Merge branch 'main' into fix-creds_process

Signed-off-by: Justin Alvarez <[email protected]>

.github/workflows/benchmark.yaml

@@ -29,7 +29,7 @@ jobs:
           ]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # We need to get all the git tags to make version injection work. See VERSION in Makefile for more detail.
           fetch-depth: 0

.github/workflows/build-and-test-pkg.yaml

@@ -41,7 +41,7 @@ jobs:
     runs-on: [self-hosted, macos, arm64, 11, release]
     timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ needs.get-tag-name.outputs.tag }}
           fetch-depth: 0
@@ -63,7 +63,7 @@ jobs:
         shell: zsh {0}
 
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ secrets.ROLE }}
           role-session-name: dependency-upload-session
@@ -79,7 +79,7 @@ jobs:
     runs-on: [self-hosted, macos, amd64, 11, release]
     timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ needs.get-tag-name.outputs.tag }}
           fetch-depth: 0
@@ -101,7 +101,7 @@ jobs:
         shell: zsh {0}
 
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ secrets.ROLE }}
           role-session-name: dependency-upload-session
@@ -130,7 +130,7 @@ jobs:
       ACCESS_TOKEN: ${{ secrets.FINCH_BOT_TOKEN }}
     steps:
       - name: Checkout the tag
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ needs.get-tag-name.outputs.tag }}
           fetch-depth: 0
@@ -152,7 +152,7 @@ jobs:
             sudo pkill '^socket_vmnet'
           fi
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ secrets.ROLE }}
           role-session-name: download-installer-session
@@ -241,7 +241,7 @@ jobs:
       ACCESS_TOKEN: ${{ secrets.FINCH_BOT_TOKEN }}
     steps:
       - name: Checkout the tag
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ needs.get-tag-name.outputs.tag }}
           fetch-depth: 0
@@ -263,7 +263,7 @@ jobs:
             sudo pkill '^socket_vmnet'
           fi
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: ${{ secrets.ROLE }}
           role-session-name: download-installer-session

.github/workflows/ci-docs.yaml

@@ -72,7 +72,7 @@ jobs:
   mdlint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: avto-dev/markdown-lint@v1
         with:
           args: '**/*.md'

.github/workflows/ci.yaml

@@ -28,7 +28,7 @@ jobs:
   gen-code-no-diff:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
           go-version-file: go.mod
@@ -38,7 +38,7 @@ jobs:
   unit-tests:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
           # Since this repository is not meant to be used as a library,
@@ -50,7 +50,7 @@ jobs:
   go-linter:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
           go-version-file: go.mod
@@ -63,10 +63,20 @@ jobs:
           # so we will just update it manually whenever it makes sense (e.g., a feature that we want is added).
           version: v1.53.3
           args: --fix=false --timeout=5m
+  shellcheck:
+    name: ShellCheck
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run ShellCheck
+        uses: ludeeus/[email protected]
+        with:
+          version: v0.9.0 
+        continue-on-error: true
   go-mod-tidy-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
           go-version-file: go.mod
@@ -77,7 +87,7 @@ jobs:
   check-licenses:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v4
         with:
           go-version-file: go.mod
@@ -96,7 +106,7 @@ jobs:
           ]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # We need to get all the git tags to make version injection work. See VERSION in Makefile for more detail.
           fetch-depth: 0
@@ -108,7 +118,7 @@ jobs:
           has_creds=${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name }}
           echo "has_creds=$has_creds" >> $GITHUB_OUTPUT
       - name: configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v2.2.0
+        uses: aws-actions/configure-aws-credentials@v4
         if: steps.vars.outputs.has_creds == true
         with:
           role-to-assume: ${{ secrets.ROLE }}
@@ -139,64 +149,10 @@ jobs:
           git clean -f -d
           REGISTRY=${{ steps.vars.outputs.has_creds == true && env.REGISTRY || '' }} make test-e2e
         shell: zsh {0}
-  e2e-tests-for-docker-compat:
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-          [
-            [self-hosted, macos, amd64, 13, test],
-            [self-hosted, macos, arm64, 13, test],
-          ]
-    runs-on: ${{ matrix.os }}
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          # We need to get all the git tags to make version injection work. See VERSION in Makefile for more detail.
-          fetch-depth: 0
-          persist-credentials: false
-          submodules: true
-      - name: Set output variables
-        id: vars
-        run: |
-          has_creds=${{ github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name }}
-          echo "has_creds=$has_creds" >> $GITHUB_OUTPUT
-      - name: configure aws credentials
-        uses: aws-actions/[email protected]
-        if: steps.vars.outputs.has_creds == true
-        with:
-          role-to-assume: ${{ secrets.ROLE }}
-          role-session-name: credhelper-test-docker-compat
-          aws-region: ${{ secrets.REGION }}
-      - name: Clean up previous files
-        run: |
-          sudo rm -rf /opt/finch
-          sudo rm -rf ~/.finch
-          sudo rm -rf ./_output
-          if pgrep '^qemu-system'; then
-            sudo pkill '^qemu-system'
-          fi
-          if pgrep '^socket_vmnet'; then
-            sudo pkill '^socket_vmnet'
-          fi
-      - name: Install Rosetta 2
-        run: echo "A" | softwareupdate --install-rosetta || true
-      - run: brew install go lz4 automake autoconf libtool
-        shell: zsh {0}
-      - name: Build project
-        run: |
-          export PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH"
-          make
-        shell: zsh {0}
-      - run: |
-          git status
-          git clean -f -d
-          FINCH_DOCKER_COMPAT=1 REGISTRY=${{ steps.vars.outputs.has_creds == true && env.REGISTRY || '' }} make test-e2e
-        shell: zsh {0}
   mdlint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: avto-dev/markdown-lint@v1
         with:
           args: '**/*.md'

.github/workflows/release-automation.yaml

@@ -12,7 +12,7 @@ jobs:
     outputs:
       tag: ${{ steps.latest-tag.outputs.tag }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
             fetch-depth: 0
       - name: 'Get the latest tag'

.github/workflows/release-homebrew.yaml

@@ -13,7 +13,7 @@ jobs:
       tag: ${{ steps.latesttag.outputs.tag }}
       version: ${{ steps.latestversion.outputs.version }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
             fetch-depth: 0
       - name: 'Get the latest tag'
@@ -53,7 +53,7 @@ jobs:
       FINCH_TAG: ${{ needs.get-latest-tag.outputs.tag }}
       FINCH_VERSION: ${{ needs.get-latest-tag.outputs.version }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ env.FINCH_TAG }}
           fetch-depth: 0
@@ -74,7 +74,7 @@ jobs:
             sudo pkill '^socket_vmnet'
           fi
           cd $(brew --repo homebrew/cask) 
-          brew uninstall --cask ./Casks/finch.rb || true
+          brew uninstall --cask ./Casks/f/finch.rb || true
         shell: zsh {0}
       - name: Set up Homebrew
         id: set-up-homebrew
@@ -93,7 +93,7 @@ jobs:
         run: |
           export HOMEBREW_NO_INSTALL_FROM_API=1
           cd $(brew --repo homebrew/cask)
-          brew install --cask ./Casks/finch.rb
+          brew install --cask ./Casks/f/finch.rb
         shell: zsh {0}
       - name: Install Rosetta 2
         run: echo "A" | softwareupdate --install-rosetta || true
@@ -141,7 +141,7 @@ jobs:
           # Need to reinstall because there were errors on arm64 11.7 and arm64 12.6 hosts after running multiple instances tests,
           # that caused the VM initialization failure in the e2e test. 
           # Example workflow run https://github.com/runfinch/finch/actions/runs/4367457552/jobs/7638794529
-          brew reinstall --cask ./Casks/finch.rb
+          brew reinstall --cask ./Casks/f/finch.rb
         shell: zsh {0}
       - name: Run e2e tests
         uses: nick-fields/retry@v2
@@ -153,7 +153,7 @@ jobs:
         if: ${{ always() }}
         run: |
           cd $(brew --repo homebrew/cask)
-          brew uninstall --zap --cask ./Casks/finch.rb
+          brew uninstall --zap --cask ./Casks/f/finch.rb
           if [ -d "/Applications/Finch" ]; then
             echo ERROR: Finch is not uninstalled
             exit 1
@@ -176,7 +176,7 @@ jobs:
       FINCH_TAG: ${{ needs.get-latest-tag.outputs.tag }}
       FINCH_VERSION: ${{ needs.get-latest-tag.outputs.version }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ env.FINCH_TAG }}
           fetch-depth: 0
@@ -197,7 +197,7 @@ jobs:
             sudo pkill '^socket_vmnet'
           fi
           cd $(brew --repo homebrew/cask) 
-          brew uninstall --cask ./Casks/finch.rb || true
+          brew uninstall --cask ./Casks/f/finch.rb || true
         shell: zsh {0}
       - name: Set up Homebrew
         id: set-up-homebrew
@@ -214,7 +214,7 @@ jobs:
         run: |
           export HOMEBREW_NO_INSTALL_FROM_API=1
           cd $(brew --repo homebrew/cask)
-          brew install --cask ./Casks/finch.rb
+          brew install --cask ./Casks/f/finch.rb
         shell: zsh {0}
       - name: Install Rosetta 2
         run: echo "A" | softwareupdate --install-rosetta || true 
@@ -259,7 +259,7 @@ jobs:
           sudo rm -rf ./_output
           export HOMEBREW_NO_INSTALL_FROM_API=1
           cd $(brew --repo homebrew/cask)
-          brew reinstall --cask ./Casks/finch.rb
+          brew reinstall --cask ./Casks/f/finch.rb
         shell: zsh {0}
       - name: Run e2e tests
         uses: nick-fields/retry@v2
@@ -271,7 +271,7 @@ jobs:
         if: ${{ always() }}
         run: |
           cd $(brew --repo homebrew/cask)
-          brew uninstall --zap --cask ./Casks/finch.rb
+          brew uninstall --zap --cask ./Casks/f/finch.rb
           if [ -d "/Applications/Finch" ]; then
             echo ERROR: Finch is not uninstalled
             exit 1