Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Check license files in CI #6342

Closed
wants to merge 1 commit into from
Closed

[WIP] Check license files in CI #6342

wants to merge 1 commit into from

Conversation

lbernick
Copy link
Member

@lbernick lbernick commented Mar 10, 2023
edited
Loading

Changes

This commit updates verify-codegen.sh to verify that licenses have been updated.
It also saves local state for go.mod and go.sum during verification, since
hack/update-codegen.sh (via hack/update-deps.sh) may modify these files.
This ensures that code is modified only by hack/update-codegen.sh and not hack/verify-codegen.sh.

/kind misc
Closes #6210
Closes #6352

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • n/a Has Docs included if any changes are user facing
  • n/a Has Tests included if any functionality added or changed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including
    functionality, content, code)
  • Has a kind label. You can add one by adding a comment on this PR that contains /kind <type>. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tep
  • n/a Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
  • n/a Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

NONE

@tekton-robot tekton-robot added release-note-none Denotes a PR that doesnt merit a release note. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. labels Mar 10, 2023
@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Mar 10, 2023
@lbernick lbernick mentioned this pull request Mar 10, 2023
Closed
@tekton-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please ask for approval from lbernick after the PR has been reviewed.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Mar 10, 2023
@lbernick
Copy link
Member Author

Not sure what's going on, but for me ./hack/update-deps.sh removes the entire third_party directory, and it seems like the same thing happens on prow during hack/verify-codegen.sh (which is why build tests are failing)

@lbernick lbernick mentioned this pull request Mar 16, 2023
Closed
@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 17, 2023
@tekton-robot tekton-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Mar 20, 2023
@lbernick lbernick added the kind/misc Categorizes issue or PR as a miscellaneuous one. label Mar 20, 2023
@tekton-robot tekton-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Mar 20, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 20, 2023
View reviewed changes
third_party/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go
// the caller knows no overflow occurred.
func SafeParseInt(in interface{}) (int, error) {
raw, err := SafeParseIntRange(in, math.MinInt, math.MaxInt)
return int(raw), err

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseInt](1) to a lower bit size type int without an upper bound check.
third_party/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go

var result = make([]int, 0, len(raw))
for _, element := range raw {
result = append(result, int(element))

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseInt](1) to a lower bit size type int without an upper bound check.
third_party/github.com/hashicorp/go-sockaddr/ifaddrs.go
remainingIfAddrs := make(IfAddrs, 0, len(ifAddrs))

rfcNetMap := KnownRFCs()
rfcNets, ok := rfcNetMap[uint(inputRFC)]

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseUint](1) to a lower bit size type uint without an upper bound check.
third_party/github.com/hashicorp/go-sockaddr/ifaddrs.go
return IfAddrs{}, IfAddrs{}, fmt.Errorf("mask size out of bounds for IPv6 address: %d", maskSize)
}

if (*ipAddr).Maskbits() == int(maskSize) {

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseUint](1) to a lower bit size type int without an upper bound check.
third_party/github.com/hashicorp/go-sockaddr/ifaddrs.go

ipv4 := *ToIPv4Addr(inputIfAddr.SockAddr)
ipv4Uint32 := uint32(ipv4.Address)
ipv4Uint32 += uint32(i)

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseInt](1) to a lower bit size type uint32 without an upper bound check.
third_party/github.com/hashicorp/go-sockaddr/ifaddrs.go
wrappedMask = 1 + i + int64(^uint32(ipv4.Mask))
}

ipv4Uint32 = ipv4Uint32 + (uint32(wrappedMask) &^ uint32(ipv4.Mask))

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types

Incorrect conversion of a 64-bit integer from [strconv.ParseInt](1) to a lower bit size type uint32 without an upper bound check.
@lbernick
Check license files in CI
5d7359c 
This commit updates verify-codegen.sh to verify that licenses have been updated.
It also saves local state for go.mod and go.sum during verification, since
hack/update-codegen.sh (via hack/update-deps.sh) may modify these files.
This ensures that code is modified only by hack/update-codegen.sh and not hack/verify-codegen.sh.

Lastly, it updates the version of go-licenses used in hack/update-deps.sh and re-runs codegen.
@lbernick
Copy link
Member Author

lbernick commented Mar 20, 2023
edited
Loading

running into the issue described in #6015; blocked by #6037

@lbernick lbernick mentioned this pull request Mar 20, 2023
Closed
7 tasks
@wlynch wlynch mentioned this pull request Mar 21, 2023
Closed
@lbernick
Copy link
Member Author

Going to go with the approach of removing third_party instead, based on conversation in #6015

@lbernick lbernick closed this Mar 21, 2023
@lbernick lbernick mentioned this pull request Mar 21, 2023
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dibyom dibyom Awaiting requested review from dibyom

@dlorenc dlorenc Awaiting requested review from dlorenc

Assignees
No one assigned
Labels
do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/misc Categorizes issue or PR as a miscellaneuous one. release-note-none Denotes a PR that doesnt merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
2 participants
@lbernick @tekton-robot