From 9dc87448850dab4814a93697d9b63ef0fad6fdcb Mon Sep 17 00:00:00 2001 From: Mike Palmiotto Date: Fri, 7 Oct 2022 14:24:14 -0400 Subject: [PATCH] Update main to go 1.19.2 (#17437) * Update go version to 1.19.2 This commit updates the default version of go to 1.19.2. This update includes minor security fixes for archive/tar, net/http/httputil, and regexp packages. For more information on the release, see: https://go.dev/doc/devel/release#go1.19.2 * Update Docker versions in CI to 20.10.17 After updating Vault to go version 1.19.2, there were several SIGABRTs in the vault tests. These were related to a missing `pthread_create` syscall in Docker. Since CI was using a much older version of Docker, the fix was to bump it to latest-1 (20.10.17). While we're at it, add a note in the developer docs encouraging the use of the latest Docker version. --- .circleci/config.yml | 26 +++++++++---------- .circleci/config/commands/go_test.yml | 2 +- .circleci/config/executors/@executors.yml | 8 +++--- .../jobs/test-go-race-remote-docker.yml | 2 +- .../config/jobs/test-go-remote-docker.yml | 2 +- Makefile | 2 +- README.md | 2 +- changelog/_go-ver-1120.txt | 2 +- changelog/_go-ver-1130.txt | 3 +++ scripts/docker/Dockerfile | 2 +- scripts/docker/Dockerfile.ui | 2 +- website/README.md | 2 +- .../content/docs/get-started/developer-qs.mdx | 2 ++ 13 files changed, 31 insertions(+), 26 deletions(-) create mode 100644 changelog/_go-ver-1130.txt diff --git a/.circleci/config.yml b/.circleci/config.yml index aebd5733e..c6ff0986d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -120,12 +120,12 @@ jobs: environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - GO_TAGS: '' - - GO_VERSION: 1.19.1 + - GO_VERSION: 1.19.2 - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-remote-docker: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.1 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 resource_class: medium working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -144,7 +144,7 @@ jobs: - checkout - setup_remote_docker: docker_layer_caching: true - version: 18.09.3 + version: 20.10.17 - add_ssh_keys: fingerprints: - b8:e2:38:f8:5b:1b:82:f3:1f:23:fa:46:6e:95:e7:e9 @@ -260,7 +260,7 @@ jobs: -e NO_PROXY \ -e VAULT_TEST_LOG_DIR=/tmp/testlogs \ --network ${TEST_DOCKER_NETWORK_NAME} \ - docker.mirror.hashicorp.services/cimg/go:1.19.1 \ + docker.mirror.hashicorp.services/cimg/go:1.19.2 \ tail -f /dev/null)" mkdir workspace echo ${CONTAINER_ID} > workspace/container_id @@ -364,12 +364,12 @@ jobs: environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - GO_TAGS: '' - - GO_VERSION: 1.19.1 + - GO_VERSION: 1.19.2 - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-race: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.1 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 resource_class: xlarge working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -500,7 +500,7 @@ jobs: -e NO_PROXY \ -e VAULT_TEST_LOG_DIR=/tmp/testlogs \ --network ${TEST_DOCKER_NETWORK_NAME} \ - docker.mirror.hashicorp.services/cimg/go:1.19.1 \ + docker.mirror.hashicorp.services/cimg/go:1.19.2 \ tail -f /dev/null)" mkdir workspace echo ${CONTAINER_ID} > workspace/container_id @@ -560,7 +560,7 @@ jobs: - GO_TAGS: '' test-go: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.1 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 resource_class: large working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -691,7 +691,7 @@ jobs: -e NO_PROXY \ -e VAULT_TEST_LOG_DIR=/tmp/testlogs \ --network ${TEST_DOCKER_NETWORK_NAME} \ - docker.mirror.hashicorp.services/cimg/go:1.19.1 \ + docker.mirror.hashicorp.services/cimg/go:1.19.2 \ tail -f /dev/null)" mkdir workspace echo ${CONTAINER_ID} > workspace/container_id @@ -852,12 +852,12 @@ jobs: environment: - CIRCLECI_CLI_VERSION: 0.1.5546 - GO_TAGS: '' - - GO_VERSION: 1.19.1 + - GO_VERSION: 1.19.2 - GOFUMPT_VERSION: 0.3.1 - GOTESTSUM_VERSION: 0.5.2 test-go-race-remote-docker: docker: - - image: docker.mirror.hashicorp.services/cimg/go:1.19.1 + - image: docker.mirror.hashicorp.services/cimg/go:1.19.2 resource_class: medium working_directory: /home/circleci/go/src/github.com/hashicorp/vault parallelism: 8 @@ -876,7 +876,7 @@ jobs: - checkout - setup_remote_docker: docker_layer_caching: true - version: 18.09.3 + version: 20.10.17 - add_ssh_keys: fingerprints: - b8:e2:38:f8:5b:1b:82:f3:1f:23:fa:46:6e:95:e7:e9 @@ -992,7 +992,7 @@ jobs: -e NO_PROXY \ -e VAULT_TEST_LOG_DIR=/tmp/testlogs \ --network ${TEST_DOCKER_NETWORK_NAME} \ - docker.mirror.hashicorp.services/cimg/go:1.19.1 \ + docker.mirror.hashicorp.services/cimg/go:1.19.2 \ tail -f /dev/null)" mkdir workspace echo ${CONTAINER_ID} > workspace/container_id diff --git a/.circleci/config/commands/go_test.yml b/.circleci/config/commands/go_test.yml index cc9a0337b..87855794f 100644 --- a/.circleci/config/commands/go_test.yml +++ b/.circleci/config/commands/go_test.yml @@ -14,7 +14,7 @@ parameters: default: false go_image: type: string - default: "docker.mirror.hashicorp.services/cimg/go:1.19.1" + default: "docker.mirror.hashicorp.services/cimg/go:1.19.2" use_docker: type: boolean default: false diff --git a/.circleci/config/executors/@executors.yml b/.circleci/config/executors/@executors.yml index 3b9d84d7a..467e7ac45 100644 --- a/.circleci/config/executors/@executors.yml +++ b/.circleci/config/executors/@executors.yml @@ -4,7 +4,7 @@ go-machine: shell: /usr/bin/env bash -euo pipefail -c environment: CIRCLECI_CLI_VERSION: 0.1.5546 # Pin CircleCI CLI to patch version (ex: 1.2.3) - GO_VERSION: 1.19.1 # Pin Go to patch version (ex: 1.2.3) + GO_VERSION: 1.19.2 # Pin Go to patch version (ex: 1.2.3) GOTESTSUM_VERSION: 0.5.2 # Pin gotestsum to patch version (ex: 1.2.3) GOFUMPT_VERSION: 0.3.1 # Pin gofumpt to patch version (ex: 1.2.3) GO_TAGS: "" @@ -30,7 +30,7 @@ semgrep: docker-env-go-test-remote-docker: resource_class: medium docker: - - image: "docker.mirror.hashicorp.services/cimg/go:1.19.1" + - image: "docker.mirror.hashicorp.services/cimg/go:1.19.2" environment: CIRCLECI_CLI_VERSION: 0.1.5546 # Pin CircleCI CLI to patch version (ex: 1.2.3) GO_TAGS: "" @@ -38,7 +38,7 @@ docker-env-go-test-remote-docker: docker-env-go-test: resource_class: large docker: - - image: "docker.mirror.hashicorp.services/cimg/go:1.19.1" + - image: "docker.mirror.hashicorp.services/cimg/go:1.19.2" environment: CIRCLECI_CLI_VERSION: 0.1.5546 # Pin CircleCI CLI to patch version (ex: 1.2.3) GO_TAGS: "" @@ -46,7 +46,7 @@ docker-env-go-test: docker-env-go-test-race: resource_class: xlarge docker: - - image: "docker.mirror.hashicorp.services/cimg/go:1.19.1" + - image: "docker.mirror.hashicorp.services/cimg/go:1.19.2" environment: CIRCLECI_CLI_VERSION: 0.1.5546 # Pin CircleCI CLI to patch version (ex: 1.2.3) GO_TAGS: "" diff --git a/.circleci/config/jobs/test-go-race-remote-docker.yml b/.circleci/config/jobs/test-go-race-remote-docker.yml index 40ca7c6f1..6780c6036 100644 --- a/.circleci/config/jobs/test-go-race-remote-docker.yml +++ b/.circleci/config/jobs/test-go-race-remote-docker.yml @@ -4,7 +4,7 @@ steps: - exit-if-ui-or-docs-branch - checkout - setup_remote_docker: - version: 18.09.3 + version: 20.10.17 docker_layer_caching: true - go_test: extra_flags: "-race" diff --git a/.circleci/config/jobs/test-go-remote-docker.yml b/.circleci/config/jobs/test-go-remote-docker.yml index 6ae40de1f..f51003f09 100644 --- a/.circleci/config/jobs/test-go-remote-docker.yml +++ b/.circleci/config/jobs/test-go-remote-docker.yml @@ -4,7 +4,7 @@ steps: - exit-if-ui-or-docs-branch - checkout - setup_remote_docker: - version: 18.09.3 + version: 20.10.17 docker_layer_caching: true - go_test: log_dir: "/tmp/testlogs" diff --git a/Makefile b/Makefile index f084e3bd5..57e2e4f6e 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ GOFMT_FILES?=$$(find . -name '*.go' | grep -v pb.go | grep -v vendor) SED?=$(shell command -v gsed || command -v sed) -GO_VERSION_MIN=1.19.1 +GO_VERSION_MIN=1.19.2 PROTOC_VERSION_MIN=3.21.5 GO_CMD?=go CGO_ENABLED?=0 diff --git a/README.md b/README.md index 8d1412a71..ccf7c6f43 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,7 @@ Developing Vault If you wish to work on Vault itself or any of its built-in systems, you'll first need [Go](https://www.golang.org) installed on your machine. Go version -1.19.1+ is *required*. +1.19.2+ is *required*. For local dev first make sure Go is properly installed, including setting up a [GOPATH](https://golang.org/doc/code.html#GOPATH). Ensure that `$GOPATH/bin` is in diff --git a/changelog/_go-ver-1120.txt b/changelog/_go-ver-1120.txt index 6cb60f605..bbb2cf7c3 100644 --- a/changelog/_go-ver-1120.txt +++ b/changelog/_go-ver-1120.txt @@ -1,3 +1,3 @@ ```release-note:change -core: Bump Go version to 1.19.1. +core: Bump Go version to 1.19.2. ``` diff --git a/changelog/_go-ver-1130.txt b/changelog/_go-ver-1130.txt new file mode 100644 index 000000000..bbb2cf7c3 --- /dev/null +++ b/changelog/_go-ver-1130.txt @@ -0,0 +1,3 @@ +```release-note:change +core: Bump Go version to 1.19.2. +``` diff --git a/scripts/docker/Dockerfile b/scripts/docker/Dockerfile index 7817c02a5..0fff3d49f 100644 --- a/scripts/docker/Dockerfile +++ b/scripts/docker/Dockerfile @@ -1,6 +1,6 @@ # Multi-stage builder to avoid polluting users environment with wrong # architecture binaries. -ARG VERSION=1.19.1 +ARG VERSION=1.19.2 FROM golang:${VERSION} AS builder diff --git a/scripts/docker/Dockerfile.ui b/scripts/docker/Dockerfile.ui index 371a576fc..e0b9603e5 100644 --- a/scripts/docker/Dockerfile.ui +++ b/scripts/docker/Dockerfile.ui @@ -2,7 +2,7 @@ # architecture binaries. This file only currently works for linux/amd64. FROM debian:buster AS builder -ARG VERSION=1.19.1 +ARG VERSION=1.19.2 ARG CGO_ENABLED=0 ARG BUILD_TAGS ENV JOBS=2 diff --git a/website/README.md b/website/README.md index d895a340e..b4611af9d 100644 --- a/website/README.md +++ b/website/README.md @@ -46,7 +46,7 @@ The website can be run locally through node.js or [Docker](https://www.docker.co ### With Docker -Running the site locally is simple. Provided you have Docker installed, clone this repo, run `make`, and then visit `http://localhost:3000`. +Running the site locally is simple. Provided you have the [latest version](https://docs.docker.com/engine/release-notes/) of Docker installed, clone this repo, run `make`, and then visit `http://localhost:3000`. The docker image is pre-built with all the website dependencies installed, which is what makes it so quick and simple, but also means if you need to change dependencies and test the changes within Docker, you'll need a new image. If this is something you need to do, you can run `make build-image` to generate a local Docker image with updated dependencies, then `make website-local` to use that image and preview. diff --git a/website/content/docs/get-started/developer-qs.mdx b/website/content/docs/get-started/developer-qs.mdx index dcd048337..b19a37bb9 100644 --- a/website/content/docs/get-started/developer-qs.mdx +++ b/website/content/docs/get-started/developer-qs.mdx @@ -23,6 +23,8 @@ For an out-of-the-box runnable demo application showcasing these concepts and mo - [Docker](https://docs.docker.com/get-docker/) or a [local installation](https://learn.hashicorp.com/tutorials/vault/getting-started-install?in=vault/getting-started) of the Vault binary - A development environment applicable to one of the languages in this quick start (currently **Go**, **Ruby**, **C#**, **Python**, **Java (Spring)**, and **Bash (curl)**) +-> **Note**: Make sure you are using the [latest version](https://docs.docker.com/engine/release-notes/) of Docker. Older versions may not work. As of 1.12.0, the recommended version of Docker is 20.10.17 or higher. + ## Step 1: Start Vault !> **Warning**: This in-memory “dev” server is useful for practicing with Vault locally for the first time, but is insecure and **should never be used in production**. For developers who need to manage their own production Vault installations, this [page](https://learn.hashicorp.com/tutorials/vault/production-hardening) provides some guidance on how to make your setup more production-friendly.