Skip to content

Commit

Permalink
prepare 7.2.2 release (launchdarkly#231)
Browse files Browse the repository at this point in the history
* Migrate Relay release to Releaser v2 and support dry run (launchdarkly#278)

* Adding degraded doc blurb for big segments (launchdarkly#280)

* respect Redis password & TLS options for big segments; add Redis password integration tests

* redact Redis URL password in logs and status resource

* update go-server-sdk-redis-redigo to 1.2.1 for Redis URL logging fix

* Part 1, add the config and the documentation for the new config

* Part 2, Add the configuration validation and test

* Part 3, the actual logic to include the headers in the CORS Access-Control-Allow-Headers

* Linter

* update Alpine version to 3.14.2 to fix openssl CVEs

* Fix the global variable modification

* Go format

* turn off unnecessary metrics integrations in config for Docker smoke test

* rename test.env to smoke-test.env to clarify what it's for

* fix setting of custom Access-Control-Allow-Origin and add test (launchdarkly#285)

* add more explanatory test output and more verbose debugging for big segments integration tests (launchdarkly#287)

* update to Go 1.16.10 + Alpine 3.14.3; add some docs about releases (launchdarkly#288)

* update go-server-sdk-consul version for Consul API version update

* override x/crypto dependency version for CVE-2020-29652

* bump Prometheus dependency to eliminate jwt-go vulnerability

* drop support for Go 1.14 & 1.15

* make sure defaults are always applied for base URL properties

* rm unused

* rm unnecessary linter directive

* add separate configuration for server-side/client-side SDK base URLs & update the defaults

* remove Whitesource CI job + remove obsolete dependency issue note

* don't include any big segment status info in status resource unless that feature is active (launchdarkly#296)

* don't include any big segment status info in status resource unless that feature is active

* fix Big Segments staleness logic in status resource

* documentation

* update x/text package for vulnerability GO-2021-0113

* add Trivy security scan to CI (launchdarkly#297)

* add daily re-scan with Trivy

* use long timeout when awaiting changes related to file mod watching

* update Go version to 1.17.6 (launchdarkly#301)

* always terminate if auto-config stream fails with a fatal error

* pass along tags header when proxying events

* comments, rm debugging

* fix auth header logic

* fix auth header logic some more

* comments

* add tags header to CORS header whitelist (launchdarkly#304)

* update to Alpine 3.14.4 for CVE-2022-0778 fix

* minimal changes for using prerelease Go SDK v6 (launchdarkly#306)

* revise "summarizing" event proxy logic to use new event processor

* comments

* force upgrade of openssl in Alpine

* also upgrade libretls

* fix it in both files

* update to Alpine 3.14.5 for CVE-2022-0778/CVE-2018-25032 (launchdarkly#308)

* update to Alpine 3.14.5 for CVE-2022-0778

* revert patches that are now included in Alpine 3.14.5

* add scripts for checking and updating Go/Alpine versions (launchdarkly#309)

* update to Alpine 3.14.5 for CVE-2022-0778

* add scripts for checking and updating Go/Alpine versions

* also make sure the Docker images really exist

* update CONTRIBUTING.md

* fix file rename

* revert patches that are now included in Alpine 3.14.5

* add support & tests for handling any kind of context in eval endpoints

* move some constants and test code out of internal/core/internal/...

* use a clearer import alias

* refactoring

* move packages from core/ and core/internal/ to internal/

* fix linting

* update Alpine to 3.14.6 for CVE-2022-28391

* merge RelayCore logic into Relay and remove the core package (launchdarkly#315)

* merge RelayCore logic into Relay and remove the core package

* don't export these fields

* fix tests

* comment

* update SDK packages (includes sc-136333 fix)

* don't include "v" prefix in Docker image version

* update go-server-sdk-dynamodb for data size error fix & add docs (launchdarkly#316)

* update builds to use Go 1.17.9 and fix the update script

* update go-server-sdk-consul to latest release

* update remote Docker version

* update golang.org/x/crypto for CVE-2022-27191 (launchdarkly#321)

* update golang.org/x/crypto for CVE-2022-27191

* fix go.sum

* update eventsource for SSE output efficiency fix (launchdarkly#322)

* Cache the replay event in case we get multiple new client connections (launchdarkly#189)

* Cache the replay event in case we get multiple new client connections

* Use singleflight to ensure only one replay event is generated at a time

Co-authored-by: Moshe Good <[email protected]>

* don't install curl in Docker images

* fix makefile logic for lint step

* remove indirect curl-based request logic in integration tests

* fix linter installation

* update Go to 1.17.11, Alpine to 3.16.0

* improve concurrency test to verify that the data is or isn't from a separate query

* fix lint warnings and remove unnecessary error return

* use latest prerelease packages, update for misc SDK API changes (interfaces package)

* update libssl & libcrypto versions for CVE-2022-2097

* add security scan of already-published Docker image (launchdarkly#328)

* update Alpine version and some Go libraries to address CVEs (launchdarkly#329)

* use Alpine 3.16.1

* update golang.org/x/net and golang.org/x/sync patch versions for CVEs

* update golang.org/x/sys patch version for CVE

* update Prometheus client library for CVE-2022-21698

* ensure that DynamoDB config is consistent between Big Segments and regular data store

* comment

* update Alpine to 3.16.2

* update golangci-lint and go-junit-report

* fix CI

* prevent traversal of directories outside target path when expanding archive

* enforce TLS >= 1.2 for secure Redis

* misc linter updates

* fix test message

* add Go 1.18 & 1.19 jobs

* make test expectation less Go-version-dependent

* linting

* revert unnecessary change

* fix installation of test coverage tool

* add "context" URL paths for evaluations, update endpoint docs

* fix tests

* bump minimum Go to 1.18, build images in 1.19

* linter + misc fixes

* "latest" Go image is no longer a thing

* fix TLS test

* fix command to run coverage enforcer

* fix vulnerable dependencies

* migrate to AWS Go SDK v2 for DynamoDB (launchdarkly#333)

* remove obsolete "eval" endpoints superseded by "evalx" (launchdarkly#338)

* remove obsolete "eval" endpoints superseded by "evalx"

* fix tests & examples

* fix more tests

* update AWS SDK and related packages on u2c branch (launchdarkly#341)

* update to Go 1.19.2

* update golang.org/x/net for CVE-2022-27664

* update golang.org/x/text for CVE-2022-32149

* update Consul API dependency to avoid false report of CVE-2022-40716

* switch to fork of Stackdriver metrics client to remove AWS transitive dependency (launchdarkly#343)

* use latest Go SDK prerelease packages, update for API changes

* lint

* streamline test code using go-test-helpers v3

* remove some more unnecessary helpers

* fix test app

* use latest SDK packages

* use Go SDK v6.0.0 and latest releases of database integrations

* update to Go 1.19.4 and Alpine 3.16.3

* override golang.org/x/net for CVE-2022-41717 (even though the fix is also bundled in Go 1.19.4)

* update to Go 1.19.4 and Alpine 3.16.3

* override golang.org/x/net for CVE-2022-41717 only when building executables for release

* prepare 6.7.15 release (launchdarkly#212)

* don't return 503 if SDK initialization has timed out

* add in-repo docs about error/503 behavior (launchdarkly#249)

* [ch102255] BigSegments DynamoDB (launchdarkly#245)

* add init timeout config option + better test coverage + misc refactoring (launchdarkly#250)

* fix example build command

* use public prerelease tags instead of private dependencies

* fix Go installation in CI

* update SDK dependencies for JSON number parsing bugfix

* update gorilla/mux to 1.8.0

* update OpenCensus packages

* add Go 1.16 CI + "latest Go" CI + use latest 1.15 patch for release

* cimg images use "current", not "latest"

* seems there isn't any cimg/go "latest" or "current"

* add daily package build test in CI

* job names

* bump SDK version for traffic allocation feature

* [ch113491] update alpine base image (launchdarkly#258)

* use latest prerelease SDK

* fix enabling of test tags in CI

* add DynamoDB docker image in CI

* set a polling base URI in end-to-end tests since big segments logic will use it

* fix initialization logic so SDK client creation errors aren't lost when big segments are enabled

* fix use of prefix key in DynamoDB + improve tests (launchdarkly#260)

* more debug logging, less info logging for big segments logic

* make logging of big segments patch version mismatch clearer and use Warn level

* fix log parameter

* fix DynamoDB updates for big segments metadata

* add test to make sure sync time and cursor can be updated independently

* only start big seg synchronizer if necessary

* use SDK GA releases

* change applyPatch to exit early on version mismatch; go back to restarting stream in this case

* add unit tests for version mismatch behavior + DRY tests

* add log assertion

* fix retry logic on big segments stream failure

* add more logging for big segments connection status

* fix logging assertion

* add more big segments integration tests

* fix overly-time-sensitive file data tests

* fix more flaky tests

* run big segments tests with DynamoDB too

* Migrate transitive dep (jwt-go) to use modern version without vulnerability.

* Edit doc

* move Relay release logic to .ldrelease script

* suppress SDK big segments status query if we've never synced big segments

* dump Relay logs including debug logs if integration test fails

* include environment prefix in BigSegmentSynchronizer logging

* increase big segment integration test timeout (launchdarkly#274)

* generate client-side stream pings if big segments have changed

* clear big segments cache as needed + simplify state management

* fix tests and simplify component creation

* use GA releases of SDK packages

* disable CI package-build-test in Go 1.16+

* Migrate Relay release to Releaser v2 and support dry run (launchdarkly#278)

* Adding degraded doc blurb for big segments (launchdarkly#280)

* respect Redis password & TLS options for big segments; add Redis password integration tests

* redact Redis URL password in logs and status resource

* update go-server-sdk-redis-redigo to 1.2.1 for Redis URL logging fix

* Part 1, add the config and the documentation for the new config

* Part 2, Add the configuration validation and test

* Part 3, the actual logic to include the headers in the CORS Access-Control-Allow-Headers

* Linter

* update Alpine version to 3.14.2 to fix openssl CVEs

* Fix the global variable modification

* Go format

* turn off unnecessary metrics integrations in config for Docker smoke test

* rename test.env to smoke-test.env to clarify what it's for

* fix setting of custom Access-Control-Allow-Origin and add test (launchdarkly#285)

* add more explanatory test output and more verbose debugging for big segments integration tests (launchdarkly#287)

* update to Go 1.16.10 + Alpine 3.14.3; add some docs about releases (launchdarkly#288)

* update go-server-sdk-consul version for Consul API version update

* override x/crypto dependency version for CVE-2020-29652

* bump Prometheus dependency to eliminate jwt-go vulnerability

* drop support for Go 1.14 & 1.15

* make sure defaults are always applied for base URL properties

* rm unused

* rm unnecessary linter directive

* add separate configuration for server-side/client-side SDK base URLs & update the defaults

* remove Whitesource CI job + remove obsolete dependency issue note

* don't include any big segment status info in status resource unless that feature is active (launchdarkly#296)

* don't include any big segment status info in status resource unless that feature is active

* fix Big Segments staleness logic in status resource

* documentation

* update x/text package for vulnerability GO-2021-0113

* add Trivy security scan to CI (launchdarkly#297)

* add daily re-scan with Trivy

* use long timeout when awaiting changes related to file mod watching

* update Go version to 1.17.6 (launchdarkly#301)

* always terminate if auto-config stream fails with a fatal error

* pass along tags header when proxying events

* comments, rm debugging

* fix auth header logic

* fix auth header logic some more

* comments

* add tags header to CORS header whitelist (launchdarkly#304)

* update to Alpine 3.14.4 for CVE-2022-0778 fix

* force upgrade of openssl in Alpine

* also upgrade libretls

* fix it in both files

* update to Alpine 3.14.5 for CVE-2022-0778/CVE-2018-25032 (launchdarkly#308)

* update to Alpine 3.14.5 for CVE-2022-0778

* revert patches that are now included in Alpine 3.14.5

* add scripts for checking and updating Go/Alpine versions (launchdarkly#309)

* update to Alpine 3.14.5 for CVE-2022-0778

* add scripts for checking and updating Go/Alpine versions

* also make sure the Docker images really exist

* update CONTRIBUTING.md

* fix file rename

* revert patches that are now included in Alpine 3.14.5

* update Alpine to 3.14.6 for CVE-2022-28391

* update SDK packages (includes sc-136333 fix)

* don't include "v" prefix in Docker image version

* update go-server-sdk-dynamodb for data size error fix & add docs (launchdarkly#316)

* update builds to use Go 1.17.9 and fix the update script

* update go-server-sdk-consul to latest release

* update remote Docker version

* update golang.org/x/crypto for CVE-2022-27191 (launchdarkly#321)

* update golang.org/x/crypto for CVE-2022-27191

* fix go.sum

* update eventsource for SSE output efficiency fix (launchdarkly#322)

* Cache the replay event in case we get multiple new client connections (launchdarkly#189)

* Cache the replay event in case we get multiple new client connections

* Use singleflight to ensure only one replay event is generated at a time

Co-authored-by: Moshe Good <[email protected]>

* don't install curl in Docker images

* fix makefile logic for lint step

* remove indirect curl-based request logic in integration tests

* fix linter installation

* update Go to 1.17.11, Alpine to 3.16.0

* improve concurrency test to verify that the data is or isn't from a separate query

* fix lint warnings and remove unnecessary error return

* update libssl & libcrypto versions for CVE-2022-2097

* add security scan of already-published Docker image (launchdarkly#328)

* update Alpine version and some Go libraries to address CVEs (launchdarkly#329)

* use Alpine 3.16.1

* update golang.org/x/net and golang.org/x/sync patch versions for CVEs

* update golang.org/x/sys patch version for CVE

* update Prometheus client library for CVE-2022-21698

* ensure that DynamoDB config is consistent between Big Segments and regular data store

* comment

* update Alpine to 3.16.2

* update golangci-lint and go-junit-report

* fix CI

* prevent traversal of directories outside target path when expanding archive

* enforce TLS >= 1.2 for secure Redis

* misc linter updates

* fix test message

* add Go 1.18 & 1.19 jobs

* make test expectation less Go-version-dependent

* linting

* revert unnecessary change

* fix installation of test coverage tool

* migrate to AWS Go SDK v2 for DynamoDB (launchdarkly#333)

* update to Go 1.19.2

* update golang.org/x/net for CVE-2022-27664

* update golang.org/x/text for CVE-2022-32149

* update Consul API dependency to avoid false report of CVE-2022-40716

* switch to fork of Stackdriver metrics client to remove AWS transitive dependency (launchdarkly#343)

* update to Go 1.19.4 and Alpine 3.16.3

* override golang.org/x/net for CVE-2022-41717 only when building executables for release

Co-authored-by: Eli Bishop <[email protected]>
Co-authored-by: LaunchDarklyCI <[email protected]>
Co-authored-by: hroederld <[email protected]>
Co-authored-by: LaunchDarklyReleaseBot <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Moshe Good <[email protected]>
Co-authored-by: Moshe Good <[email protected]>

* Releasing version 6.7.15

* redo the security patch by updating go.mod for all builds; drop Go 1.16

* prepare 6.7.16 release (launchdarkly#214)

* [ch102255] BigSegments DynamoDB (launchdarkly#245)

* add init timeout config option + better test coverage + misc refactoring (launchdarkly#250)

* fix example build command

* use public prerelease tags instead of private dependencies

* fix Go installation in CI

* update SDK dependencies for JSON number parsing bugfix

* update gorilla/mux to 1.8.0

* update OpenCensus packages

* add Go 1.16 CI + "latest Go" CI + use latest 1.15 patch for release

* cimg images use "current", not "latest"

* seems there isn't any cimg/go "latest" or "current"

* add daily package build test in CI

* job names

* bump SDK version for traffic allocation feature

* [ch113491] update alpine base image (launchdarkly#258)

* use latest prerelease SDK

* fix enabling of test tags in CI

* add DynamoDB docker image in CI

* set a polling base URI in end-to-end tests since big segments logic will use it

* fix initialization logic so SDK client creation errors aren't lost when big segments are enabled

* fix use of prefix key in DynamoDB + improve tests (launchdarkly#260)

* more debug logging, less info logging for big segments logic

* make logging of big segments patch version mismatch clearer and use Warn level

* fix log parameter

* fix DynamoDB updates for big segments metadata

* add test to make sure sync time and cursor can be updated independently

* only start big seg synchronizer if necessary

* use SDK GA releases

* change applyPatch to exit early on version mismatch; go back to restarting stream in this case

* add unit tests for version mismatch behavior + DRY tests

* add log assertion

* fix retry logic on big segments stream failure

* add more logging for big segments connection status

* fix logging assertion

* add more big segments integration tests

* fix overly-time-sensitive file data tests

* fix more flaky tests

* run big segments tests with DynamoDB too

* Migrate transitive dep (jwt-go) to use modern version without vulnerability.

* Edit doc

* move Relay release logic to .ldrelease script

* suppress SDK big segments status query if we've never synced big segments

* dump Relay logs including debug logs if integration test fails

* include environment prefix in BigSegmentSynchronizer logging

* increase big segment integration test timeout (launchdarkly#274)

* generate client-side stream pings if big segments have changed

* clear big segments cache as needed + simplify state management

* fix tests and simplify component creation

* use GA releases of SDK packages

* disable CI package-build-test in Go 1.16+

* Migrate Relay release to Releaser v2 and support dry run (launchdarkly#278)

* Adding degraded doc blurb for big segments (launchdarkly#280)

* respect Redis password & TLS options for big segments; add Redis password integration tests

* redact Redis URL password in logs and status resource

* update go-server-sdk-redis-redigo to 1.2.1 for Redis URL logging fix

* Part 1, add the config and the documentation for the new config

* Part 2, Add the configuration validation and test

* Part 3, the actual logic to include the headers in the CORS Access-Control-Allow-Headers

* Linter

* update Alpine version to 3.14.2 to fix openssl CVEs

* Fix the global variable modification

* Go format

* turn off unnecessary metrics integrations in config for Docker smoke test

* rename test.env to smoke-test.env to clarify what it's for

* fix setting of custom Access-Control-Allow-Origin and add test (launchdarkly#285)

* add more explanatory test output and more verbose debugging for big segments integration tests (launchdarkly#287)

* update to Go 1.16.10 + Alpine 3.14.3; add some docs about releases (launchdarkly#288)

* update go-server-sdk-consul version for Consul API version update

* override x/crypto dependency version for CVE-2020-29652

* bump Prometheus dependency to eliminate jwt-go vulnerability

* drop support for Go 1.14 & 1.15

* make sure defaults are always applied for base URL properties

* rm unused

* rm unnecessary linter directive

* add separate configuration for server-side/client-side SDK base URLs & update the defaults

* remove Whitesource CI job + remove obsolete dependency issue note

* don't include any big segment status info in status resource unless that feature is active (launchdarkly#296)

* don't include any big segment status info in status resource unless that feature is active

* fix Big Segments staleness logic in status resource

* documentation

* update x/text package for vulnerability GO-2021-0113

* add Trivy security scan to CI (launchdarkly#297)

* add daily re-scan with Trivy

* use long timeout when awaiting changes related to file mod watching

* update Go version to 1.17.6 (launchdarkly#301)

* always terminate if auto-config stream fails with a fatal error

* pass along tags header when proxying events

* comments, rm debugging

* fix auth header logic

* fix auth header logic some more

* comments

* add tags header to CORS header whitelist (launchdarkly#304)

* update to Alpine 3.14.4 for CVE-2022-0778 fix

* force upgrade of openssl in Alpine

* also upgrade libretls

* fix it in both files

* update to Alpine 3.14.5 for CVE-2022-0778/CVE-2018-25032 (launchdarkly#308)

* update to Alpine 3.14.5 for CVE-2022-0778

* revert patches that are now included in Alpine 3.14.5

* add scripts for checking and updating Go/Alpine versions (launchdarkly#309)

* update to Alpine 3.14.5 for CVE-2022-0778

* add scripts for checking and updating Go/Alpine versions

* also make sure the Docker images really exist

* update CONTRIBUTING.md

* fix file rename

* revert patches that are now included in Alpine 3.14.5

* update Alpine to 3.14.6 for CVE-2022-28391

* update SDK packages (includes sc-136333 fix)

* don't include "v" prefix in Docker image version

* update go-server-sdk-dynamodb for data size error fix & add docs (launchdarkly#316)

* update builds to use Go 1.17.9 and fix the update script

* update go-server-sdk-consul to latest release

* update remote Docker version

* update golang.org/x/crypto for CVE-2022-27191 (launchdarkly#321)

* update golang.org/x/crypto for CVE-2022-27191

* fix go.sum

* update eventsource for SSE output efficiency fix (launchdarkly#322)

* Cache the replay event in case we get multiple new client connections (launchdarkly#189)

* Cache the replay event in case we get multiple new client connections

* Use singleflight to ensure only one replay event is generated at a time

Co-authored-by: Moshe Good <[email protected]>

* don't install curl in Docker images

* fix makefile logic for lint step

* remove indirect curl-based request logic in integration tests

* fix linter installation

* update Go to 1.17.11, Alpine to 3.16.0

* improve concurrency test to verify that the data is or isn't from a separate query

* fix lint warnings and remove unnecessary error return

* update libssl & libcrypto versions for CVE-2022-2097

* add security scan of already-published Docker image (launchdarkly#328)

* update Alpine version and some Go libraries to address CVEs (launchdarkly#329)

* use Alpine 3.16.1

* update golang.org/x/net and golang.org/x/sync patch versions for CVEs

* update golang.org/x/sys patch version for CVE

* update Prometheus client library for CVE-2022-21698

* ensure that DynamoDB config is consistent between Big Segments and regular data store

* comment

* update Alpine to 3.16.2

* update golangci-lint and go-junit-report

* fix CI

* prevent traversal of directories outside target path when expanding archive

* enforce TLS >= 1.2 for secure Redis

* misc linter updates

* fix test message

* add Go 1.18 & 1.19 jobs

* make test expectation less Go-version-dependent

* linting

* revert unnecessary change

* fix installation of test coverage tool

* migrate to AWS Go SDK v2 for DynamoDB (launchdarkly#333)

* update to Go 1.19.2

* update golang.org/x/net for CVE-2022-27664

* update golang.org/x/text for CVE-2022-32149

* update Consul API dependency to avoid false report of CVE-2022-40716

* switch to fork of Stackdriver metrics client to remove AWS transitive dependency (launchdarkly#343)

* update to Go 1.19.4 and Alpine 3.16.3

* override golang.org/x/net for CVE-2022-41717 only when building executables for release

* redo the security patch by updating go.mod for all builds; drop Go 1.16

Co-authored-by: LaunchDarklyCI <[email protected]>
Co-authored-by: hroederld <[email protected]>
Co-authored-by: Eli Bishop <[email protected]>
Co-authored-by: LaunchDarklyReleaseBot <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Moshe Good <[email protected]>
Co-authored-by: Moshe Good <[email protected]>

* Releasing version 6.7.16

* update Redis/DDB integrations to remove misleading error logging

* prepare 6.7.17 release (launchdarkly#215)

* fix example build command

* use public prerelease tags instead of private dependencies

* fix Go installation in CI

* update SDK dependencies for JSON number parsing bugfix

* update gorilla/mux to 1.8.0

* update OpenCensus packages

* add Go 1.16 CI + "latest Go" CI + use latest 1.15 patch for release

* cimg images use "current", not "latest"

* seems there isn't any cimg/go "latest" or "current"

* add daily package build test in CI

* job names

* bump SDK version for traffic allocation feature

* [ch113491] update alpine base image (launchdarkly#258)

* use latest prerelease SDK

* fix enabling of test tags in CI

* add DynamoDB docker image in CI

* set a polling base URI in end-to-end tests since big segments logic will use it

* fix initialization logic so SDK client creation errors aren't lost when big segments are enabled

* fix use of prefix key in DynamoDB + improve tests (launchdarkly#260)

* more debug logging, less info logging for big segments logic

* make logging of big segments patch version mismatch clearer and use Warn level

* fix log parameter

* fix DynamoDB updates for big segments metadata

* add test to make sure sync time and cursor can be updated independently

* only start big seg synchronizer if necessary

* use SDK GA releases

* change applyPatch to exit early on version mismatch; go back to restarting stream in this case

* add unit tests for version mismatch behavior + DRY tests

* add log assertion

* fix retry logic on big segments stream failure

* add more logging for big segments connection status

* fix logging assertion

* add more big segments integration tests

* fix overly-time-sensitive file data tests

* fix more flaky tests

* run big segments tests with DynamoDB too

* Migrate transitive dep (jwt-go) to use modern version without vulnerability.

* Edit doc

* move Relay release logic to .ldrelease script

* suppress SDK big segments status query if we've never synced big segments

* dump Relay logs including debug logs if integration test fails

* include environment prefix in BigSegmentSynchronizer logging

* increase big segment integration test timeout (launchdarkly#274)

* generate client-side stream pings if big segments have changed

* clear big segments cache as needed + simplify state management

* fix tests and simplify component creation

* use GA releases of SDK packages

* disable CI package-build-test in Go 1.16+

* Migrate Relay release to Releaser v2 and support dry run (launchdarkly#278)

* Adding degraded doc blurb for big segments (launchdarkly#280)

* respect Redis password & TLS options for big segments; add Redis password integration tests

* redact Redis URL password in logs and status resource

* update go-server-sdk-redis-redigo to 1.2.1 for Redis URL logging fix

* Part 1, add the config and the documentation for the new config

* Part 2, Add the configuration validation and test

* Part 3, the actual logic to include the headers in the CORS Access-Control-Allow-Headers

* Linter

* update Alpine version to 3.14.2 to fix openssl CVEs

* Fix the global variable modification

* Go format

* turn off unnecessary metrics integrations in config for Docker smoke test

* rename test.env to smoke-test.env to clarify what it's for

* fix setting of custom Access-Control-Allow-Origin and add test (launchdarkly#285)

* add more explanatory test output and more verbose debugging for big segments integration tests (launchdarkly#287)

* update to Go 1.16.10 + Alpine 3.14.3; add some docs about releases (launchdarkly#288)

* update go-server-sdk-consul version for Consul API version update

* override x/crypto dependency version for CVE-2020-29652

* bump Prometheus dependency to eliminate jwt-go vulnerability

* drop support for Go 1.14 & 1.15

* make sure defaults are always applied for base URL properties

* rm unused

* rm unnecessary linter directive

* add separate configuration for server-side/client-side SDK base URLs & update the defaults

* remove Whitesource CI job + remove obsolete dependency issue note

* don't include any big segment status info in status resource unless that feature is active (launchdarkly#296)

* don't include any big segment status info in status resource unless that feature is active

* fix Big Segments staleness logic in status resource

* documentation

* update x/text package for vulnerability GO-2021-0113

* add Trivy security scan to CI (launchdarkly#297)

* add daily re-scan with Trivy

* use long timeout when awaiting changes related to file mod watching

* update Go version to 1.17.6 (launchdarkly#301)

* always terminate if auto-config stream fails with a fatal error

* pass along tags header when proxying events

* comments, rm debugging

* fix auth header logic

* fix auth header logic some more

* comments

* add tags header to CORS header whitelist (launchdarkly#304)

* update to Alpine 3.14.4 for CVE-2022-0778 fix

* force upgrade of openssl in Alpine

* also upgrade libretls

* fix it in both files

* update to Alpine 3.14.5 for CVE-2022-0778/CVE-2018-25032 (launchdarkly#308)

* update to Alpine 3.14.5 for CVE-2022-0778

* revert patches that are now included in Alpine 3.14.5

* add scripts for checking and updating Go/Alpine versions (launchdarkly#309)

* update to Alpine 3.14.5 for CVE-2022-0778

* add scripts for checking and updating Go/Alpine versions

* also make sure the Docker images really exist

* update CONTRIBUTING.md

* fix file rename

* revert patches that are now included in Alpine 3.14.5

* update Alpine to 3.14.6 for CVE-2022-28391

* update SDK packages (includes sc-136333 fix)

* don't include "v" prefix in Docker image version

* update go-server-sdk-dynamodb for data size error fix & add docs (launchdarkly#316)

* update builds to use Go 1.17.9 and fix the update script

* update go-server-sdk-consul to latest release

* update remote Docker version

* update golang.org/x/crypto for CVE-2022-27191 (launchdarkly#321)

* update golang.org/x/crypto for CVE-2022-27191

* fix go.sum

* update eventsource for SSE output efficiency fix (launchdarkly#322)

* Cache the replay event in case we get multiple new client connections (launchdarkly#189)

* Cache the replay event in case we get multiple new client connections

* Use singleflight to ensure only one replay event is generated at a time

Co-authored-by: Moshe Good <[email protected]>

* don't install curl in Docker images

* fix makefile logic for lint step

* remove indirect curl-based request logic in integration tests

* fix linter installation

* update Go to 1.17.11, Alpine to 3.16.0

* improve concurrency test to verify that the data is or isn't from a separate query

* fix lint warnings and remove unnecessary error return

* update libssl & libcrypto versions for CVE-2022-2097

* add security scan of already-published Docker image (launchdarkly#328)

* update Alpine version and some Go libraries to address CVEs (launchdarkly#329)

* use Alpine 3.16.1

* update golang.org/x/net and golang.org/x/sync patch versions for CVEs

* update golang.org/x/sys patch version for CVE

* update Prometheus client library for CVE-2022-21698

* ensure that DynamoDB config is consistent between Big Segments and regular data store

* comment

* update Alpine to 3.16.2

* update golangci-lint and go-junit-report

* fix CI

* prevent traversal of directories outside target path when expanding archive

* enforce TLS >= 1.2 for secure Redis

* misc linter updates

* fix test message

* add Go 1.18 & 1.19 jobs

* make test expectation less Go-version-dependent

* linting

* revert unnecessary change

* fix installation of test coverage tool

* migrate to AWS Go SDK v2 for DynamoDB (launchdarkly#333)

* update to Go 1.19.2

* update golang.org/x/net for CVE-2022-27664

* update golang.org/x/text for CVE-2022-32149

* update Consul API dependency to avoid false report of CVE-2022-40716

* switch to fork of Stackdriver metrics client to remove AWS transitive dependency (launchdarkly#343)

* update to Go 1.19.4 and Alpine 3.16.3

* override golang.org/x/net for CVE-2022-41717 only when building executables for release

* redo the security patch by updating go.mod for all builds; drop Go 1.16

* update Redis/DDB integrations to remove misleading error logging

Co-authored-by: Eli Bishop <[email protected]>
Co-authored-by: LaunchDarklyCI <[email protected]>
Co-authored-by: hroederld <[email protected]>
Co-authored-by: LaunchDarklyReleaseBot <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Moshe Good <[email protected]>
Co-authored-by: Moshe Good <[email protected]>

* Releasing version 6.7.17

* chore: update markdown tables to include borders (launchdarkly#351)

* update markdown tables to include borders
* fix a couple of broken links in docs

* fix: update Go module path to github.com/launchdarkly/ld-relay/v7 (launchdarkly#353)

* feat: allow specifying redis username (launchdarkly#359)

* feat: allow specifying redis username via config or environment variable

* Update docs to include new username parameter

* chore: upgrade goreleaser to 1.15.2 (launchdarkly#361)

* chore: upgrade goreleaser to 1.15.2 and use conventional release artifact filenames

* chore: fix typo in metrics.md (launchdarkly#221)

* chore: bump golnag.org/x/net to v0.7.0 to address CVE-2022-41723 (launchdarkly#363)

* chore: drop go 1.18 tests; add go 1.20 [v7] (launchdarkly#366)

* chore: drop go1.18 support; add go 1.20

This commit also plumbs the existing 'go-release-version' parameter (which represents the version of Go
we're using to build release artifacts) into the CircleCI config in a couple more places, so it cannot go out of sync
accidentally.

Additionally a new 'go-previous-version' param represents the previously supported Go version (by the Go team), and
has been plumbed into CircleCI job config for the same reason.

Finally, the scheduled security-scan/packaging jobs have been updated to the v7 branch. They shouldn't be v6, as the v6 branch
already does those jobs.

* chore: update golanglint-ci to 1.51.2

* chore: create Github Action to notify new Go versions (launchdarkly#368)

Adds a daily check against official supported Go versions. If Relay is out-of-date, submits a new issue with the details.

* chore: bump supported Go versions to 1.20.2 & 1.19.7 [v7] (launchdarkly#373)

go1.20.2 (released 2023-03-07) includes a security fix to the crypto/elliptic package, as well as bug fixes to the compiler, the covdata command, the linker, the runtime, and the crypto/ecdh, crypto/rsa, crypto/x509, os, and syscall packages.

go1.19.7 (released 2023-03-07) includes a security fix to the crypto/elliptic package, as well as bug fixes to the linker, the runtime, and the crypto/x509 and syscall packages.


* Update version checker to run at 9am PST, rather than 4pm PST

* chore: update workflow_dispatch type to bool (launchdarkly#376)

When you manually trigger the Go version checker workflow (workflow_dispatch),
the 'force_create_issue' is a string ("false") instead of a bool. Update to type bool.

* chore: fix workflow_dispatch type to boolean (launchdarkly#377)

* fix: broken link in configuration.md for Proxy Mode (launchdarkly#378)

* chore: create Dependabot configuration for v6 & v7 branches (launchdarkly#379)

* chore: create .github/dependabot.yml

Scheduled weekly, on sunday.

* chore: merge v6 into v7 to pull in REST client update; flaky tests fix (launchdarkly#383)

* chore: update dependencies (launchdarkly#409)

* chore: remove dependabot (launchdarkly#419)

* chore: add tools.go to track goreleaser version (launchdarkly#422)

* chore: add tools.go to track goreleaser version

---------

Co-authored-by: Eli Bishop <[email protected]>
Co-authored-by: LaunchDarklyReleaseBot <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Ben Woskow <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Louis Chan <[email protected]>
Co-authored-by: Moshe Good <[email protected]>
Co-authored-by: Moshe Good <[email protected]>
Co-authored-by: LaunchDarklyCI <[email protected]>
Co-authored-by: hroederld <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Dan Richelson <[email protected]>
Co-authored-by: Casey Waldren <[email protected]>
Co-authored-by: Phil Z <[email protected]>
  • Loading branch information
15 people authored Apr 4, 2023
1 parent cca0d57 commit f581fdd
Show file tree
Hide file tree
Showing 27 changed files with 4,070 additions and 193 deletions.
5 changes: 2 additions & 3 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ parameters:
# override it in any parameterized builds, but just as a convenient shareable constant.
go-release-version:
type: string
default: "1.20.1"
default: "1.20.2"

# In addition to the most recent version of Go, we also support the previous version.
go-previous-version:
type: string
default: "1.19.6"
default: "1.19.7"

# We use a remote Docker host in some CI jobs that need to run Docker containers.
# As of 2022-04-15, the default Docker daemon version was 17.09.0-ce, which started
Expand Down Expand Up @@ -357,4 +357,3 @@ jobs:
# after the time of the release). This is important because, if our build installs the
# latest versions of things at the time that the build happens, a fresh build might be
# getting patches that the released version did not have.

23 changes: 23 additions & 0 deletions .github/ISSUE_TEMPLATE/update_go_versions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
title: It's time to update supported Go versions
assignees: ''
labels: ''
---
It's time to update Relay's supported Go versions, due to a recent upstream Go release.

The Go major release cadence is ~every 6 months; the two most recent major versions are supported.
Note that between major releases, the Go team often ships multiple minor versions.

| | Current repo configuration | Desired repo configuration |
|-------------|------------------------------------|----------------------------------------|
| Latest | {{ env.RELAY_LATEST_VERSION}} | {{ env.OFFICIAL_LATEST_VERSION }} |
| Penultimate | {{ env.RELAY_PENULTIMATE_VERSION}} | {{ env.OFFICIAL_PENULTIMATE_VERSION }} |



Run locally:
```bash
./scripts/update-go-release-version.sh {{ env.OFFICIAL_LATEST_VERSION }}
```

Then modify `.circle/config.yml`'s `go-previous-version` variable to `{{ env.OFFICIAL_PENULTIMATE_VERSION}}`.
62 changes: 62 additions & 0 deletions .github/workflows/check-go-versions.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: Check Supported Go Versions
on:
schedule:
- cron: "0 17 * * *"
workflow_dispatch:
inputs:
force_create_issue:
type: boolean
description: 'Create issue even if versions are up-to-date'
required: false
default: false
jobs:
check-go-eol:
if: github.repository == 'launchdarkly/ld-relay-private'
permissions:
issues: write
contents: read
runs-on: ubuntu-latest
env:
force_create_issue: ${{ github.event.inputs.force_create_issue }}
timeout-minutes: 2
steps:
- uses: actions/checkout@v1
# Perform a GET request to endoflife.date for the Go language. The response
# contains all Go releases; we're interested in the 0'th and 1'th (latest and penultimate.)
- name: Fetch officially supported Go versions
uses: JamesIves/fetch-api-data-action@396ebea7d13904824f85b892b1616985f847301c
with:
endpoint: https://endoflife.date/api/go.json
configuration: '{ "method": "GET" }'
debug: true
# Parse the response JSON and insert into environment variables for the next step.
- name: Parse officially supported Go versions
run: |
echo "officialLatestVersion=${{ fromJSON(env.fetch-api-data)[0].latest }}" >> $GITHUB_ENV
echo "officialPenultimateVersion=${{ fromJSON(env.fetch-api-data)[1].latest }}" >> $GITHUB_ENV
# Read .circleci/config.yml to grab the version of Go used for release/testing, and the penultimate version
# which is also tested in CI.
- name: Parse latest supported Go version in Relay
id: relay-latest-version
uses: mikefarah/[email protected]
with:
cmd: yq '.parameters.go-release-version.default' .circleci/config.yml
- name: Parse penultimate supported Go version in Relay
id: relay-penultimate-version
uses: mikefarah/[email protected]
with:
cmd: yq '.parameters.go-previous-version.default' .circleci/config.yml
# If the latest official Go version is different from Relay's release version, generate an issue
# with useful details.
- name: Create issue if update required
if: env.force_create_issue == true || (steps.relay-latest-version.outputs.result != env.officialLatestVersion)
uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELAY_LATEST_VERSION: ${{ steps.relay-latest-version.outputs.result }}
OFFICIAL_LATEST_VERSION: ${{ env.officialLatestVersion }}
RELAY_PENULTIMATE_VERSION: ${{ steps.relay-penultimate-version.outputs.result }}
OFFICIAL_PENULTIMATE_VERSION: ${{ env.officialPenultimateVersion }}
with:
filename: .github/ISSUE_TEMPLATE/update_go_versions.md
update_existing: true
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ _out
build
/bin/
/dist/
.idea
.vscode
_testservice/testservice
_testservice/*.pid
Expand Down
2 changes: 1 addition & 1 deletion .ldrelease/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ repo:

jobs:
- docker:
image: cimg/go:1.20.1 # See "Runtime platform versions" in CONTRIBUTING.md
image: cimg/go:1.20.2 # See "Runtime platform versions" in CONTRIBUTING.md
copyGitHistory: true
template:
name: go
Expand Down
9 changes: 8 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,14 @@ All notable changes to the LaunchDarkly Relay will be documented in this file. T
### Fixed:
- Removed logging of "Big Segment store status query" error messages in a situation where the Relay Proxy has not been able to synchronize Big Segment data with LaunchDarkly. These messages were redundant since there is already a different and clearer error being logged for the synchronization failure.

## [6.7.18] - 2023-03-06
### Changed:
- Updated Alpine image to use Go 1.20.1.
- CI tests now execute for Go 1.20.1 and Go 1.19.6; removed Go 1.17 and 1.18.

### Fixed:
- Bumped golang.org/x/net to 0.7.0 to address CVE-2022-41723.

## [6.7.17] - 2023-01-17
### Fixed:
- Removed logging of "Big Segment store status query" error messages in a situation where the Relay Proxy has not been able to synchronize Big Segment data with LaunchDarkly. These messages were redundant since there is already a different and clearer error being logged for the synchronization failure.
Expand Down Expand Up @@ -551,4 +559,3 @@ For more details on changes related to configuration, read the [configuration do

### Fixed
- The /sdk/goals/<envId> endpoint now supports caching and repeats any headers it received to the client.

2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# This is a standalone Dockerfile that does not depend on goreleaser building the binary
# It is NOT the version that is pushed to dockerhub
FROM golang:1.20.1-alpine3.16 as builder
FROM golang:1.20.2-alpine3.16 as builder
# See "Runtime platform versions" in CONTRIBUTING.md

RUN apk --no-cache add \
Expand Down
12 changes: 2 additions & 10 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ GOLANGCI_LINT_VERSION=v1.51.2
LINTER=./bin/golangci-lint
LINTER_VERSION_FILE=./bin/.golangci-lint-version-$(GOLANGCI_LINT_VERSION)

GORELEASER_VERSION=v1.15.2

SHELL=/bin/bash

LINTER=./bin/golangci-lint
Expand Down Expand Up @@ -62,17 +60,11 @@ RELEASE_NOTES=<(GIT_EXTERNAL_DIFF='bash -c "diff --unchanged-line-format=\"\" $$
echo-release-notes:
@cat $(RELEASE_NOTES)

RELEASE_CMD=curl -sL https://git.io/goreleaser | GOPATH=$(mktemp -d) VERSION=$(GORELEASER_VERSION) bash -s -- --rm-dist --release-notes $(RELEASE_NOTES)

# Note that we're setting GOPATH to a temporary location when running goreleaser, because
# we want it to start from a clean state even if we've previously run a build - and also
# because during a release, we may need to run this command under another account and we
# don't want to mess up file permissions in the regular GOPATH.
publish:
GORELEASER_VERSION=$(GORELEASER_VERSION) ./scripts/run-goreleaser.sh
./scripts/run-goreleaser.sh

products-for-release:
GORELEASER_VERSION=$(GORELEASER_VERSION) ./scripts/run-goreleaser.sh --skip-publish --skip-validate
./scripts/run-goreleaser.sh --skip-publish --skip-validate

DOCKER_COMPOSE_TEST=docker-compose -f docker-compose.test.yml

Expand Down
Loading

0 comments on commit f581fdd

Please sign in to comment.