diff --git a/.circleci/config.yml b/.circleci/config.yml index 44cf04abd..c7f59df31 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -148,7 +148,7 @@ workflows: promu_opts: "-p linux/amd64 -p windows/amd64 -p linux/arm64 -p darwin/amd64 -p darwin/arm64 -p linux/386" filters: tags: - ignore: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/ + ignore: /^v2(\.[0-9]+){2}(-.+|[^-.]*)$/ branches: ignore: /^(main|release-.*|.*build-all.*)$/ - prometheus/build: @@ -158,7 +158,7 @@ workflows: branches: only: /^(main|release-.*|.*build-all.*)$/ tags: - only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/ + only: /^v2(\.[0-9]+){2}(-.+|[^-.]*)$/ - prometheus/publish_main: context: org-context requires: @@ -177,7 +177,7 @@ workflows: - build_all filters: tags: - only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/ + only: /^v2(\.[0-9]+){2}(-.+|[^-.]*)$/ branches: ignore: /.*/ image: circleci/golang:1-node diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 903e221c7..55890343d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,21 +1,10 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# +--- name: "CodeQL" on: push: branches: [main, release-*] pull_request: - # The branches below must be a subset of the branches above branches: [main] schedule: - cron: "26 14 * * 1" @@ -24,44 +13,28 @@ jobs: analyze: name: Analyze runs-on: ubuntu-latest + permissions: + security-events: write strategy: fail-fast: false matrix: language: ["go", "javascript"] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed steps: - name: Checkout repository uses: actions/checkout@v3 + - uses: actions/setup-go@v3 + with: + go-version: '>=1.17 <1.18' - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release + uses: github/codeql-action/autobuild@v2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 diff --git a/RELEASE.md b/RELEASE.md index 3108cf4e1..65da3c0c3 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -147,6 +147,18 @@ $ git tag -s "${tag}" -m "${tag}" $ git push origin "${tag}" ``` +Go modules versioning requires strict use of semver. Because we do not commit to +avoid code-level breaking changes for the libraries between minor releases of +the Prometheus server, we use major version zero releases for the libraries. + +Tag the new library release via the following commands: + +```bash +$ tag="v$(sed s/2/0/ < VERSION)" +$ git tag -s "${tag}" -m "${tag}" +$ git push origin "${tag}" +``` + Optionally, you can use this handy `.gitconfig` alias. ```ini diff --git a/go.mod b/go.mod index 96b4449ba..36cd6b3ca 100644 --- a/go.mod +++ b/go.mod @@ -124,3 +124,69 @@ exclude ( k8s.io/client-go v9.0.0+incompatible k8s.io/client-go v9.0.0-invalid+incompatible ) + +retract ( + v2.5.0+incompatible + v2.5.0-rc.2+incompatible + v2.5.0-rc.1+incompatible + v2.5.0-rc.0+incompatible + v2.4.3+incompatible + v2.4.2+incompatible + v2.4.1+incompatible + v2.4.0+incompatible + v2.4.0-rc.0+incompatible + v2.3.2+incompatible + v2.3.1+incompatible + v2.3.0+incompatible + v2.2.1+incompatible + v2.2.0+incompatible + v2.2.0-rc.1+incompatible + v2.2.0-rc.0+incompatible + v2.1.0+incompatible + v2.0.0+incompatible + v2.0.0-rc.3+incompatible + v2.0.0-rc.2+incompatible + v2.0.0-rc.1+incompatible + v2.0.0-rc.0+incompatible + v2.0.0-beta.5+incompatible + v2.0.0-beta.4+incompatible + v2.0.0-beta.3+incompatible + v2.0.0-beta.2+incompatible + v2.0.0-beta.1+incompatible + v2.0.0-beta.0+incompatible + v2.0.0-alpha.3+incompatible + v2.0.0-alpha.2+incompatible + v2.0.0-alpha.1+incompatible + v2.0.0-alpha.0+incompatible + v1.8.2 + v1.8.1 + v1.8.0 + v1.7.2 + v1.7.1 + v1.7.0 + v1.6.3 + v1.6.2 + v1.6.1 + v1.6.0 + v1.5.3 + v1.5.2 + v1.5.1 + v1.5.0 + v1.4.1 + v1.4.0 + v1.3.1 + v1.3.0 + v1.3.0-beta.0 + v1.2.3 + v1.2.2 + v1.2.1 + v1.2.0 + v1.1.3 + v1.1.2 + v1.1.1 + v1.1.0 + v1.0.2 + v1.0.1 + v1.0.0 + v1.0.0-rc.0 +)