Commit Graph

8 Commits

Author SHA1 Message Date
6543
42f2734308 cspell lint go code (#3706) 2024-05-24 22:35:04 +02:00
Thomas Anderson
10f2e209d6 Secured kubernetes backend configuration (#3204)
Follow up of #3165
2024-01-15 03:59:08 +01:00
qwerty287
b0a2b1cf2d Lowercase all log strings (#3173)
from #3161

---------

Co-authored-by: 6543 <6543@obermui.de>
2024-01-11 19:17:07 +01:00
Thomas Anderson
01a955ed0e Kubernetes refactor (#2794)
Kubernetes backend refactoring and tests

---------
Co-authored-by: 6543 <6543@obermui.de>
2023-12-19 04:53:52 +01:00
renovate[bot]
b66f6cb118 fix(deps): update golang (packages) (#2958)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[github.com/caddyserver/certmagic](https://togithub.com/caddyserver/certmagic)
| require | minor | `v0.19.2` -> `v0.20.0` |
| [github.com/expr-lang/expr](https://togithub.com/expr-lang/expr) |
require | patch | `v1.15.6` -> `v1.15.7` |
| [github.com/google/uuid](https://togithub.com/google/uuid) | require |
minor | `v1.4.0` -> `v1.5.0` |
|
[github.com/jellydator/ttlcache/v3](https://togithub.com/jellydator/ttlcache)
| require | patch | `v3.1.0` -> `v3.1.1` |
| [github.com/mattn/go-sqlite3](https://togithub.com/mattn/go-sqlite3) |
require | patch | `v1.14.18` -> `v1.14.19` |
| [github.com/xanzy/go-gitlab](https://togithub.com/xanzy/go-gitlab) |
require | minor | `v0.94.0` -> `v0.95.2` |
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | require
| minor | `v1.59.0` -> `v1.60.0` |
| [k8s.io/api](https://togithub.com/kubernetes/api) | require | minor |
`v0.28.4` -> `v0.29.0` |
| [k8s.io/apimachinery](https://togithub.com/kubernetes/apimachinery) |
require | minor | `v0.28.4` -> `v0.29.0` |
| [k8s.io/client-go](https://togithub.com/kubernetes/client-go) |
require | minor | `v0.28.4` -> `v0.29.0` |

---

### Release Notes

<details>
<summary>caddyserver/certmagic
(github.com/caddyserver/certmagic)</summary>

###
[`v0.20.0`](https://togithub.com/caddyserver/certmagic/releases/tag/v0.20.0)

[Compare
Source](https://togithub.com/caddyserver/certmagic/compare/v0.19.2...v0.20.0)

This release vastly improves storage cleaning as well improving a few
smaller things. There is a minor breaking change as we get ever closer
to v1.0.

- ⚠️ The `DecisionFunc` for On-Demand TLS now takes a
`context.Context` value as its first argument. The context carries the
`ClientHelloInfo` value (keyed by `ClientHelloInfoCtxKey`) for logging
purposes.
- Storage cleaning is now synchronized across the cluster, including
process restarts. The state of cleaning expired certificates and OCSP
staples is written to storage, and distributed locking is used to ensure
that only 1 instance does it at a time. This greatly reduces costs for
expensive storage backends! Cleaning is also done less often when the
process is frequently restarted because the state is written to storage,
so it is not forgotten after shutting down.
-   `.home.arpa` is now considered an internal suffix.
-   Backoff timings have been tuned based on real-world experience.

#### What's Changed

- README: Add hint about NextProtos for certmagic.TLS by
[@&#8203;oliverpool](https://togithub.com/oliverpool) in
[https://github.com/caddyserver/certmagic/pull/251](https://togithub.com/caddyserver/certmagic/pull/251)
- Bump golang.org/x/net from 0.11.0 to 0.17.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/caddyserver/certmagic/pull/253](https://togithub.com/caddyserver/certmagic/pull/253)
- Optionally pass the context argument down to the OnDemand decision
func by [@&#8203;ankon](https://togithub.com/ankon) in
[https://github.com/caddyserver/certmagic/pull/255](https://togithub.com/caddyserver/certmagic/pull/255)
- Retain the error stack if `checkIfCertShouldBeObtained` returns an
error by [@&#8203;ankon](https://togithub.com/ankon) in
[https://github.com/caddyserver/certmagic/pull/256](https://togithub.com/caddyserver/certmagic/pull/256)
- Add OCSP stapling unit tests by
[@&#8203;kenjenkins](https://togithub.com/kenjenkins) in
[https://github.com/caddyserver/certmagic/pull/259](https://togithub.com/caddyserver/certmagic/pull/259)

#### New Contributors

- [@&#8203;oliverpool](https://togithub.com/oliverpool) made their first
contribution in
[https://github.com/caddyserver/certmagic/pull/251](https://togithub.com/caddyserver/certmagic/pull/251)

**Full Changelog**:
https://github.com/caddyserver/certmagic/compare/v0.19.2...v0.20.0

</details>

<details>
<summary>expr-lang/expr (github.com/expr-lang/expr)</summary>

###
[`v1.15.7`](https://togithub.com/expr-lang/expr/releases/tag/v1.15.7)

[Compare
Source](https://togithub.com/expr-lang/expr/compare/v1.15.6...v1.15.7)

**Expr** is a Go-centric expression language designed to deliver dynamic
configurations with unparalleled accuracy, safety, and speed.

##### In this release:

- Fixed commutative property for comparison between a value and a
pointer. ([#&#8203;490](https://togithub.com/expr-lang/expr/issues/490))
- Checker: forbid accessing built-ins and custom functions from `$env`.
([#&#8203;495](https://togithub.com/expr-lang/expr/issues/495))
- Enhanced the number parser to include support for parsing hexadecimal,
binary, and octal literals.
([#&#8203;483](https://togithub.com/expr-lang/expr/issues/483))
- Added `GetSource()` method to `vm.Program`.
([#&#8203;491](https://togithub.com/expr-lang/expr/issues/491))

</details>

<details>
<summary>google/uuid (github.com/google/uuid)</summary>

### [`v1.5.0`](https://togithub.com/google/uuid/releases/tag/v1.5.0)

[Compare
Source](https://togithub.com/google/uuid/compare/v1.4.0...v1.5.0)

##### Features

- Validate UUID without creating new UUID
([#&#8203;141](https://togithub.com/google/uuid/issues/141))
([9ee7366](9ee7366e66))

</details>

<details>
<summary>jellydator/ttlcache
(github.com/jellydator/ttlcache/v3)</summary>

###
[`v3.1.1`](https://togithub.com/jellydator/ttlcache/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/jellydator/ttlcache/compare/v3.1.0...v3.1.1)

Fix a bug in the `Range` method that causes a panic when the cache is
empty

</details>

<details>
<summary>mattn/go-sqlite3 (github.com/mattn/go-sqlite3)</summary>

###
[`v1.14.19`](https://togithub.com/mattn/go-sqlite3/compare/v1.14.18...v1.14.19)

[Compare
Source](https://togithub.com/mattn/go-sqlite3/compare/v1.14.18...v1.14.19)

</details>

<details>
<summary>xanzy/go-gitlab (github.com/xanzy/go-gitlab)</summary>

###
[`v0.95.2`](https://togithub.com/xanzy/go-gitlab/compare/v0.95.1...v0.95.2)

[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.95.1...v0.95.2)

###
[`v0.95.1`](https://togithub.com/xanzy/go-gitlab/compare/v0.95.0...v0.95.1)

[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.95.0...v0.95.1)

###
[`v0.95.0`](https://togithub.com/xanzy/go-gitlab/compare/v0.94.0...v0.95.0)

[Compare
Source](https://togithub.com/xanzy/go-gitlab/compare/v0.94.0...v0.95.0)

</details>

<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>

### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0):
Release 1.60.0

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0)

### Security

- credentials/tls: if not set, set TLS MinVersion to 1.2 and
CipherSuites according to supported suites not forbidden by RFC7540.
- This is a behavior change to bring us into better alignment with RFC
7540.

### API Changes

- resolver: remove deprecated and experimental
`ClientConn.NewServiceConfig`
([#&#8203;6784](https://togithub.com/grpc/grpc-go/issues/6784))
- client: remove deprecated `grpc.WithServiceConfig` `DialOption`
([#&#8203;6800](https://togithub.com/grpc/grpc-go/issues/6800))

### Bug Fixes

- client: fix race that could cause a deadlock while entering idle mode
and receiving a name resolver update
([#&#8203;6804](https://togithub.com/grpc/grpc-go/issues/6804))
- client: always enable TCP keepalives with OS defaults
([#&#8203;6834](https://togithub.com/grpc/grpc-go/issues/6834))
- credentials/alts: fix a bug preventing ALTS from connecting to the
metadata server if the default scheme is overridden
([#&#8203;6686](https://togithub.com/grpc/grpc-go/issues/6686))
- Special Thanks: [@&#8203;mjamaloney](https://togithub.com/mjamaloney)

### Behavior Changes

- server: Do not return from Stop() or GracefulStop() until all
resources are released
([#&#8203;6489](https://togithub.com/grpc/grpc-go/issues/6489))
    -   Special Thanks: [@&#8203;fho](https://togithub.com/fho)

### Documentation

- codes: clarify that only codes defined by this package are valid and
that users should not cast other values to `codes.Code`
([#&#8203;6701](https://togithub.com/grpc/grpc-go/issues/6701))

</details>

<details>
<summary>kubernetes/api (k8s.io/api)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes/api/compare/v0.28.4...v0.29.0)

[Compare
Source](https://togithub.com/kubernetes/api/compare/v0.28.4...v0.29.0)

</details>

<details>
<summary>kubernetes/apimachinery (k8s.io/apimachinery)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes/apimachinery/compare/v0.28.4...v0.29.0)

[Compare
Source](https://togithub.com/kubernetes/apimachinery/compare/v0.28.4...v0.29.0)

</details>

<details>
<summary>kubernetes/client-go (k8s.io/client-go)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes/client-go/compare/v0.28.4...v0.29.0)

[Compare
Source](https://togithub.com/kubernetes/client-go/compare/v0.28.4...v0.29.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge -
"before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/woodpecker-ci/woodpecker).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Robert Kaussow <mail@thegeeklab.de>
2023-12-17 14:37:26 +01:00
6543
d253f8cc30 Make sure we dont have hidden options for backend and pipeline compiler (#2123)
move options based on **os.Getenv** into flags

---------
*Sponsored by Kithara Software GmbH*
2023-08-07 21:13:26 +02:00
Neil Hanlon
a95a5b43bf fix(backend/kubernetes): Ensure valid naming of name field (#1661)
- Kubernetes v1.26 on VKE causes error when creating persistent volume
claim because of uppercase characters in name field

This patch is trivial just in order to get it working - happy to
implement differently.

The error in question:

```
The PersistentVolumeClaim "wp-01G1131R63FWBSPMA4ZAZTKLE-0-clone-0" is invalid: metadata.name: Invalid value: "wp-01G1131R63FWBSPMA4ZAZTKLE-0-clone-0": a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')
```
2023-03-21 20:00:45 +01:00
Anbraten
3b0263442a Adding initial version of Kubernetes backend (#552)
Co-authored-by: laszlocph <laszlo@laszlo.cloud>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Rynoxx <rynoxx@grid-servers.net>
2022-09-05 06:01:14 +02:00