Update build (#6836)

* Update build * Update Go to 1.23.0 * Update minimum Go version to 1.22. * Update golangci-lint to v1.60.1. * Make GitHub action version hash/tag consistent. * Increase dependabot open PRs from 5 to 20. Signed-off-by: SuperQ <superq@gmail.com> * Fixup lint issue. Signed-off-by: SuperQ <superq@gmail.com> --------- Signed-off-by: SuperQ <superq@gmail.com>
2025-10-31 10:13:14 -04:00 · 2024-08-18 07:13:53 +02:00
parent ec8e3844a9
commit d85c3b648d
17 changed files with 40 additions and 38 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -12,8 +12,10 @@ updates:
      go.etcd.io:
        patterns:
          - "go.etcd.io/etcd/*"
+    open-pull-requests-limit: 20

  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "weekly"
+    open-pull-requests-limit: 20
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -20,7 +20,7 @@ jobs:
          fuzz-seconds: 600
          dry-run: false
      - name: Upload Crash
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a  # v4.3.6
        if: failure() && steps.build.outcome == 'success'
        with:
          name: artifacts
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -27,15 +27,15 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3.26.2
+        uses: github/codeql-action/init@429e1977040da7a23b6822b13c129cd1ba93dbb2  # v3.26.2
        with:
          languages: ${{ matrix.language }}

      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3.26.2
+        uses: github/codeql-action/autobuild@429e1977040da7a23b6822b13c129cd1ba93dbb2  # v3.26.2

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3.26.2
+        uses: github/codeql-action/analyze@429e1977040da7a23b6822b13c129cd1ba93dbb2  # v3.26.2
--- a/.github/workflows/depsreview.yml
+++ b/.github/workflows/depsreview.yml
@@ -9,6 +9,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
      - name: 'Dependency Review'
        uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -20,7 +20,7 @@ jobs:
      DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
      RELEASE: ${{ github.event.inputs.release || github.event.release.tag_name }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
      - name: Build Docker Images
        run: make VERSION=${RELEASE:1} DOCKER=coredns -f Makefile.docker release
      - name: Show Docker Images
--- a/.github/workflows/go.coverage.yml
+++ b/.github/workflows/go.coverage.yml
@@ -9,13 +9,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Setup Go Version
        run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV

      - name: Install Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
        id: go
@@ -31,4 +31,4 @@ jobs:
          done

      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673
+        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673  # v4.5.0
--- a/.github/workflows/go.test.yml
+++ b/.github/workflows/go.test.yml
@@ -9,13 +9,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Setup Go Version
        run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV

      - name: Install Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
        id: go
@@ -34,13 +34,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Setup Go Version
        run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV

      - name: Install Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
        id: go
@@ -56,10 +56,10 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Install Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: '~1.21.0'
        id: go
@@ -77,7 +77,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Install dependencies
        run: sudo apt-get install make curl
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@@ -6,13 +6,13 @@ jobs:
    name: lint
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
      - name: Setup Go Version
        run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}
      - name: golangci-lint
-        uses: golangci/golangci-lint-action@v6.1.0
+        uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86  # v6.1.0
        with:
-          version: v1.55.2
+          version: v1.60.1
--- a/.github/workflows/make.doc.yml
+++ b/.github/workflows/make.doc.yml
@@ -13,13 +13,13 @@ jobs:
      contents: write
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6

      - name: Setup Go Version
        run: echo "GO_VERSION=$(cat .go-version)" >> $GITHUB_ENV

      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32  # v5.0.2
        with:
          go-version: ${{ env.GO_VERSION }}

--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
      contents: write
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
        with:
          ref: ${{ github.event.inputs.commit }}
      - name: Set up info
@@ -45,7 +45,7 @@ jobs:
          cat release.md
          sha256sum release/*.tgz
      - name: Draft release
-        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191
+        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191  # v2.0.8
        with:
          body_path: release.md
          name: v${{ steps.info.outputs.version }}
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -23,12 +23,12 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
        with:
          persist-credentials: false

      - name: "Run analysis"
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46  # v2.4.0
        with:
          results_file: results.sarif
          results_format: sarif
@@ -43,7 +43,7 @@ jobs:

      # Upload the results as artifacts (optional).
      - name: "Upload artifact"
-        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a  # v4.3.6
        with:
          name: SARIF file
          path: results.sarif
@@ -51,6 +51,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@5c681efc3f71cd6b47b1c14583c9e86913966e9f
+        uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2  # v3.26.2
        with:
          sarif_file: results.sarif
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -13,7 +13,7 @@ jobs:
      pull-requests: write  # for actions/stale to close stale PRs
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e
+      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e  # v9.0.0
        with:
          stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days'
          stale-pr-message: 'This pull request is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days'
--- a/.github/workflows/trivy-scan.yaml
+++ b/.github/workflows/trivy-scan.yaml
@@ -18,7 +18,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8  # master
        with:
@@ -28,6 +28,6 @@ jobs:
          output: 'trivy-results.sarif'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@5c681efc3f71cd6b47b1c14583c9e86913966e9f  # v2.13.4
+        uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2  # v3.26.2
        with:
          sarif_file: 'trivy-results.sarif'
--- a/.github/workflows/yamllint.yml
+++ b/.github/workflows/yamllint.yml
@@ -8,7 +8,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout'
-        uses: actions/checkout@v4
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29  # v4.1.6
      - name: 'Yamllint'
        uses: karancode/yamllint-github-action@fdef6bc189425ecc84cc4543b2674566c0827053
        with:
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.21.12
+1.23.0
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/coredns/coredns

-go 1.21
+go 1.22

 require (
 	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
--- a/plugin/transfer/select_test.go
+++ b/plugin/transfer/select_test.go
@@ -2,7 +2,7 @@ package transfer

 import (
 	"context"
-	"fmt"
+	"errors"
 	"testing"

 	"github.com/coredns/coredns/plugin/pkg/dnstest"
@@ -21,14 +21,14 @@ func (t t1) Transfer(zone string, serial uint32) (<-chan []dns.RR, error) {
 	if zone != z {
 		return nil, ErrNotAuthoritative
 	}
-	return nil, fmt.Errorf(z)
+	return nil, errors.New(z)
 }
 func (t t2) Transfer(zone string, serial uint32) (<-chan []dns.RR, error) {
 	const z = "sub.example.org."
 	if zone != z {
 		return nil, ErrNotAuthoritative
 	}
-	return nil, fmt.Errorf(z)
+	return nil, errors.New(z)
 }

 func TestZoneSelection(t *testing.T) {
@@ -1 +1 @@
 .21.12
 .23.0