feat: cut release 3.5.0-gmp (rc.1 demo) #239
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: * Removal of unnecessary files (e.g. documentation) to avoid confusion. * Replacing README and CONTRIBUTING doc files with our wording. * Replacing CI scripts with our own. * Replacing Dockerfile with our own for Google assured build. * Adding .gcloudignore Signed-off-by: bwplotka <bwplotka@gmail.com>
Changes: * Add google directory with export and secret code. Signed-off-by: bwplotka <bwplotka@gmail.com>
Squashed commit of the following: commit 3ce6faa Author: bwplotka <bwplotka@gmail.com> Date: Mon Jul 7 05:55:34 2025 +0100 chore: prepare for v2.45.3-gmp.13-rc.0 release Signed-off-by: bwplotka <bwplotka@gmail.com> commit bb0d56e Author: bwplotka <bwplotka@gmail.com> Date: Fri Jul 4 15:21:44 2025 +0100 google patch[setup]: Simplify CI for now Signed-off-by: bwplotka <bwplotka@gmail.com> commit 4b9a70f Author: bwplotka <bwplotka@gmail.com> Date: Fri Jul 4 15:12:05 2025 +0100 google patch[build]: replace boringcrypto Mimick GoogleCloudPlatform/prometheus-engine#1449 Signed-off-by: bwplotka <bwplotka@gmail.com> commit 33443b2 Author: bwplotka <bwplotka@gmail.com> Date: Fri Jul 4 07:55:43 2025 +0100 google patch[deps]: fix release-2.45.3-gmp vulnerabilities Signed-off-by: bwplotka <bwplotka@gmail.com> commit 2f07f12 Author: bwplotka <bwplotka@gmail.com> Date: Fri Jul 4 09:50:10 2025 +0100 google patch[setup]: fix build and clean readme. Signed-off-by: bwplotka <bwplotka@gmail.com> commit 81d2e02 Author: leonzz <leonzz@google.com> Date: Mon Jun 9 21:12:55 2025 +0000 fix: use exportConfig fields only when not empty commit 707d6f7 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Apr 16 23:22:35 2025 +0000 build(deps): bump golang.org/x/net from 0.36.0 to 0.38.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.36.0 to 0.38.0. - [Commits](golang/net@v0.36.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> commit 1728d4d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Mar 25 06:13:09 2025 +0000 build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.5.1 to 4.5.2. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](golang-jwt/jwt@v4.5.1...v4.5.2) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 31de548 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Mar 21 22:15:47 2025 +0000 build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.1 to 5.2.2. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](golang-jwt/jwt@v5.2.1...v5.2.2) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 6135898 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Mar 13 01:58:50 2025 +0000 build(deps): bump golang.org/x/net from 0.34.0 to 0.36.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.34.0 to 0.36.0. - [Commits](golang/net@v0.34.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> commit 7a753f6 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Dec 12 12:38:55 2024 +0000 build(deps): bump nanoid from 3.3.4 to 3.3.8 in /web/ui Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.4 to 3.3.8. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.4...3.3.8) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 2347fe2 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Sep 4 13:54:52 2024 +0000 build(deps): bump micromatch from 4.0.5 to 4.0.8 in /web/ui Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit a83e6a4 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:35 2024 +0000 build(deps): bump sanitize-html from 2.7.3 to 2.12.1 in /web/ui Bumps [sanitize-html](https://github.com/apostrophecms/sanitize-html) from 2.7.3 to 2.12.1. - [Changelog](https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md) - [Commits](apostrophecms/sanitize-html@2.7.3...2.12.1) --- updated-dependencies: - dependency-name: sanitize-html dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> commit 3a47106 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:40 2024 +0000 build(deps): bump follow-redirects from 1.15.2 to 1.15.6 in /web/ui Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 3b9de2a Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:39 2024 +0000 build(deps-dev): bump ejs from 3.1.8 to 3.1.10 in /web/ui Bumps [ejs](https://github.com/mde/ejs) from 3.1.8 to 3.1.10. - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.8...v3.1.10) --- updated-dependencies: - dependency-name: ejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 8c299ee Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:41 2024 +0000 build(deps-dev): bump json5 from 1.0.1 to 1.0.2 in /web/ui Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 3f2af64 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:39 2024 +0000 build(deps-dev): bump webpack-dev-middleware in /web/ui Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit d096084 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat Sep 28 06:31:07 2024 +0000 build(deps-dev): bump rollup from 2.79.1 to 2.79.2 in /web/ui Bumps [rollup](https://github.com/rollup/rollup) from 2.79.1 to 2.79.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) --- updated-dependencies: - dependency-name: rollup dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 3cf3d2c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Jun 12 14:48:44 2024 +0000 build(deps): bump braces from 3.0.2 to 3.0.3 in /web/ui Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 89da6fc Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:48 2024 +0000 build(deps-dev): bump @babel/traverse from 7.19.3 to 7.24.6 in /web/ui Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.3 to 7.24.6. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 05e720a Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:43 2024 +0000 build(deps-dev): bump tough-cookie from 4.1.2 to 4.1.4 in /web/ui Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.1.2 to 4.1.4. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 55d67b4 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:42 2024 +0000 build(deps-dev): bump loader-utils from 2.0.2 to 2.0.4 in /web/ui Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v2.0.2...v2.0.4) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 97ef0f2 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Dec 12 16:41:33 2024 +0000 build(deps-dev): bump express from 4.18.1 to 4.21.2 in /web/ui Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.21.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.1...4.21.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit b7fb168 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat Oct 26 16:39:09 2024 +0000 build(deps): bump http-proxy-middleware from 2.0.6 to 2.0.7 in /web/ui Bumps [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7) --- updated-dependencies: - dependency-name: http-proxy-middleware dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> commit 3384dd7 Author: bwplotka <bwplotka@gmail.com> Date: Thu Jan 23 20:48:27 2025 +0000 Updated x/net and x/crypto to latest. Signed-off-by: bwplotka <bwplotka@gmail.com> commit 50d2e36 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jan 7 15:26:01 2025 +0000 build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](golang-jwt/jwt@v4.5.0...v4.5.1) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 071de86 Author: Adam Bernot <bernot@google.com> Date: Thu Dec 12 14:46:40 2024 +0000 chore: use newer distroless image commit 4939eae Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Dec 12 00:12:47 2024 +0000 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.24.0 to 0.31.0. - [Commits](golang/crypto@v0.24.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 88c2526 Author: Adam Bernot <bernot@google.com> Date: Wed Dec 4 20:36:23 2024 +0000 update build images commit f1c555b Author: Adam Bernot <bernot@google.com> Date: Mon Dec 9 17:04:06 2024 +0000 fix: npm deps commit cc87ece Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:23 2024 +0000 build(deps): bump bufbuild/buf-setup-action from 1.17.0 to 1.32.2 Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.17.0 to 1.32.2. - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](bufbuild/buf-setup-action@v1.17.0...v1.32.2) --- updated-dependencies: - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> commit e0464c4 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:24 2024 +0000 build(deps): bump actions/cache from 3.3.1 to 4.0.2 Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 4.0.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@88522ab...0c45773) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> commit b2df09c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Jun 6 20:15:32 2024 +0000 build(deps): bump actions/setup-go from 4 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> commit 6a5647c Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Jun 26 13:58:51 2024 +0000 build(deps): bump github.com/scaleway/scaleway-sdk-go Bumps [github.com/scaleway/scaleway-sdk-go](https://github.com/scaleway/scaleway-sdk-go) from 1.0.0-beta.17 to 1.0.0-beta.28. - [Release notes](https://github.com/scaleway/scaleway-sdk-go/releases) - [Changelog](https://github.com/scaleway/scaleway-sdk-go/blob/master/CHANGELOG.md) - [Commits](scaleway/scaleway-sdk-go@v1.0.0-beta.17...v1.0.0-beta.28) --- updated-dependencies: - dependency-name: github.com/scaleway/scaleway-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> commit b68bf66 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri Aug 30 04:14:47 2024 +0000 build(deps-dev): bump webpack from 5.74.0 to 5.94.0 in /web/ui Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.94.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.74.0...v5.94.0) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit ffdc74f Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Aug 7 11:30:46 2024 -0400 chore: prepare for v2.45.3-gmp.9-rc.0 release commit d7e3f6e Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 5 11:38:28 2024 -0400 feat: runtime export change commit d93891f Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 5 11:38:28 2024 -0400 feat: Prometheus export.go update for dynamic configs commit 14ed72f Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Aug 7 09:47:51 2024 -0400 chore: prepare for v2.45.3-gmp.8-rc.0 release commit d9749db Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Aug 1 17:19:21 2024 +0000 build(deps): bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.9+incompatible to 25.0.6+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v24.0.9...v25.0.6) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> commit 3280ea2 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 26 10:01:16 2024 -0400 chore: prepare for v2.45.3-gmp.7-rc.0 release commit 2f6c145 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 24 22:12:15 2024 +0000 build(deps): bump github.com/hashicorp/go-retryablehttp Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.2 to 0.7.7. - [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-retryablehttp@v0.7.2...v0.7.7) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-retryablehttp dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit e25611b Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 12 14:42:26 2024 -0400 chore: prepare for v2.45.3-gmp.6-rc.0 release commit 6999790 Author: bwplotka <bwplotka@gmail.com> Date: Wed Jun 12 14:29:39 2024 +0100 fix(deps): patch docker's Go version + Azure lib for CVE-2024-35255 Signed-off-by: bwplotka <bwplotka@gmail.com> commit 212ddb5 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 12 09:15:42 2024 -0400 feat: update to prometheus-engine 0.13.0-rc.2 commit c91a951 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jun 5 13:14:15 2024 -0400 chore: update to Golang 1.22.3 to match prometheus-engine commit f9fda63 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Mon Jun 3 08:45:50 2024 -0400 feat: update to prometheus-engine 0.13 commit f296f39 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:48 2024 +0000 build(deps): bump dessant/lock-threads from 4 to 5 Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 4 to 5. - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](dessant/lock-threads@v4...v5) --- updated-dependencies: - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> commit 2ce9bef Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:50:51 2024 +0000 build(deps): bump github.com/stretchr/testify Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> commit 8cdedba Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:51:09 2024 +0000 build(deps): bump golangci/golangci-lint-action from 3.7.0 to 6.0.1 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 6.0.1. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@3a91952...a4f60bb) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> commit e38ad7b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jun 3 12:51:29 2024 +0000 build(deps): bump golang.org/x/tools from 0.17.0 to 0.21.0 Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.17.0 to 0.21.0. - [Release notes](https://github.com/golang/tools/releases) - [Commits](golang/tools@v0.17.0...v0.21.0) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> commit 0712917 Author: Max Amin <maxamin@google.com> Date: Fri May 31 20:24:39 2024 +0000 fix: Use upstream go image for build Signed-off-by: Max Amin <maxamin@google.com> commit a7808a1 Author: bwplotka <bwplotka@gmail.com> Date: Wed Apr 24 12:21:33 2024 +0100 deps: Updated net for vuln + VERSION before v2.45.3-gmp.4-rc.0 Signed-off-by: bwplotka <bwplotka@gmail.com> commit 8aca3b2 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Tue Apr 23 16:27:10 2024 -0400 fix: prevent segfault when CA is provided without key or cert commit 6cdfd69 Author: bwplotka <bwplotka@gmail.com> Date: Wed Apr 3 17:07:59 2024 +0100 Add deletion-data-on-start flags as per go/gmp:oomcrashloop Signed-off-by: bwplotka <bwplotka@gmail.com> commit 9cf043c Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Fri Mar 29 08:29:48 2024 -0400 Update prometheus-engine to 0.12 commit e441ef2 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Mon Mar 25 23:04:49 2024 -0400 fix(deps): patch Docker and Protobuf dependencies commit 6d428b2 Author: Daniel Clark <danielclark@google.com> Date: Thu Mar 21 21:56:15 2024 +0000 chore: enable cgo and use google buildbase cgo needs to be enabled to link against boringcrypto, so we add that here. In addition, we use the google-go.pkg.dev/golang image as the Go buildbase to ensure build-time requirements, like boringcrypto, are enabled. We also use gke.gcr.io/gke-distroless/libc as our runtime image. We add the "cryp/tls/fipsonly" import to ensure boringcrypto is linking properly at build time. We guard this with a build tag "boring" in a dedicated file. Finally, we remove promtool from the image, as its not intended to be used. Signed-off-by: Daniel Clark <danielclark@google.com> commit c8531bc Author: Adam Bernot <bernot@google.com> Date: Tue Mar 19 20:33:37 2024 +0000 chore: enable boring crypto Enable boring crypto flag for builds of our fork. commit d7b1997 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Feb 21 13:37:33 2024 -0500 feat: add a native Kubernetes secret provider commit 1a80917 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Mon Dec 11 11:52:41 2023 -0500 Add empty Authorization and OAuth2 patches commit 6e450ac Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Mon Dec 11 20:11:25 2023 -0500 Address GCM missing exporter warnings in head test commit a4bb3ca Author: Daniel Clark <danielclark@google.com> Date: Mon Nov 20 22:20:07 2023 +0000 Bump otelhttp to resolve CVE This resolves https://nvd.nist.gov/vuln/detail/CVE-2023-45142 by bumping otelhttp to v0.45.0. It's a follow-up to #113. I had to bump the otlptrace packages to v1.19.0 to make `go mod tidy` happy as well. Updated golangci-lint; adjusted lint config for our fork; fixed important copylock lint issue. Skipped lint for some docs. Co-authored-by: Daniel Clark <danielclark@google.com> Co-authored-by: Bartek Plotka <bwplotka@google.com> commit 797d358 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Nov 22 15:37:37 2023 -0500 Suppress golangci warnings commit 56a9e74 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Nov 22 13:59:38 2023 -0500 Bump to Go 1.21 to match prometheus-engine commit a94aa8d Author: Daniel Clark <danielclark@google.com> Date: Tue Nov 21 01:58:06 2023 +0000 Update docker to resolve CVE * Resolves GHSA-jq35-85cj-fj4p * Failing test fixed by renaming file as done in upstream commit prometheus/prometheus@5f3a02f. commit be1c187 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu Oct 26 14:13:56 2023 +0000 build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.34.0 to 0.44.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.34.0...zpages/v0.44.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 16645d7 Author: Daniel Clark <danielclark@google.com> Date: Wed Aug 9 19:26:50 2023 +0000 disable version updates - only want security updates commit 5bae89d Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed Aug 9 20:01:52 2023 +0000 build(deps): bump github.com/docker/distribution Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible. - [Release notes](https://github.com/docker/distribution/releases) - [Commits](distribution/distribution@v2.8.1...v2.8.2) --- updated-dependencies: - dependency-name: github.com/docker/distribution dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> commit 431aa79 Author: Daniel Clark <danielclark@google.com> Date: Thu Jun 29 15:01:23 2023 +0000 handle potential NPE commit e8d2650 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Nov 22 11:07:21 2023 -0500 Google patch: Check-in vendoring commit fd67a97 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Fri Jun 23 14:23:07 2023 -0400 Google patch: Add vendoring support commit 525b184 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Jan 24 12:27:28 2024 -0500 Google patch: Generate CLI documentation commit b380f39 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Fri Apr 21 13:35:16 2023 -0400 Google patch: Disable GCM exporter on tests commit 80bca23 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Wed Nov 22 10:44:06 2023 -0500 Google patch: Export to Google Cloud Monitoring commit 5eaffbd Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Fri Jun 23 14:22:17 2023 -0400 Google patch: Disable Prometheus organization workflows commit c805337 Author: Daniel Hrabovcak <thespiritxiii@gmail.com> Date: Thu Feb 1 09:40:37 2024 -0500 Google patch: Initial fork <> Excluded files: .circleci/config.yml .gcloudignore .github/CODEOWNERS .github/ISSUE_TEMPLATE/bug_report.yml .github/ISSUE_TEMPLATE/config.yml .github/ISSUE_TEMPLATE/feature_request.yml .github/PULL_REQUEST_TEMPLATE.md .github/dependabot.yaml .github/dependabot.yml .github/stale.yml .github/workflows/automerge-dependabot.yml .github/workflows/buf-lint.yml .github/workflows/buf.yml .github/workflows/ci.yml .github/workflows/codeql-analysis.yml .github/workflows/funcbench.yml .github/workflows/fuzzing.yml .github/workflows/lock.yml .github/workflows/presubmit.yml .github/workflows/prombench.yml .github/workflows/repo_sync.yml .gitignore .golangci.yml .promu.yml .yamllint.yml CONTRIBUTING.md Dockerfile Makefile.common README.md VERSION docs/command-line/prometheus.md documentation/examples/remote_storage/.yamllint documentation/examples/remote_storage/go.mod documentation/examples/remote_storage/go.sum documentation/examples/remote_storage/vendor/* go.mod go.sum vendor/* web/ui/node_modules/* web/ui/package-lock.json web/ui/react-app/.gitignore web/ui/react-app/node_modules/* web/ui/react-app/package.json Excluded files: go.mod go.sum google/COPYRIGHT.md google/README.md google/export/config/config.go google/export/export.go google/export/export_test.go google/export/gcm/export_gcm_test.go google/export/gcm/promtest/local_export.go google/export/gcm/promtest/prometheus.go google/export/gcm/promtest/promtest.go google/export/setup/setup.go google/export/setup/setup_test.go google/export/storage.go
Collaborator
|
Nice! You should walk us through the scripts at some point :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a starting point for 3.5.0 fork release without the need of any work on prometheus-engine (go/gmp:fork-toil)
This is to show how easier it is to sync the fork using new scripts (go/gmp:toil-automation) via:
Took me 20m to run the script and fix all the immediate git conflicts. Ofc there's still more work to get it buildable and tested (e.g. go-kit/log was replaced with slog, so there's some work on export package), but it's considerably easier, more consistent and faster to sync, even acros MAJOR prometheus version.
The 3.5.0 is the LTS release and is still in progress upstream (RC.1 only available that's why pointing to rc.1). Once there is a final version and we fix this
release-3.5.0-rc.1-gmpbranch, it will be as easy as running, likely with fully ready code branches to relase.cc @pintohutch @bernot-dev