Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/master'
Browse files Browse the repository at this point in the history
  • Loading branch information
ewdurbin committed Jun 18, 2024
2 parents 71fcf27 + 926368d commit d5e82b1
Show file tree
Hide file tree
Showing 55 changed files with 1,318 additions and 900 deletions.
15 changes: 15 additions & 0 deletions .github/SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Security Policy

## Supported Versions

The most recent version "release" version to appear on the
[releases][1] page is currently supported.

## Reporting a Vulnerability

To report a vulnerability, please use the
[Privately reporting a security vulnerability][2]
facility.

[1]: https://github.com/cactus/go-camo/releases
[2]: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability
14 changes: 14 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "gomod" # See documentation for possible values
directory: "/" # Location of package manifests
labels:
- dependencies
schedule:
interval: "weekly"
day: "monday"
26 changes: 19 additions & 7 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: "CodeQL"

on:
push:
branches: ['**']
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [main]
Expand All @@ -13,23 +13,35 @@ jobs:
analyse:
name: Analyse
runs-on: ubuntu-latest
permissions:
security-events: write
actions: read

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: '>=1.22.0'
check-latest: true
id: go

- name: Build
env:
GOPROXY: "https://proxy.golang.org"
run: make build

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: go

- name: build
run: make build

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
78 changes: 78 additions & 0 deletions .github/workflows/publish-docker-images.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
name: publish-docker-images
on:
workflow_dispatch:
push:
tags:
- "v*"

jobs:
build:
name: docker-publish
runs-on: ubuntu-latest

steps:
- name: Src Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true

- name: write tags env vars
run: |
TAG=$(git describe --tags)
LATEST_TAG=$(git tag -l | grep -viE '(alpha|beta)' | sort -V | tail -n 1)
GITHASH="$(git rev-parse HEAD)"
echo "TAG=$TAG"
echo "TAG=${TAG}" >> "$GITHUB_ENV"
echo "LATEST_TAG=${LATEST_TAG}"
echo "LATEST_TAG=${LATEST_TAG}" >> "$GITHUB_ENV"
echo "GITHASH=${GITHASH}"
echo "GITHASH=${GITHASH}" >> "$GITHUB_ENV"
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
cactus4docker/go-camo
ghcr.io/cactus/go-camo
tags: |
# set latest tag for master branch
type=raw,value=${{ env.TAG }}
type=raw,value=latest,enable=${{ env.TAG == env.LATEST_TAG }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to Docker Hub
uses: docker/login-action@v3
with:
password: ${{ secrets.DOCKER_PASSWORD }}
username: ${{ secrets.DOCKER_USERNAME }}

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
provenance: false
sbom: false
file: ./docker/Dockerfile
platforms: linux/amd64,linux/arm64
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
build-args: |
GITHASH=${{env.GITHASH}}
APP_VER=${{env.TAG}}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
57 changes: 0 additions & 57 deletions .github/workflows/publish-docker.yml

This file was deleted.

71 changes: 50 additions & 21 deletions .github/workflows/unit-tests.yml
Original file line number Diff line number Diff line change
@@ -1,30 +1,28 @@
name: unit-tests
on:
workflow_dispatch:
push:
branches: ['**']
branches: ["**"]
pull_request:
branches: [main]

jobs:
build:
name: Build
strategy:
matrix:
go: ['1.19.x']
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
steps:
- name: Setup Go ${{ matrix.go }}
uses: actions/setup-go@v1
with:
go-version: ${{ matrix.go }}
id: go
test:
runs-on: ubuntu-latest

steps:
- name: Src Checkout
uses: actions/checkout@v1
uses: actions/checkout@v4
with:
fetch-depth: 1

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ">=1.22.0"
check-latest: true
id: go

- name: Build
env:
GOPROXY: "https://proxy.golang.org"
Expand All @@ -34,15 +32,46 @@ jobs:
env:
GOPROXY: "https://proxy.golang.org"
run: |
go install honnef.co/go/tools/cmd/[email protected]
go install github.com/securego/gosec/v2/cmd/gosec@latest
hash -r
make check
- name: Tests
env:
GOPROXY: "https://proxy.golang.org"
CI: true
run:
echo "skip"
# run: make test
run: make test

test-qemu:
needs: test
runs-on: ubuntu-latest
strategy:
matrix:
arch: [arm64]

steps:
- name: Src Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ">=1.22.0"
check-latest: true
id: go

- name: Install QEMU
uses: docker/setup-qemu-action@v3

- name: Build
env:
GOPROXY: "https://proxy.golang.org"
GOARCH: ${{ matrix.arch }}
run: make build

- name: Tests
env:
GOPROXY: "https://proxy.golang.org"
GOARCH: ${{ matrix.arch }}
CI: true
run: make test
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
/.vscode
/build
/config.json
/diagrams
Expand All @@ -7,6 +8,7 @@
/server.crt
/server.csr
*.py[co]
/test.py
/test-ruleset.conf
/man/*.html
/man/*.[1-9]
48 changes: 48 additions & 0 deletions CHANGELOG.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,54 @@ toc::[]

== HEAD

== v2.4.13 2024-04-22
* Release tagged for arm64 docker building only.

== v2.4.12 2024-04-20
* Update library dependencies.
* Fix docker and github packages publishing issue.

== v2.4.11 2024-04-03
* Update library dependencies.
* Build with Go-1.22.2

== v2.4.10 2024-03-17
* Update library dependencies.

== v2.4.9 2024-02-16
* Minimum Go version now 1.21 due to quic-go dependency, due to better
cryto/tls support for QUIC in Go-1.21.
* Update library dependencies.

== v2.4.8 2023-12-19
* Add `--automaxprocs` flag to set GOMAXPROCS automatically to match Linux
container CPU quota/limits.
* Update library dependencies.

== v2.4.7 - 2023-11-13
* Add http3/quic server support. New flag `--quic`. Requires `--ssl-listen`.

== v2.4.6 - 2023-10-25
* Add `--no-debug-vars` flag to disable /debug/vars when `--metrics` is
enabled. (#66, #67)

== v2.4.5 - 2023-10-23
* fix htrie matching of non punycode (eg. unicode) idna hostnames
* slightly faster logging (update to mlog dependency)
* address a logging issue with missing url path output in
`"built outgoing request"` debug log
* moderate improve performance of hostname rule processing
(approx 12-30% in microbenchmarks)
* slight improvement in request path url processing
(approx 2-4% in microbenchmarks)
* fix /debug/vars being enabled by default (#65) due to expvars import
side effect

== v2.4.4 - 2023-07-25
* update dependencies
* bump version in go.mod (and fix all internal module references) +
ref: discussion link:https://github.com/cactus/go-camo/discussions/62[#62]

== v2.4.3 - 2023-02-18
* update library dependency golang.org/x/net. +
refs:
Expand Down
14 changes: 0 additions & 14 deletions Dockerfile

This file was deleted.

Loading

0 comments on commit d5e82b1

Please sign in to comment.