diff --git a/.circleci/Dockerfile b/.circleci/Dockerfile index f5e7bf5c64..4e5fd38313 100644 --- a/.circleci/Dockerfile +++ b/.circleci/Dockerfile @@ -1,4 +1,5 @@ -FROM --platform=$TARGETPLATFORM golang:1.22-bullseye +# When upgrading golang, make sure to update the docker executors that use snyklabs/cli-build in .circleci/config.yml +FROM --platform=$TARGETPLATFORM golang:1.23-bullseye # install "normal" stuff diff --git a/.circleci/config.yml b/.circleci/config.yml index 8df94018cd..14719e677e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -16,7 +16,7 @@ parameters: go_version: type: string # https://go.dev/doc/devel/release - default: '1.22.6' + default: '1.23.2' aws_version: type: string # https://github.com/aws/aws-cli/blob/v2/CHANGELOG.rst @@ -47,22 +47,22 @@ executors: resource_class: small docker-amd64: docker: - - image: snyklabs/cli-build:20240814-161347 + - image: snyklabs/cli-build:20241015-082358 working_directory: /mnt/ramdisk/snyk resource_class: large docker-amd64-xl: docker: - - image: snyklabs/cli-build:20240814-161347 + - image: snyklabs/cli-build:20241015-082358 working_directory: /mnt/ramdisk/snyk resource_class: xlarge docker-arm64: docker: - - image: snyklabs/cli-build-arm64:20240814-161347 + - image: snyklabs/cli-build-arm64:20241015-082358 working_directory: /mnt/ramdisk/snyk resource_class: arm.large docker-arm64-xl: docker: - - image: snyklabs/cli-build-arm64:20240814-161347 + - image: snyklabs/cli-build-arm64:20241015-082358 working_directory: /mnt/ramdisk/snyk resource_class: arm.xlarge linux-ubuntu-mantic-amd64: @@ -186,7 +186,7 @@ commands: - restore_cache: name: Restoring Chocolatey cache keys: - - chocolatey-cache-v3-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} + - chocolatey-cache-v4-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} - run: name: Install Windows dependencies shell: bash.exe @@ -197,7 +197,7 @@ commands: choco install nodejs --version=$(head .nvmrc) --no-progress -y - save_cache: name: Saving Chocolatey cache - key: chocolatey-cache-v3-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} + key: chocolatey-cache-v4-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} paths: - ~\AppData\Local\Temp\chocolatey - install-deps-python: @@ -254,7 +254,7 @@ commands: - restore_cache: name: Restoring Chocolatey cache keys: - - chocolatey-cache-v3-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} + - chocolatey-cache-v4-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} - run: name: Install Windows dependencies shell: bash.exe @@ -262,7 +262,7 @@ commands: choco install make --no-progress -y - save_cache: name: Saving Chocolatey cache - key: chocolatey-cache-v3-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} + key: chocolatey-cache-v4-{{ arch }}-{{ checksum ".circleci/chocolatey.config" }} paths: - ~\AppData\Local\Temp\chocolatey - install-deps-python: diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 852f822f04..0c23e9ea93 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,61 +1,24 @@ -## Pull Request Submission - -Please check the boxes once done. - -The pull request must: - -- **Reviewer Documentation** - - [ ] follow [CONTRIBUTING](https://github.com/snyk/cli/blob/main/CONTRIBUTING.md) rules - - [ ] be accompanied by a detailed description of the changes - - [ ] contain a risk assessment of the change (Low | Medium | High) with regards to breaking existing functionality. A change e.g. of an underlying language plugin can completely break the functionality for that language, but appearing as only a version change in the dependencies. - - [ ] highlight breaking API if applicable - - [ ] contain a link to the automatic tests that cover the updated functionality. - - [ ] contain testing instructions in case that the reviewer wants to manual verify as well, to add to the manual testing done by the author. - - [ ] link to the link to the PR for the User-facing documentation -- **User facing Documentation** - - [ ] update any relevant documentation in gitbook by submitting a gitbook PR, and including the PR link here - - [ ] ensure that the message of the final single commit is descriptive and prefixed with either `feat:` or `fix:` , others might be used in rare occasions as well, if there is no need to document the changes in the release notes. The changes or fixes should be described in detail in the commit message for the changelog & release notes. -- **Testing** - - [ ] Changes, removals and additions to functionality must be covered by acceptance / integration tests or smoke tests - either already existing ones, or new ones, created by the author of the PR. - -## Pull Request Review - -All pull requests must undergo a thorough review process before being merged. -The review process of the code PR should include code review, testing, and any necessary feedback or revisions. -Pull request reviews of functionality developed in other teams only review the given documentation and test reports. - -Manual testing will not be performed by the reviewing team, and is the responsibility of the author of the PR. - -For Node projects: It’s important to make sure changes in `package.json` are also affecting `package-lock.json` correctly. - -****************************If a dependency is not necessary, don’t add it.**************************** - -When adding a new package as a dependency, make sure that the change is absolutely necessary. We would like to refrain from adding new dependencies when possible. -Documentation PRs in gitbook are reviewed by Snyk's content team. They will also advise on the best phrasing and structuring if needed. - -## Pull Request Approval - -Once a pull request has been reviewed and all necessary revisions have been made, it is approved for merging into -the main codebase. The merging of the code PR is performed by the code owners, the merging of the documentation PR -by our content writers. - +## Pull Request Submission Checklist +- [ ] Follows [CONTRIBUTING](https://github.com/snyk/cli/blob/main/CONTRIBUTING.md) guidelines +- [ ] Includes detailed description of changes +- [ ] Contains risk assessment (Low | Medium | High) +- [ ] Highlights breaking API changes (if applicable) +- [ ] Links to automated tests covering new functionality +- [ ] Includes manual testing instructions (if necessary) +- [ ] Updates relevant GitBook documentation (PR link: ___) ## What does this PR do? - ## Where should the reviewer start? - ## How should this be manually tested? - + \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f00ca71012..b5a7ba8f15 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -307,11 +307,27 @@ If any checks fail, fix them and force push your changes again. Make sure to rev Some tests may "flake", meaning they failed due to some external factor. While we try to fix these tests immediately, that's not always possible. You can use CircleCI's "Re-run from Failed" option to re-run only that job without needing to re-run the entire pipeline. -## Review cycle +## Review process Once your checks have passed, you can publish your Draft PR. Codeowners will be automatically assigned. Ask each codeowner for a review using relevant channels on Slack. Iterate on feedback. +All pull requests must undergo a thorough review process before being merged. This includes: -Once you have received the necessary approvals, you can merge. +1. Code review +2. Testing +3. Documentation review (if applicable) +4. Any necessary feedback or revisions + +Pull request reviews of functionality developed in other teams only review the given documentation and test reports. Manual testing will not be performed by the reviewing team and is the responsibility of the author of the PR. + +For Node projects: Ensure changes in package.json are correctly reflected in package-lock.json. + +When adding a new package as a dependency, make sure that the change is absolutely necessary. We aim to minimize new dependencies when possible. + +Documentation PRs in GitBook are reviewed by Snyk's content team. They will also advise on the best phrasing and structuring if needed. + +## Approval and merging + +Once a pull request has been reviewed and all necessary revisions have been made, it is approved for merging into the main codebase. The merging of the code PR is performed by the code owners, while the merging of the documentation PR is done by our content writers. ## Creating a release @@ -340,6 +356,10 @@ If you have made changes to the `go-application-framework`, you can run `python3 You can then raise a pr with the relevant changes. +## Upgrading go-lang versions + +When upgrading golang, you will need to update the Dockerfile under .circleci, run the _Create Build Image_ job on github, and update the docker executor that use the `snyklabs/cli-build` image in the .circleci/config.yml file, to use the new image. + --- Questions? Ask Hammerhead 🔨 diff --git a/cliv2/Makefile b/cliv2/Makefile index 9fb8cb20d2..60a638d440 100644 --- a/cliv2/Makefile +++ b/cliv2/Makefile @@ -19,7 +19,7 @@ export LS_PROTOCOL_VERSION= # Build tools GO_BIN := $(shell pwd)/.bin -OVERRIDE_GOCI_LINT_V := v1.59.1 +OVERRIDE_GOCI_LINT_V := v1.61.0 SHELL := env PATH=$(GO_BIN):$(PATH) $(SHELL) # Make directories per convention diff --git a/cliv2/cmd/cliv2/main.go b/cliv2/cmd/cliv2/main.go index 84519f99d6..a422b267fd 100644 --- a/cliv2/cmd/cliv2/main.go +++ b/cliv2/cmd/cliv2/main.go @@ -307,7 +307,7 @@ func getGlobalFLags() *pflag.FlagSet { } func emptyCommandFunction(_ *cobra.Command, _ []string) error { - return fmt.Errorf(unknownCommandMessage) + return fmt.Errorf("%s", unknownCommandMessage) } func createCommandsForWorkflows(rootCommand *cobra.Command, engine workflow.Engine) { diff --git a/cliv2/cmd/cliv2/main_test.go b/cliv2/cmd/cliv2/main_test.go index cb9c68e0f5..2ec152d429 100644 --- a/cliv2/cmd/cliv2/main_test.go +++ b/cliv2/cmd/cliv2/main_test.go @@ -422,7 +422,7 @@ func Test_runWorkflowAndProcessData_WithTransformation(t *testing.T) { workflowId1 := workflow.NewWorkflowIdentifier("output") outputFn := func(invocation workflow.InvocationContext, input []workflow.Data) ([]workflow.Data, error) { - assert.Len(t, input, 3, "not enough items received") + assert.Len(t, input, 2, "incorrect number of items received") localFindingsFound := false for i := range input { diff --git a/cliv2/go.mod b/cliv2/go.mod index 7a261b5062..eaa6bfa14f 100644 --- a/cliv2/go.mod +++ b/cliv2/go.mod @@ -1,8 +1,8 @@ module github.com/snyk/cli/cliv2 -go 1.22 +go 1.23 -toolchain go1.22.6 +toolchain go1.23.2 require ( github.com/elazarl/goproxy v0.0.0-20231031074852-3ec07828be7a @@ -17,7 +17,7 @@ require ( github.com/snyk/cli-extension-sbom v0.0.0-20241016065306-0df2be5b3b8f github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7 github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb - github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3 + github.com/snyk/go-application-framework v0.0.0-20241011135148-71eca49aa231 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 github.com/snyk/snyk-iac-capture v0.6.5 github.com/snyk/snyk-ls v0.0.0-20241023124225-627b73041471 diff --git a/cliv2/go.sum b/cliv2/go.sum index 01c7c68eb1..87cff4c87d 100644 --- a/cliv2/go.sum +++ b/cliv2/go.sum @@ -762,8 +762,8 @@ github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7 h1:Zn5BcV76oFAb github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM= github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb h1:w9tJhpTFxWqAhLeraGsMExDjGK9x5Dwj1NRFwb+t+QE= github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4= -github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3 h1:aUFtOsdCHfiwb7LJV8jh+xjich9VpAczNtuMtij7CtM= -github.com/snyk/go-application-framework v0.0.0-20241009095349-dc0fb55f3eb3/go.mod h1:LeMsRM1FxIfO/8QpOs9V/dI46ie/RAQl02ulAh6aKys= +github.com/snyk/go-application-framework v0.0.0-20241011135148-71eca49aa231 h1:mLiZHx8m36ySB+KZ9x1OR+VR84YJuOXv0/9zYsPkReU= +github.com/snyk/go-application-framework v0.0.0-20241011135148-71eca49aa231/go.mod h1:LeMsRM1FxIfO/8QpOs9V/dI46ie/RAQl02ulAh6aKys= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg= github.com/snyk/policy-engine v0.31.3 h1:FepCg6QN/X8uvxYjF+WwB2aiBPJB+NENDgKQeI/FwLg=