Fix PRs from forks

.github/workflows/codeformat.yaml

@@ -1,16 +1,17 @@
-name: pull_request
+name: Code format check
 on: pull_request
 jobs:
   codegen:
     name: Code format check
     runs-on: ubuntu-22.04
     steps:
       - name: Cancel Previous Actions
-        uses: styfle/cancel-workflow-action@0.11.0
+        uses: styfle/cancel-workflow-action@0.12.1
         with:
           access_token: ${{ github.token }}
       - name: Free disk space
         run: |
+          : Free disk space
           echo "Before clearing disk space:"
           df -h
 
@@ -27,11 +28,11 @@ jobs:
           echo "After clearing disk space:"
           df -h
       - name: Check out code into the Go module directory
-        uses: actions/checkout@v3
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - name: Set up Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v6
         with:
           go-version-file: "go.mod"
         id: go

.github/workflows/pull_request.yaml

@@ -1,4 +1,4 @@
-name: pull_request
+name: Tests
 
 on:
   push:
@@ -13,43 +13,51 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
     - name: Cancel Previous Runs
-      uses: styfle/cancel-workflow-action@0.11.0
+      uses: styfle/cancel-workflow-action@0.12.1
       with:
         access_token: ${{ github.token }}
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v5
       with:
         fetch-depth: 0
     - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v6
       with:
         python-version: 3.8
-    - uses: google-github-actions/setup-gcloud@a48b55b3b0eeaf77b6e1384aab737fbefe2085ac
+
+    - name: Gcloud login
+      if: ${{ env.has_auth }}
+      uses: google-github-actions/auth@v2
       with:
-        version: '290.0.1'
         project_id: ${{ secrets.GCP_PROJECT_ID }}
-        service_account_key: ${{ secrets.GCP_SA_KEY }}
-        export_default_credentials: true
-      name: Gcloud Login
+        credentials_json: ${{ secrets.GCP_SA_KEY }}
+        create_credentials_file: true
+      env:
+        has_auth: ${{ secrets.GCP_PROJECT_ID && secrets.GCP_SA_KEY && 1 }}
+
     - name: Install Trivy (latest)
       run: |
+          : "Install Trivy (latest)"
           TRIVY_VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') 
           echo Using Trivy v${TRIVY_VERSION}
           wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.deb
           sudo dpkg -i trivy_${TRIVY_VERSION}_Linux-64bit.deb
     - name: Set up Go
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v6
       with:
         go-version-file: "go.mod"
     - name: Run tests
       env:
-        GITHUB_TOKEN: ${{ secrets.CLOUDBUILD_GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.CLOUDBUILD_GITHUB_TOKEN || github.token }}
+        SKIP_GCLOUD_TESTS: ${{ secrets.GCP_SA_KEY == '' && '1' || '' }}
+        HAS_CLOUDBUILD_GITHUB_TOKEN: ${{ secrets.CLOUDBUILD_GITHUB_TOKEN && '1' || '' }}
         TEST_PKG: ./... # Run all tests
       run: make test
-    - uses: testspace-com/setup-testspace@v1
+    - name: Set up testspaceTestspace
+      uses: testspace-com/setup-testspace@v1
       with:
         domain: solo-io.testspace.com
-      if: ${{ always() && github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+      if: ${{ always() && github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository_owner == 'solo-io' }}
     - name: Push result to Testspace server
       run: |
         testspace push --verbose "**/junit.xml"
-      if: ${{ always() && github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+      if: ${{ always() && github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository_owner == 'solo-io' }}

Makefile

@@ -55,7 +55,7 @@ clean: ## Clean any local assets
 
 GINKGO_VERSION ?= $(shell echo $(shell go list -m github.com/onsi/ginkgo/v2) | cut -d' ' -f2)
 GINKGO_ENV ?= GOLANG_PROTOBUF_REGISTRATION_CONFLICT=ignore ACK_GINKGO_DEPRECATIONS=$(GINKGO_VERSION)
-GINKGO_FLAGS ?= -v -tags=purego -compilers=4 -fail-fast -race -randomize-suites -randomize-all -skip-package=./installutils/kubeinstall,./debugutils/test
+GINKGO_FLAGS ?= -v -tags=purego -compilers=4 $(shell [ -z "${CI}" ] && echo '-fail-fast') -race -randomize-suites -randomize-all -skip-package=./installutils/kubeinstall,./debugutils/test
 GINKGO_REPORT_FLAGS ?= --json-report=test-report.json --junit-report=junit.xml -output-dir=$(OUTPUT_DIR)
 GINKGO_COVERAGE_FLAGS ?= --cover --covermode=atomic --coverprofile=coverage.cov
 TEST_PKG ?= ./... # Default to run all tests

changelog/v0.28.7/handle-prs-from-forks.yaml

@@ -0,0 +1,80 @@
+changelog:
+  - type: DEPENDENCY_BUMP
+    dependencyOwner: actions
+    dependencyRepo: checkout
+    dependencyTag: v5
+    description: "Use node 24"
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: DEPENDENCY_BUMP
+    dependencyOwner: actions
+    dependencyRepo: setup-go
+    dependencyTag: v6
+    description: "Use node 24"
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: DEPENDENCY_BUMP
+    dependencyOwner: actions
+    dependencyRepo: setup-python
+    dependencyTag: v6
+    description: "Use node 24"
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: DEPENDENCY_BUMP
+    dependencyOwner: styfle
+    dependencyRepo: cancel-workflow-action
+    dependencyTag: 0.12.1
+    description: "Bump to node20"
+    resolvesIssue: false
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    dependencyOwner: google-github-actions
+    dependencyRepo: auth
+    dependencyTag: v2
+    description: "Replace deprecated action flow"
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Show all failures in CI.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Replace deprecated methods.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Add name to testspace step.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Add name to testspace step.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Add pretty comments to workflows.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Skip gcloud steps for forks without gcloud secrets.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Skip testspace steps for forks.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Skip write steps for forks without cloudbuild secrets.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Use public repositories for tests for forks without github secrets.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: NON_USER_FACING
+    resolvesIssue: false
+    description: Use public repositories for tests.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: FIX
+    resolvesIssue: false
+    description: Fix running tests for forks.
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+  - type: FIX
+    issueLink: https://github.com/solo-io/go-utils/pull/556
+    description: Fixing handling of PRs from forks
+    resolvesIssue: true

changelogutils/changelog_test.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"
@@ -415,7 +414,7 @@ closing
 			ctx := context.Background()
 			client, err := githubutils.GetClient(ctx)
 			Expect(err).NotTo(HaveOccurred())
-			hasChangelog, err := changelogutils.RefHasChangelog(ctx, client, "solo-io", "testrepo", "master")
+			hasChangelog, err := changelogutils.RefHasChangelog(ctx, client, "solo-io", "reporting-client", "master")
 			Expect(err).NotTo(HaveOccurred())
 			Expect(hasChangelog).To(BeTrue())
 		})
@@ -508,7 +507,7 @@ func createSubdirs(dir string, names ...string) error {
 }
 
 func mustWriteTestDir() string {
-	tmpDir, err := ioutil.TempDir("", "changelog-test-")
+	tmpDir, err := os.MkdirTemp("", "changelog-test-")
 	Expect(err).NotTo(HaveOccurred())
 	return tmpDir
 }

changelogutils/reader_test.go

@@ -2,6 +2,7 @@ package changelogutils_test
 
 import (
 	"context"
+	"fmt"
 	"os"
 	"path/filepath"
 	"time"
@@ -27,8 +28,6 @@ var _ = Describe("ReaderTest", func() {
 
 		const (
 			owner = "solo-io"
-			repo  = "testrepo"
-			sha   = "9065a9a84e286ea7f067f4fc240944b0a4d4c82a"
 		)
 
 		var (
@@ -41,8 +40,22 @@ var _ = Describe("ReaderTest", func() {
 			file = changelogutils.ChangelogFile{
 				Entries: []*changelogutils.ChangelogEntry{&entry},
 			}
+			log  = "1.yaml"
+			repo = "testrepo"
+			sha  = "9065a9a84e286ea7f067f4fc240944b0a4d4c82a"
 		)
 
+		if os.Getenv("HAS_CLOUDBUILD_GITHUB_TOKEN") == "" {
+			log = "new-signature-manager.yaml"
+			repo = "reporting-client"
+			sha = "af5d207720ee6b548704b06bfa6631f9a2897294"
+			entry = changelogutils.ChangelogEntry{
+				Type:        changelogutils.NEW_FEATURE,
+				Description: "New signature manager implementation to be used in CLI clients that writes the signature to ~/.soloio",
+				IssueLink:   "https://github.com/solo-io/gloo/issues/1559",
+			}
+		}
+
 		BeforeEach(func() {
 			client, err := githubutils.GetClient(ctx)
 			Expect(err).NotTo(HaveOccurred())
@@ -51,7 +64,7 @@ var _ = Describe("ReaderTest", func() {
 		})
 
 		It("can read changelog file", func() {
-			changelogFile, err := reader.ReadChangelogFile(ctx, "changelog/v0.1.1/1.yaml")
+			changelogFile, err := reader.ReadChangelogFile(ctx, fmt.Sprintf("changelog/v0.1.1/%s", log))
 			Expect(err).NotTo(HaveOccurred())
 			Expect(*changelogFile).To(BeEquivalentTo(file))
 		})

cliutils/port_forward.go

@@ -3,7 +3,7 @@ package cliutils
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net"
 	"net/http"
 	"os"
@@ -71,7 +71,7 @@ func PortForwardGet(ctx context.Context, namespace string, resource string, loca
 				time.Sleep(retryInterval)
 				continue
 			}
-			b, err := ioutil.ReadAll(res.Body)
+			b, err := io.ReadAll(res.Body)
 			if err != nil {
 				errs <- err
 				time.Sleep(retryInterval)

docker/docker_test.go

@@ -2,7 +2,7 @@ package docker_test
 
 import (
 	"context"
-	"io/ioutil"
+	"os"
 	"os/exec"
 
 	. "github.com/onsi/ginkgo/v2"
@@ -50,14 +50,14 @@ var _ = Describe("Docker", func() {
 	Context("Save", func() {
 		It("can save a valid, present container", func() {
 			pullValidImage()
-			file, err := ioutil.TempFile("", "docker_test")
+			file, err := os.CreateTemp("", "docker_test")
 			Expect(err).NotTo(HaveOccurred())
 			err = docker.Save(validImage, file.Name())
 			Expect(err).NotTo(HaveOccurred())
 		})
 
 		It("cannot save an invalid container", func() {
-			file, err := ioutil.TempFile("", "docker_test")
+			file, err := os.CreateTemp("", "docker_test")
 			Expect(err).NotTo(HaveOccurred())
 			err = docker.Save(invalidImage, file.Name())
 			Expect(err).To(HaveOccurred())

fileutils/messages_test.go

@@ -4,7 +4,6 @@ import (
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 
-	"io/ioutil"
 	"os"
 
 	"github.com/gogo/protobuf/types"
@@ -14,7 +13,7 @@ import (
 var _ = Describe("Messages", func() {
 	var filename string
 	BeforeEach(func() {
-		f, err := ioutil.TempFile("", "messages_test")
+		f, err := os.CreateTemp("", "messages_test")
 		Expect(err).NotTo(HaveOccurred())
 		filename = f.Name()
 	})
@@ -32,7 +31,7 @@ var _ = Describe("Messages", func() {
 		err := WriteToFile(filename, input)
 		Expect(err).NotTo(HaveOccurred())
 
-		b, err := ioutil.ReadFile(filename)
+		b, err := os.ReadFile(filename)
 		Expect(err).NotTo(HaveOccurred())
 
 		Expect(string(b)).To(Equal("foo: bar\n"))