TrueCloudLab/frostfs-qos

Fork 5

govulncheck: Use patch release with latest security fixes #3

Merged

fyrchik merged 1 commit from potyarkin/frostfs-qos:fix/govulncheck-go-minor into master

2025-01-29 07:49:43 +00:00

potyarkin commented

2025-01-28 14:54:55 +00:00

Member

Specify exact Go version up to the patch release.

Govulncheck has started failing today because of vulnerabilities that are already fixed in latest Go toolchain.

Specify exact Go version up to the patch release. Govulncheck has started failing today because of vulnerabilities that are already fixed in latest Go toolchain.

potyarkin added 1 commit 2025-01-28 14:54:55 +00:00

[#] govulncheck: Use patch release with security fixes

DCO action / DCO (pull_request) Has been cancelled

Details

Pre-commit hooks / Pre-commit (pull_request) Has been cancelled

Details

Tests and linters / Tests (pull_request) Has been cancelled

Details

Tests and linters / Lint (pull_request) Has been cancelled

Details

Tests and linters / Tests with -race (pull_request) Has been cancelled

Details

Tests and linters / Staticcheck (pull_request) Has been cancelled

Details

Tests and linters / gopls check (pull_request) Has been cancelled

Details

Tests and linters / Run gofumpt (pull_request) Has been cancelled

Details

Vulncheck / Vulncheck (pull_request) Has been cancelled

Details

f6b50bd4cd

https://go.dev/doc/devel/release#go1.23.minor

Signed-off-by: Vitaliy Potyarkin <v.potyarkin@yadro.com>

potyarkin force-pushed fix/govulncheck-go-minor from f6b50bd4cd to cfbca7fa1d

2025-01-28 15:03:27 +00:00

Compare

potyarkin changed title from ~~WIP: govulncheck: Use patch release with latest security fixes~~ to govulncheck: Use patch release with latest security fixes

2025-01-28 15:28:30 +00:00

requested review from fyrchik

2025-01-28 15:28:30 +00:00

fyrchik commented

2025-01-28 17:38:01 +00:00

Owner

@potyarkin please, tell me you have created all this PRs in different repos automatically

dstepanov-yadro approved these changes 2025-01-29 06:31:09 +00:00

potyarkin commented

2025-01-29 07:33:07 +00:00

Author

Member

@potyarkin please, tell me you have created all this PRs in different repos automatically

Semiautomatically:

Some ugly find | xargs grep | vim oneliners for editing
gitall and for repo in *; do git commit-push for publishing changes
tea script for creating PRs (see below)
Another oneliner for repo in *; do git commit-amend-push to manually update commit header with [#PR] ...
Manually click through all PRs to review one last time and to hit the "Remove WIP" button

Out of the steps above only gitall and tea script are reusable, oneliners I just fish out of shell history and modify ad-hoc.

Click to view tea script

Script params are intentionally hardcoded to force me to re-review the code prior to execution.

#!/bin/bash
set -euo pipefail

PR_BRANCH="fix/govulncheck-go-minor"
PR_TITLE="WIP: govulncheck: Use patch release with latest security fixes"
PR_DESCRIPTION="
Specify exact Go version up to the patch release.

Govulncheck has started failing today because of vulnerabilities that are already fixed in latest Go toolchain.
"

PR_USER="potyarkin"
PR_ORG="TrueCloudLab"

makePR() {
    local repo
    repo="$1"
    echo -e "\nPreparing PR to $PR_ORG/$repo"
    git push
    tea pr create \
        --repo "$PR_ORG/$repo" \
        --title "$PR_TITLE" \
        --description "$PR_DESCRIPTION"

    # Delete local branch to make subsequent runs idempotent
    git checkout --detach HEAD
    git branch -d "$PR_BRANCH"
}

for repo in *
do
    [ -d "$repo" ] || continue
    git -C "$repo" rev-parse --verify --quiet "refs/heads/$PR_BRANCH" >/dev/null || continue
    pushd "$repo" &>/dev/null
    makePR "$repo"
    popd &>/dev/null
done

> @potyarkin please, tell me you have created all this PRs in different repos automatically Semiautomatically: - Some ugly `find | xargs grep | vim` oneliners for editing - [`gitall`](https://github.com/sio/homelab/blob/8f1af69d70a57a70d58e44f7de2fda6f441c0f11/dotfiles/bash/aliases#L89-L167) and `for repo in *; do git commit-push` for publishing changes - `tea` script for creating PRs (see below) - Another oneliner `for repo in *; do git commit-amend-push` to manually update commit header with `[#PR] ...` - Manually click through all PRs to review one last time and to hit the "Remove WIP" button Out of the steps above only gitall and tea script are reusable, oneliners I just fish out of shell history and modify ad-hoc. <details><summary>Click to view tea script</summary> Script params are intentionally hardcoded to force me to re-review the code prior to execution. ``` #!/bin/bash set -euo pipefail PR_BRANCH="fix/govulncheck-go-minor" PR_TITLE="WIP: govulncheck: Use patch release with latest security fixes" PR_DESCRIPTION=" Specify exact Go version up to the patch release. Govulncheck has started failing today because of vulnerabilities that are already fixed in latest Go toolchain. " PR_USER="potyarkin" PR_ORG="TrueCloudLab" makePR() { local repo repo="$1" echo -e "\nPreparing PR to $PR_ORG/$repo" git push tea pr create \ --repo "$PR_ORG/$repo" \ --title "$PR_TITLE" \ --description "$PR_DESCRIPTION" # Delete local branch to make subsequent runs idempotent git checkout --detach HEAD git branch -d "$PR_BRANCH" } for repo in * do [ -d "$repo" ] || continue git -C "$repo" rev-parse --verify --quiet "refs/heads/$PR_BRANCH" >/dev/null || continue pushd "$repo" &>/dev/null makePR "$repo" popd &>/dev/null done ``` </details>

🚀 2