Commit Graph

79 Commits (309ddef85205c341c3eb0afdcb886e0c738d833e)

Author SHA1 Message Date
dependabot[bot] a121b9f263 .github: Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot] 257d75beb1 .github: Bump actions/setup-go from 2.1.5 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2.1.5 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2.1.5...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot] f2b0faf91e .github: Bump actions/upload-artifact from 2.3.1 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2.3.1...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot] 7fbb6a76ad .github: Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
David Anderson 2a412ac9ee .github/workflows: work around golang/go#51629
Incidentally, simplify the go generate CI workflow, by
marking the dnsfallback update non-hermetic (so CI will
skip it) rather than manually filter it out of `go list`.

Updates #4194

Signed-off-by: David Anderson <danderson@tailscale.com>
3 years ago
Josh Bleecher Snyder 4b1e02057a .github/workflows: request Go 1.18
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
James Tucker 858286d97f
github/windows: improve caching in -race builder (#4172)
Signed-off-by: James Tucker <james@tailscale.com>
Co-authored-by: James Tucker <james@tailscale.com>
3 years ago
James Tucker 36b148c2d2
github/windows: improve cache performance (#4171)
- Remove the expanded module files, as Go can likely expand the zips
  faster than tar can expand the extra copies.
- Add the go-build cache.
- Remove the extra restore key to avoid extra cache lookups on miss.

Signed-off-by: James Tucker <james@tailscale.com>
Co-authored-by: James Tucker <james@tailscale.com>
3 years ago
Brad Fitzpatrick 69392411d9 .github/workflows: add some iOS CI coverage
Updates #3812

Change-Id: Ia779c6a2e9a0fd02418bf5479fdb76d4c80c55a4
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
3 years ago
dependabot[bot] b1b0fd119b .github: Bump actions/setup-go from 2.1.4 to 2.1.5
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2.1.4 to 2.1.5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2.1.4...v2.1.5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Josh Bleecher Snyder 1dc1c8b709 .github/workflows: upgrade to setup-go@v2
The rest of our workflows use v2.1.4.
For reasons I do not understand, we must set GOPATH here.
Maybe the GitHub Action builds come with GOPATH already set?

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
dependabot[bot] dee0833b27 .github: Bump actions/upload-artifact from 2.2.4 to 2.3.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.2.4 to 2.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2.2.4...v2.3.1)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
David Anderson 9f867ad2c5 .github/dependabot.yml: disable eager updates for Go.
Given our development cycle, we'll instead do big-bang updates
after every release, to give time for all the updates to soak in
unstable.

This does _not_ disable dependabot security-critical PRs.

Signed-off-by: David Anderson <danderson@tailscale.com>
3 years ago
dependabot[bot] 05c1be3e47 .github: Bump actions/upload-artifact from 1 to 2.2.4
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 2.2.4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v1...v2.2.4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
David Anderson e6e63c2305 .github/dependabot.yml: make dependabot send all the updates right now.
So we can mass-process updates once now, then turn it off.

Signed-off-by: David Anderson <danderson@tailscale.com>
3 years ago
David Crawshaw 46a9782322 .github/dependabot.yml: slow down the stream of unusable PRs
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
3 years ago
Maya Kaczorowski 9bb91cb977
Merge pull request #3214 from tailscale/mayakacz-patch-1
.github: feature request template change
3 years ago
Maya Kaczorowski 259163dfe1 Update feature_request.yml
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
3 years ago
Josh Bleecher Snyder 60510a6ae7 .github/workflows: check that repo is clean after build and test
Linux-only for now, to avoid having to figure out why
powershell doesn't like my shell scripting. (Not that I blame it.)
That'll be enough to catch most regressions.

Fixes #1083

Co-authored-by: Aaron Klotz <aaron@tailscale.com>
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
AdamKorcz def659d1ec Fuzzing: Add CIFuzz
Signed-off-by: AdamKorcz <adam@adalogics.com>
3 years ago
Brad Fitzpatrick c18b9d58aa tstest/archtest: add GOARCH-specific tests, run via qemu-user
Updates #3233

Change-Id: Ia224c90490d41e50a1d547eeea709b0d9171c1f9
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
3 years ago
Denton Gentry c1293b3858 .github: Add Synology as an OS
Sufficiently different from Linux to split it out separately.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Brad Fitzpatrick 7742caef0a .github/workflows: always ignore go:generate dnsfallback check
Keep the now-redundant github.ref branch check for
the future, in case we want to change the policy for main vs
release-branch again later. Save somebody the YAML debugging
time.
3 years ago
Maya Kaczorowski 7dbb1b51fe .github: change issue checkboxes to dropdown
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
3 years ago
apenwarr 5b06c50669 Bug report template: remove empty 'title' field.
Mysteriously, GitHub can't parse it if it's an empty string rather than
just missing.

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
3 years ago
Avery Pennarun 9c3ae750da Bug template: remove "[Bug]: " prefix for the common case.
Also shorten "[FR]:" to "FR:" to save precious subject line space.

I don't mind a prefix to distinguish feature requests, but the majority
of cases are bugs. Let's preserve as many chars as possible for the
specific topic when looking at subject lines in gmail.

(Now, if only it wouldn't include [tailscale/tailscale] on every
message...)

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
3 years ago
Maya Kaczorowski 3b0ee07713 .github: fix checkboxes in bug report
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
3 years ago
Maya Kaczorowski d7a2828fed .github: change templates to yml
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
3 years ago
Maya Kaczorowski 8bdb2c3adc .github: update issue templates
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
3 years ago
David Crawshaw 29fa8c17d2 .github: revert dependabot change for vm builder
In a56520c3c7 dependabot attempted to bump
the setup-go action version. It appears to work for most builders, but
not the self-hosted VM builder. Revert for now.

Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
3 years ago
dependabot[bot] a56520c3c7 .github: Bump actions/setup-go from 1 to 2.1.4
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 1 to 2.1.4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v1...v2.1.4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
David Anderson 562622a32c .github: add dependabot config to update go.mod and github actions.
Signed-off-by: David Anderson <danderson@tailscale.com>
3 years ago
Dave Anderson 478775de6a github: add code security scanning 3 years ago
Josh Bleecher Snyder 008f36986e .github/workflows: remove separate "build stringer" step
We now use "go run" instead of compiling stringer separately.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
Josh Bleecher Snyder 9faee90744 .github/workflows: skip net/dnsfallback go generate check on release branch
We don't want to force ourselves to update the DERP list
every time we want to cut a new release.
Having an outdated DERP list on release branches is OK.

Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
Brad Fitzpatrick ec2b7c7da6 all: bump minimum Go to 1.17
In prep for using 1.17 features.

Note the go.mod changes are due to:
https://golang.org/doc/go1.17#go-command

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
3 years ago
David Crawshaw 9b7fc2ed1f .github: add Ubuntu VM test
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
3 years ago
Maisem Ali ae9b3f38d6 github: set GOOS/GOARCH for `go list`
Currently we do not set the env variables for `go list ./...` resulting
in errors like
```
build constraints exclude all Go files in
/home/runner/work/tailscale/tailscale/chirp
```

Signed-off-by: Maisem Ali <maisem@tailscale.com>
3 years ago
Christine Dodrill dde8e28f00 disable vm tests on every commit to main
This experiment apparently failed.

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
Josh Bleecher Snyder 787939a60c .github/workflows: add 'go generate' CI job
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
3 years ago
Christine Dodrill b90f149f5e
Run tests on integration test changes (#2373)
Hopefully this will catch situations like
https://github.com/tailscale/tailscale/pull/2372

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
Christine Dodrill 97279a0fe0
tstest/integration/vms: add Oracle Linux image (#2328)
Oracle Linux[1] is a CentOS fork. It is not very special. I am adding it
to the integration jungle because I am adding it to pkgs and the website
directions.

[1]: https://www.oracle.com/linux/

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
Christine Dodrill 6f3a5802a6
experimental VM test: add -v
Apparently if you don't add -v the tests don't report anything useful when they break. Joy.

Signed-Off-By: Christine Dodrill <xe@tailscale.com>
3 years ago
Christine Dodrill 2adbfc920d
integration vm tests: run on every commit to main (#2159)
This is an experiment to see how often this test would fail if we run it
on every commit. This depends on #2145 to fix a flaky part of the test.

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
Christine Dodrill b131a74f99
tstest/integration/vms: build and run NixOS (#2190)
Okay, so, at a high level testing NixOS is a lot different than
other distros due to NixOS' determinism. Normally NixOS wants packages to
be defined in either an overlay, a custom packageOverrides or even
yolo-inline as a part of the system configuration. This is going to have
us take a different approach compared to other distributions. The overall
plan here is as following:

1. make the binaries as normal
2. template in their paths as raw strings to the nixos system module
3. run `nixos-generators -f qcow -o $CACHE_DIR/tailscale/nixos/version -c generated-config.nix`
4. pass that to the steps that make the virtual machine

It doesn't really make sense for us to use a premade virtual machine image
for this as that will make it harder to deterministically create the image.

Nix commands generate a lot of output, so their output is hidden behind the
`-verbose-nix-output` flag.

This unfortunately makes this test suite have a hard dependency on
Nix/NixOS, however the test suite has only ever been run on NixOS (and I
am not sure if it runs on other distros at all), so this probably isn't too
big of an issue.

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
Christine Dodrill b402e76185
.github/workflows: add integration test with a custom runner (#2044)
This runner is in my homelab while we muse about a better, more
permanent home for these tests.

Updates #1988

Signed-off-by: Christine Dodrill <xe@tailscale.com>
3 years ago
David Anderson a3b15bdf7e .github: remove verbose issue templates, add triage label.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Josh Bleecher Snyder be56aa4962 workflows: execute benchmarks
#1817 removed the only place in our CI where we executed our benchmark code.
Fix that by executing it everywhere.

The benchmarks are generally cheap and fast, 
so this should add minimal overhead.

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
4 years ago
Josh Bleecher Snyder ac75958d2e workflows: run staticcheck on more platforms
To prevent issues like #1786, run staticcheck on the primary GOOSes:
linux, mac, and windows.

Windows also has a fair amount of GOARCH-specific code.
If we ever have GOARCH staticcheck failures on other GOOSes,
we can expand the test matrix further.

This requires installing the staticcheck binary so that
we can execute it with different GOOSes.

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
4 years ago
Denton Gentry b9f8dc7867 workflows: remove coverage
This workflow has been disabled for some time.
It can come back later, when appropriate.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
4 years ago