These minor releases include 2 security fixes following the security policy: - cmd/go: arbitrary code execution during build on darwin On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive. Thanks to Juho Forsén of Mattermost for reporting this issue. This is CVE-2024-24787 and Go issue https://go.dev/issue/67119. - net: malformed DNS message can cause infinite loop A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. Thanks to long-name-let-people-remember-you on GitHub for reporting this issue, and to Mateusz Poliwczak for bringing the issue to our attention. This is CVE-2024-24788 and Go issue https://go.dev/issue/66754. View the release notes for more information: https://go.dev/doc/devel/release#go1.22.3 - https://github.com/golang/go/issues?q=milestone%3AGo1.21.10+label%3ACherryPickApproved - full diff: https://github.com/golang/go/compare/go1.21.9...go1.21.10 **- Description for the changelog** ```markdown changelog Update Go runtime to 1.21.10 ``` Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
82 lines
2.1 KiB
YAML
82 lines
2.1 KiB
YAML
name: test
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches:
|
|
- 'master'
|
|
- '[0-9]+.[0-9]+'
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
|
|
jobs:
|
|
ctn:
|
|
runs-on: ubuntu-22.04
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v4
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
-
|
|
name: Test
|
|
uses: docker/bake-action@v4
|
|
with:
|
|
targets: test-coverage
|
|
-
|
|
name: Send to Codecov
|
|
uses: codecov/codecov-action@v4
|
|
with:
|
|
file: ./build/coverage/coverage.txt
|
|
token: ${{ secrets.CODECOV_TOKEN }}
|
|
|
|
host:
|
|
runs-on: ${{ matrix.os }}
|
|
env:
|
|
GOPATH: ${{ github.workspace }}
|
|
GOBIN: ${{ github.workspace }}/bin
|
|
GO111MODULE: auto
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
os:
|
|
- macos-12
|
|
# - windows-2022 # FIXME: some tests are failing on the Windows runner, as well as on Appveyor since June 24, 2018: https://ci.appveyor.com/project/docker/cli/history
|
|
steps:
|
|
-
|
|
name: Prepare git
|
|
if: matrix.os == 'windows-latest'
|
|
run: |
|
|
git config --system core.autocrlf false
|
|
git config --system core.eol lf
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
path: ${{ env.GOPATH }}/src/github.com/docker/cli
|
|
-
|
|
name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: 1.21.10
|
|
-
|
|
name: Test
|
|
run: |
|
|
go test -coverprofile=/tmp/coverage.txt $(go list ./... | grep -vE '/vendor/|/e2e/')
|
|
go tool cover -func=/tmp/coverage.txt
|
|
working-directory: ${{ env.GOPATH }}/src/github.com/docker/cli
|
|
shell: bash
|
|
-
|
|
name: Send to Codecov
|
|
uses: codecov/codecov-action@v4
|
|
with:
|
|
file: /tmp/coverage.txt
|
|
working-directory: ${{ env.GOPATH }}/src/github.com/docker/cli
|
|
token: ${{ secrets.CODECOV_TOKEN }}
|