* Edit the docs test plan
Add an item to remove version warnings for versions we no longer
support. Currently, we remove these version warnings as we encounter
them. This change makes this task a regular, predictable step when
releasing a new major Teleport version.
* Respond to stevenGravy feedback
* Build change for when go caching should be used
This commit does the following:
* Updates all `setup-go` actions to use v4 (which has caching enabled by default)
* For `shared-workflow` jobs caching is left enabled due to the presumed small size
* For `teleport` jobs caching is now disabled due to the size exceeding the cache limit
This should make all of the mentioned jobs a little faster.
* Update build-api.yaml to re-enable caching
* Update Dependabot Scheduled Config
Update Dependabot with the following:
* Add `jentfoo` to reviewers list
* Remove `crypto` ignore on `api` (no longer using forked version)
* Add configurations for missing gomod paths
* Update .github/dependabot.yml
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
* Remove `examples` from Dependabot
---------
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
- Add an item to define a scope for resolving the issue to avoid scope
creep and make it easier to close issues.
- Make a stronger plea for "Related Issues" items, since these are often
not included.
Test plan misses testing access when using proxy peering. Nothing should
differ from normal reverse tunnel access but it makes some assumptions
that differ from the reverse tunnel.
This PR adds K8S dependencies to the dependendabot ignore list.
We can revert this PR after
https://github.com/gravitational/teleport/pull/25136 merges to master.
`sigs.k8s.io/controller-runtime` is holding the K8S deps update because
it does not support K8S API 0.27.1. `controller-runtime` will release a
new version once `k8s.io/api@v0.27.2` is released.
* Remove our replacement for Logrus
Recently I attempted to update our Logrus fork. However this comment pointed out that our changes have been merged upstream: https://github.com/gravitational/logrus/pull/12#issuecomment-1515303744
For that reason this removes the dependency on the fork.
* Remove ignored dependabot dependencies that are no longer replaced
* Restore Kubernetes Integration tests
This PR re-enables the Kubernetes integrations tests using a KinD
(Kubernetes in Docker) cluster.
New steps have been introduced to GitHub's Integrations (Non-Root)
Action that configure the KinD cluster using
[`helm/kind-action`](https://github.com/helm/kind-action) and do some
network configurations allowing the container where tests run to connect
to the KinD control plane.
This PR also fixes some of the tests and fixes a bug that affected
joining operations when the target service was a legacy kubernetes
proxy. Some improvements will be introduced in future patches to improve
the logic and reduce the time required for the tests to run.
Fixes#25539
* fix data race in spdystream dep
* address feedback
* remove docker installation
* fix test
- Refresh out-of-date URLs for docs pages and `docs/config.json`
- Remove the step to add pages to the `/docs/older-versions` page, since
we generate this automatically from `gravitational/docs/config.json`,
and there is already a step to check that file
- Add a step to ensure that git submodule directories match those in
`.gitmodules`. This prevents unexpected deployment issues.
- Add more clarity to the changelog step
- Add a step to check on the status of documentation for relevant
features in the release
* Use the GHA base container for Lint (Docs)
This way, we can take advantage of the software the comes pre-installed
on the GHA `ubuntu-latest` container image. Otherwise, we need to find a
way to portably install Chromium on the `gravitational/docs` container
in order to run the Mermaid CLI. Currently, the docs engine exits with
an error during the "Lint (Docs)" job when attempting to build mermaid
diagrams due to not being able to locate Chromium.
For this change to work, the "Lint (Docs)" job checks out
`gravitational/docs`, removes the default git submodule configuration,
then adds a git submodule for the current `gravitational/teleport`
branch. From there, it can install dependencies via `yarn` and run our
CI scripts.
* s/GITHUB_HEAD_REF/GITHUB_SHA/
* Base the submodule branch source on the event type
Some edits I made to the CloudHSM docs while going through the v13 test
plan. The biggest change is an update to use the Client SDK 5, instead
of version 3. This has many benefits, you are not required to run a
client daemon, and it works with the kernel in FIPS mode (v3 doesn't).
I also added much more detail to the guide and added code samples where
I could, you should be able to go through this mostly without reading
the AWS docs, I link there for downloads or extra/optional information.
The AWS docs are very hard to follow.
This was copied from the original test plan template, but the
name was never changed. As a result, the GitHub UI shows an
error: "There is a problem with this template"
* Support spellchecking in docs content
In gravitational/docs#261, we will add a script that checks the spelling
of each version of the docs. This change edits one version of the docs
content to support this, including:
- A cspell configuration file
- A new step in the GitHub Actions in the "Lint (Docs)" workflow that
runs the spellcheck script we will add in `gravitational/docs`
- Fix mispellings so this passes the lint job. The mispellings are in a
file that we generated automatically, but there are few enough of
them, and we haven't merged the auto-generation script yet, that I
think it makes sense to fix them in the generated file for now.
* Respond to PR feedback
- Remove misspellings from the ignore list
- Sort the ignore list (and format it via prettier)
* Use the new yarn spellcheck command
* Spelling fixes
* spell fixes and add words to cspell.json
---------
Co-authored-by: Steven Martin <steven@goteleport.com>
* Disable `build-macos` and `build-windows` on PR
This commit removes the `build-macos` and `build-windows` from the PR flow, instead delegating to the bypass job.
These jobs still run at the merge queue point.
This of course means that failures in these two jobs may not be known until the merge queue.
There is an unequestionable disadvantage in not discovering those issues until that point, but this change is being recommended because:
* Currently MacOS builds are 31% of our Teleport Actions spend (~$3,500 / week)
* Windows builds are also significant at 13% (~$1,400 / week)
* There has been relatively few failures of these jobs (without other jobs also failing)
Although merge queue verification is not ideal because it's later in the process, it is considered the most critical in ensuring that `master` remains stable.
* Make sure all bypass jobs run on `ubuntu-latest`
In a couple cases this allows the jobs to be run on a cheaper instance.
* update Makefile to use cargo sparse protocol in all cargo commands
* Adds a cargo version print to build-macos for debugging
* uses the same setup steps for the rust and go toolchains as are being used in the similar enterprise workflow
* Uses the prepare-toolchain-mac composite action in the build-macos.yaml workflow.
* checkout e so that the prepare-toolchain-mac composite action is available
* Fetch the correct e ref for the composite action
* Attempts to checkout with submodules
* fetch-depth: 0
* seems that I can't get to teleport.e from the oss actions
* updates bypass
* testing ci
* testing ci
* testing for ci
* fixing indentation
* trying to get CI to actually run
* fixing indentation
* fixing lib/srv/desktop/rdp/rdpclient/client.go