Commit graph

28 commits

Author SHA1 Message Date
Bryan Boreham 05fbc23930 CI: stop running codeql for Go
It takes around 20 minutes and has never told us anything interesting.

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
2024-03-06 18:27:01 +00:00
dependabot[bot] 9fbfc9ea98
build(deps): bump actions/setup-go from 4.1.0 to 5.0.0
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](93397bea11...0c52d547c9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-26 15:03:04 +00:00
junya koyama ebb91bc111
ci: bump Go from 1.21 to 1.22
Signed-off-by: junya koyama <arukiidou@yahoo.co.jp>
2024-02-19 20:40:00 +09:00
dependabot[bot] 88a6b3a80a
build(deps): bump github/codeql-action from 2.22.8 to 3.22.12 (#13358)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.8 to 3.22.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](407ffafae6...012739e508)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 16:36:53 +01:00
dependabot[bot] 6d8e82df1e
build(deps): bump github/codeql-action from 2.22.5 to 2.22.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 2.22.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](74483a38d3...407ffafae6)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-01 23:23:56 +00:00
Ben Kochie 9509ad082a
Merge pull request #12790 from prometheus/superq/bump-golangci-lint
Update golangci-lint.
2023-11-17 13:20:05 -06:00
Julien Pivotto bd3db70501
Merge pull request #13072 from prometheus/dependabot/github_actions/actions/checkout-4.1.1
build(deps): bump actions/checkout from 4.1.0 to 4.1.1
2023-11-07 21:08:07 -06:00
SuperQ 75b59e0f3d
Update golangci-lint.
Update golangci-lint for Go 1.21.
* Use consistent go-version syntax.

Signed-off-by: SuperQ <superq@gmail.com>
2023-11-07 14:22:12 +01:00
dependabot[bot] b4448e0ef2
build(deps): bump actions/checkout from 4.1.0 to 4.1.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-01 23:32:08 +00:00
dependabot[bot] b9f75ceedd
build(deps): bump github/codeql-action from 2.21.9 to 2.22.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ddccb87388...74483a38d3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-01 23:32:04 +00:00
dependabot[bot] 16c8d445fd
build(deps): bump github/codeql-action from 1.0.26 to 2.21.9 (#12915)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 2.21.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1.0.26...ddccb873888234080b77e9bc2d4764d5ccaaccf9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 12:49:04 +01:00
dependabot[bot] 99a9602a87
build(deps): bump actions/checkout from 3.0.0 to 4.1.0 (#12917)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...8ade135a41bc03ea155e62e844d188df1ea18608)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 12:48:17 +01:00
Pedro Nacht 142c829fce
Hash-pin GitHub Actions
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
2023-09-13 13:52:14 +00:00
Michal Biesek 7d1110a679
Update Go version
Update build/test to use Go 1.21.

Signed-off-by: Michal Biesek <michalbiesek@gmail.com>
2023-08-25 17:47:40 +02:00
Julien Pivotto e0502f00c8
Merge pull request #11285 from ashishkurmi/main
ci: add minimum GitHub token permissions for workflows
2023-07-18 13:22:07 +02:00
dependabot[bot] e15b0a29ac
build(deps): bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-01 23:57:17 +00:00
SuperQ 504a16d135
Update Go version
Update build/test to use Go 1.20.

Signed-off-by: SuperQ <superq@gmail.com>
2023-03-09 14:41:24 +01:00
Matthieu MOREL 1ec0786fa9
Update codeql-analysis.yml
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-01-25 20:12:26 +01:00
Gabriel Goller 04dd6be1a0
Added yamllint rule to ignore "on" in github actions (#11396)
Currently all the github actions return warnings because the "on"
keyword in the yaml files are being interpreted as a "truthy" value by
yamllint. To ignore this behavior I added a rule which ignores the "on".
See https://github.com/adrienverge/yamllint/issues/430.

Signed-off-by: Gabriel Goller <gabriel.goller@acs.it>

Signed-off-by: Gabriel Goller <gabriel.goller@acs.it>
Co-authored-by: Gabriel Goller <gabriel.goller@acs.it>
2022-10-03 12:52:57 +02:00
Ashish Kurmi ecfaa48a17
Update .github/workflows/codeql-analysis.yml
Co-authored-by: Christian Hoffmann <christian@hoffie.info>
Signed-off-by: Ashish Kurmi <100655670+boahc077@users.noreply.github.com>
2022-09-19 01:17:46 -07:00
Ashish Kurmi 00ba2f9a46 ci: add minimum GitHub token permissions for workflows
Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
2022-09-07 21:27:16 -07:00
Julien Pivotto 96d5a32659
Update go to 1.19, set min version to 1.18 (#11279)
* Update go to 1.19, set min version to 1.18

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>

* Update golangci-lint

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-09-07 11:30:48 +02:00
Julien Pivotto 0a4c6d6c48
Refactor UI publishing and polish tests (#11267)
Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-09-06 16:58:50 +02:00
Julien Pivotto 8abef6d661
Proper support for go modules. (#10486)
* Proper support for go modules.

This pull requests makes Prometheus go-mod compatible.

The general idea is to release the Prometheus libraries as v0.x
releases, next to the v2.x tags used by end users.

This is done by mirroring Prometheus 2.x tags with Prometheus 0.x tags.

When v2.X.0 is released, we would release v0.X.0.

Pre-go mod versions are retracted from go.mod. This is not nice but
should work.

Only v2.x tags will be built and released by CI. v0.x.x tags would just
be normal tags in the repo, not promoted as releases.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2022-04-12 11:00:54 +02:00
dependabot[bot] 8e9d5c57ed
build(deps): bump actions/checkout from 2 to 3 (#10382)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-03 15:59:07 +01:00
Michal Wasilewski 3f686cad8b
fixes yamllint errors
Signed-off-by: Michal Wasilewski <mwasilewski@gmx.com>
2021-06-12 12:47:47 +02:00
Julien Pivotto 432d5ebc6c Rename default branch to main
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2021-02-22 20:28:02 +01:00
Chris Aniszczyk c21e0b713d
Add CodeQL Security Scanning
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2020-12-02 15:48:39 -08:00