Skip to content

[Backport 1.32] scripts: Bump Jinja2 version to fix CVE #5747

[Backport 1.32] scripts: Bump Jinja2 version to fix CVE

[Backport 1.32] scripts: Bump Jinja2 version to fix CVE #5747

Workflow file for this run

name: Go
on:
push:
paths-ignore:
- 'docs/**'
branches:
- main
- autoupdate/strict
- autoupdate/moonray
- 'release-[0-9]+.[0-9]+'
- 'autoupdate/release-[0-9]+.[0-9]+-strict'
- 'autoupdate/sync/**'
pull_request:
paths-ignore:
- 'docs/**'
permissions:
contents: read
jobs:
test:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: write # for marocchino/sticky-pull-request-comment to create or update PR comment
checks: write # for golangci/golangci-lint-action to checks to allow the action to annotate code in the PR.
name: Unit Tests & Code Quality
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: "1.23"
- name: go mod download
working-directory: src/k8s
run: go mod download
- name: go fmt
working-directory: src/k8s
run: make go.fmt
- name: go doc
working-directory: src/k8s
run: make go.doc
- name: check diff
run: |
if ! [ -z "$(git diff)" ]; then
echo "Detected changes that have not been committed to the repository"
echo "Please run 'cd src/k8s && make go.fmt go.doc'"
echo "git diff:"
git diff
exit 1
fi
- name: go vet
working-directory: src/k8s
run: make go.vet
- name: go test
working-directory: src/k8s
# NOTE: there are a handful of tests checking/setting
# root ownership so the tests must be run as root:
run: sudo make go.unit
- name: dqlite-for-golangci-lint
working-directory: src/k8s
run: |
sudo add-apt-repository ppa:dqlite/dev
sudo apt update
sudo apt install dqlite-tools-v2 libdqlite1.17-dev -y
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.61
working-directory: src/k8s
test-binary:
name: Binaries
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: "1.23"
- name: go mod download
working-directory: src/k8s
run: go mod download
- name: Build static binaries
working-directory: src/k8s
run: |
make -j static
./bin/static/k8s --help
./bin/static/k8sd --help
./bin/static/k8s-apiserver-proxy --help
- name: Build shared binaries
working-directory: src/k8s
run: |
make -j dynamic
export LD_LIBRARY_PATH=bin/dynamic/lib
./bin/dynamic/k8s --help
./bin/dynamic/k8sd --help
./bin/dynamic/k8s-apiserver-proxy --help