Skip to content

Commit

Permalink
Merge branch 'release/1.16.x' into backport/Update_Consul_Template_Ve…
Browse files Browse the repository at this point in the history 
…rsion/forcibly-evolved-walleye
  • Loading branch information
@divyaac
divyaac authored Jun 25, 2024
2 parents 2faffc3 + add1fcc commit 436a1cb
Show file tree
Hide file tree
Showing 215 changed files with 5,504 additions and 1,130 deletions.
16 changes: 8 additions & 8 deletions .github/actions/build-vault/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,20 +137,22 @@ runs:
run: make ci-build
- if: inputs.vault-edition != 'ce'
shell: bash
run: make ci-prepare-legal
run: make ci-prepare-ent-legal
- if: inputs.vault-edition == 'ce'
shell: bash
run: make ci-prepare-ce-legal
- name: Bundle Vault
env:
BUNDLE_PATH: out/${{ steps.metadata.outputs.artifact-basename }}.zip
shell: bash
run: make ci-bundle
# Use actions/upload-artifact @3.x until https://hashicorp.atlassian.net/browse/HREL-99 is resolved
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: ${{ steps.metadata.outputs.artifact-basename }}.zip
path: out/${{ steps.metadata.outputs.artifact-basename }}.zip
if-no-files-found: error
- if: inputs.create-packages == 'true'
uses: hashicorp/actions-packaging-linux@v1
uses: hashicorp/actions-packaging-linux@33f7d23b14f24e6a7b7d9948cb7f5caca2045ee3
with:
name: ${{ inputs.package-name }}
description: Vault is a tool for secrets management, encryption as a service, and privileged access management.
Expand All @@ -176,15 +178,13 @@ runs:
echo "deb-files=$(basename out/*.deb)"
} | tee -a "$GITHUB_OUTPUT"
- if: inputs.create-packages == 'true'
# Use actions/upload-artifact @3.x until https://hashicorp.atlassian.net/browse/HREL-99 is resolved
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: ${{ steps.package-files.outputs.rpm-files }}
path: out/${{ steps.package-files.outputs.rpm-files }}
if-no-files-found: error
- if: inputs.create-packages == 'true'
# Use actions/upload-artifact @3.x until https://hashicorp.atlassian.net/browse/HREL-99 is resolved
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: ${{ steps.package-files.outputs.deb-files }}
path: out/${{ steps.package-files.outputs.deb-files }}
Expand Down
4 changes: 2 additions & 2 deletions .github/actions/containerize/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ runs:
[[ ! -d "$dest_dir" ]] && mkdir -p "$dest_dir"
[[ ! -f "$dest_path" ]] && cp ${{ inputs.vault-binary-path }} "${dest_path}"
- if: inputs.docker == 'true'
uses: hashicorp/actions-docker-build@v1
uses: hashicorp/actions-docker-build@v2
with:
arch: ${{ inputs.goarch }}
do_zip_extract_step: 'false' # Don't download and extract an already present binary
Expand All @@ -99,7 +99,7 @@ runs:
revision: ${{ steps.vars.outputs.revision }}
version: ${{ steps.vars.outputs.container-version }}
- if: inputs.redhat == 'true'
uses: hashicorp/actions-docker-build@v1
uses: hashicorp/actions-docker-build@v2
with:
arch: ${{ inputs.goarch }}
do_zip_extract_step: 'false' # Don't download and extract an already present binary
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/install-external-tools/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ runs:
# up here.
- run: go install google.golang.org/protobuf/cmd/protoc-gen-go@latest
shell: bash
- run: go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest
- run: go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
shell: bash
- run: go install github.com/favadi/protoc-go-inject-tag@latest
shell: bash
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/set-up-go/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ runs:
else
echo "go-version=${{ inputs.go-version }}" | tee -a "$GITHUB_OUTPUT"
fi
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: ${{ steps.go-version.outputs.go-version }}
cache: false # We use our own caching strategy
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/actionlint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: "Check workflow files"
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:93834930f56ca380be3e9a3377670d7aa5921be251b9c774891a39b3629b83b8
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/build-artifacts-ce.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ jobs:
runs-on: ${{ fromJSON(inputs.compute-build) }}
name: (${{ matrix.goos }}, ${{ matrix.goarch }})
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ inputs.checkout-ref }}
- uses: ./.github/actions/build-vault
Expand Down Expand Up @@ -200,7 +200,7 @@ jobs:
name: (${{ matrix.goos }}, ${{ matrix.goarch }}${{ matrix.goarm && ' ' || '' }}${{ matrix.goarm }})
runs-on: ${{ fromJSON(inputs.compute-build) }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ inputs.checkout-ref }}
- uses: ./.github/actions/build-vault
Expand Down Expand Up @@ -228,7 +228,7 @@ jobs:
- core
- extended
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ inputs.checkout-ref }}
- name: Determine status
Expand Down
15 changes: 6 additions & 9 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,13 +105,13 @@ jobs:
workflow-trigger: ${{ steps.metadata.outputs.workflow-trigger }}
steps:
# Run the changed-files action to determine what Git reference we should check out
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: ./.github/actions/changed-files
id: changed-files
- uses: ./.github/actions/checkout
id: checkout # Make sure we check out correct ref after checking changed files
# Get the vault version metadata
- uses: hashicorp/actions-set-product-version@v1
- uses: hashicorp/actions-set-product-version@v2
id: set-product-version
with:
checkout: false # don't override the reference we've checked out
Expand Down Expand Up @@ -159,7 +159,7 @@ jobs:
outputs:
cache-key: ui-${{ steps.ui-hash.outputs.ui-hash }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ needs.setup.outputs.checkout-ref }}
- name: Get UI hash
Expand Down Expand Up @@ -291,7 +291,7 @@ jobs:
- test
- test-containers
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- id: status
name: Determine status
run: |
Expand All @@ -312,7 +312,7 @@ jobs:
- if: needs.setup.outputs.is-enterprise == 'true'
id: secrets
name: Fetch Vault Secrets
uses: hashicorp/vault-action@9f522b85981b491eab9a52c144d15aedbd0bf371 # v2.8.0
uses: hashicorp/vault-action@v3
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
Expand Down Expand Up @@ -343,8 +343,6 @@ jobs:
steps.status.outputs.result != 'success' &&
(github.ref_name == 'main' || startsWith(github.ref_name, 'release/'))
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
# We intentionally aren't using the following here since it's from an internal repo
# uses: hashicorp/cloud-gha-slack-notifier@730a033037b8e603adf99ebd3085f0fdfe75e2f4 #v1
env:
SLACK_BOT_TOKEN: ${{ steps.slackbot-token.outputs.slackbot-token }}
with:
Expand Down Expand Up @@ -389,8 +387,7 @@ jobs:
with:
version: ${{ needs.setup.outputs.vault-version-metadata }}
product: ${{ needs.setup.outputs.vault-binary-name }}
# Use actions/upload-artifact @3.x until https://hashicorp.atlassian.net/browse/HREL-99 is resolved
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
if: steps.generate-metadata-file.outcome == 'success' # upload our metadata if we created it
with:
name: metadata.json
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/changelog-checker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0 # by default the checkout action doesn't checkout all branches
Expand Down
14 changes: 6 additions & 8 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
ui-changed: ${{ steps.changed-files.outputs.ui-changed }}
workflow-trigger: ${{ steps.metadata.outputs.workflow-trigger }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: ./.github/actions/changed-files
id: changed-files
- uses: ./.github/actions/checkout
Expand Down Expand Up @@ -146,7 +146,7 @@ jobs:
contents: read
runs-on: ${{ fromJSON(needs.setup.outputs.compute-test-ui) }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
name: status
with:
ref: ${{ needs.setup.outputs.checkout-ref }}
Expand All @@ -164,7 +164,7 @@ jobs:
node-version-file: './ui/package.json'
cache: yarn
cache-dependency-path: ui/yarn.lock
- uses: browser-actions/setup-chrome@82b9ce628cc5595478a9ebadc480958a36457dc2 # v1.6.0
- uses: browser-actions/setup-chrome@9683066f53b47e92c4104e1bd5535aff208c3530 # v1.6.2
- name: ui-dependencies
working-directory: ./ui
run: |
Expand All @@ -177,7 +177,7 @@ jobs:
- if: needs.setup.outputs.is-enterprise == 'true'
id: secrets
name: Fetch secrets
uses: hashicorp/vault-action@9f522b85981b491eab9a52c144d15aedbd0bf371 # v2.8.0
uses: hashicorp/vault-action@v3
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
Expand Down Expand Up @@ -226,7 +226,7 @@ jobs:
runs-on: ${{ github.repository == 'hashicorp/vault' && 'ubuntu-latest' || fromJSON('["self-hosted","linux","small"]') }}
permissions: write-all # Ensure we have id-token:write access for vault-auth.
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
# Determine the overall status of our required test jobs.
- name: Determine status
id: status
Expand Down Expand Up @@ -268,7 +268,7 @@ jobs:
- if: needs.setup.outputs.is-enterprise == 'true'
id: secrets
name: Fetch Vault Secrets
uses: hashicorp/vault-action@9f522b85981b491eab9a52c144d15aedbd0bf371 # v2.8.0
uses: hashicorp/vault-action@v3
with:
url: ${{ steps.vault-auth.outputs.addr }}
caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }}
Expand All @@ -290,8 +290,6 @@ jobs:
)
name: Notify build failures in Slack
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
# We intentionally aren't using the following here since it's from an internal repo
# uses: hashicorp/cloud-gha-slack-notifier@730a033037b8e603adf99ebd3085f0fdfe75e2f4 #v1
env:
SLACK_BOT_TOKEN: ${{ steps.slackbot-token.outputs.slackbot-token }}
with:
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/code-checker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
name: Setup
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Ensure Go modules are cached
uses: ./.github/actions/set-up-go
with:
Expand All @@ -30,7 +30,7 @@ jobs:
needs: setup
if: github.base_ref == 'main'
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
fetch-depth: 0
- uses: ./.github/actions/set-up-go
Expand All @@ -46,7 +46,7 @@ jobs:
needs: setup
if: github.base_ref == 'main'
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
fetch-depth: 0
- uses: ./.github/actions/set-up-go
Expand All @@ -66,7 +66,7 @@ jobs:
runs-on: ubuntu-latest
needs: setup
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: ./.github/actions/set-up-go
with:
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
Expand All @@ -79,7 +79,7 @@ jobs:
runs-on: ubuntu-latest
needs: setup
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: ./.github/actions/install-external-tools # for buf and gofumpt
- uses: ./.github/actions/set-up-go
with:
Expand All @@ -97,6 +97,6 @@ jobs:
container:
image: returntocorp/semgrep@sha256:cfad18cfb6536aa48ad5a71017207a10320b4e17e3b2bd7b7de27b42dc9651e7 #v1.58
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Run Semgrep Rules
run: semgrep ci --include '*.go' --config 'tools/semgrep/ci'
4 changes: 2 additions & 2 deletions .github/workflows/copywrite.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ jobs:
copywrite:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: hashicorp/setup-copywrite@867a1a2a064a0626db322392806428f7dc59cb3e # v1.1.2
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: hashicorp/setup-copywrite@32638da2d4e81d56a0764aa1547882fc4d209636 # v1.1.3
name: Setup Copywrite
with:
version: v0.16.4
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/enos-lint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,9 @@ jobs:
runs-on: ${{ steps.metadata.outputs.runs-on }}
version: ${{ steps.metadata.outputs.version }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- id: set-product-version
uses: hashicorp/actions-set-product-version@v1
uses: hashicorp/actions-set-product-version@v2
- id: metadata
run: |
echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT"
Expand All @@ -37,7 +37,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/enos-release-testing-oss.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
vault-version: ${{ github.event.client_payload.payload.version }}
vault-version-package: ${{ steps.get-metadata.outputs.vault-version-package }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
# Check out the repository at the same Git SHA that was used to create
# the artifacts to get the correct metadata.
Expand Down Expand Up @@ -69,4 +69,4 @@ jobs:
needs: test
steps:
- name: Persist metadata
uses: hashicorp/actions-persist-metadata@v1
uses: hashicorp/actions-persist-metadata@v2
5 changes: 2 additions & 3 deletions .github/workflows/enos-run-k8s.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Set up Terraform
uses: hashicorp/setup-terraform@v3
with:
Expand All @@ -45,8 +45,7 @@ jobs:
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
- name: Download Docker Image
id: download
# Use actions/download-artifact @3.x until https://hashicorp.atlassian.net/browse/HREL-99 is resolved
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: ${{ inputs.artifact-name }}
path: ./enos/support/downloads
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/oss.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- if: github.event.pull_request != null
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- if: github.event.pull_request != null
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/plugin-update-check.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,13 @@ jobs:
RUN_ID: "${{github.run_id}}"
steps:
- run: echo "Branch $PLUGIN_BRANCH of $PLUGIN_REPO"
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
# We don't use the default token so that checks are executed on the resulting PR
# https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}

- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
cache: false # save cache space for vault builds: https://github.com/hashicorp/vault/pull/21764
go-version-file: .go-version
Expand Down
Loading

0 comments on commit 436a1cb

Please sign in to comment.