl-pin-tools branch 2 times, most recently from bf736d3 to a9c2fc8 Compare March 28, 2024 18:48
@karlkfi
Pin tool versions with hack/go.mod
44553d2 
This change centralizes the tracking of versions for tools used for
development and testing. This way, the tools and all their
dependencies have their checksums stored in hack/go.sum, which
improves supply chain security.
@karlkfi
Copy link
Contributor Author

karlkfi commented Mar 28, 2024

@koba1t I removed goreleaser and rebased.

@koba1t koba1t added the tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. label Mar 29, 2024
@karlkfi
Copy link
Contributor Author

karlkfi commented Apr 2, 2024

@koba1t please review

@karlkfi karlkfi requested a review from koba1t April 2, 2024 16:58
@koba1t
Copy link
Member

koba1t commented Apr 2, 2024
edited

Thanks for your great works!

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 2, 2024
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: karlkfi, koba1t

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 2, 2024
@k8s-ci-robot k8s-ci-robot merged commit ed2ca23 into kubernetes-sigs:master Apr 2, 2024
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncapps ncapps Awaiting requested review from ncapps

@varshaprasad96 varshaprasad96 Awaiting requested review from varshaprasad96

@koba1t koba1t Awaiting requested review from koba1t

Assignees

@koba1t koba1t

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@karlkfi @koba1t @k8s-ci-robot