Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: ensure we are upgrading image to avoid vulnerabilities #1665

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/.OwlBot.lock.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@
# limitations under the License.
docker:
image: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest
digest: sha256:d920257482ca1cd72978f29f7d28765a9f8c758c21ee0708234db5cf4c5016c2
# created: 2024-06-12T16:18:41.688792375Z
digest: sha256:2d9cc5ba06665c588e4d6accba03321d1314358ebb68dd0a7515ff28ada937ff
# created: 2024-10-04T17:39:56.481250506Z
7 changes: 2 additions & 5 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,5 @@
# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax


# The yoshi-nodejs team is the default owner for nodejs repositories.
* @googleapis/yoshi-nodejs @googleapis/actools

# The github automation team is the default owner for the auto-approve file.
.github/auto-approve.yml @googleapis/github-automation
# Unless specified, the jsteam is the default owner for nodejs repositories.
* @googleapis/actools @googleapis/jsteam
99 changes: 99 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
name: Bug Report
description: Create a report to help us improve
labels:
- bug
body:
- type: markdown
attributes:
value: >
**PLEASE READ**: If you have a support contract with Google, please
create an issue in the [support
console](https://cloud.google.com/support/) instead of filing on GitHub.
This will ensure a timely response. Otherwise, please make sure to
follow the steps below.
- type: checkboxes
attributes:
label: Please make sure you have searched for information in the following
guides.
options:
- label: "Search the issues already opened:
https://github.com/GoogleCloudPlatform/google-cloud-node/issues"
required: true
- label: "Search StackOverflow:
http://stackoverflow.com/questions/tagged/google-cloud-platform+nod\
e.js"
required: true
- label: "Check our Troubleshooting guide:
https://github.com/googleapis/google-cloud-node/blob/main/docs/trou\
bleshooting.md"
required: true
- label: "Check our FAQ:
https://github.com/googleapis/google-cloud-node/blob/main/docs/faq.\
md"
required: true
- label: "Check our libraries HOW-TO:
https://github.com/googleapis/gax-nodejs/blob/main/client-libraries\
.md"
required: true
- label: "Check out our authentication guide:
https://github.com/googleapis/google-auth-library-nodejs"
required: true
- label: "Check out handwritten samples for many of our APIs:
https://github.com/GoogleCloudPlatform/nodejs-docs-samples"
required: true
- type: textarea
attributes:
label: >
A screenshot that you have tested with "Try this API".
description: >
As our client libraries are mostly autogenerated, we kindly request
that you test whether your issue is with the client library, or with the
API itself. To do so, please search for your API
here: https://developers.google.com/apis-explorer and attempt to
reproduce the issue in the given method. Please include a screenshot of
the response in "Try this API". This response should NOT match the current
behavior you are experiencing. If the behavior is the same, it means
that you are likely experiencing a bug with the API itself. In that
case, please submit an issue to the API team, either by submitting an
issue in its issue tracker (https://cloud.google.com/support/docs/issue-trackers), or by
submitting an issue in its linked tracker in the .repo-metadata.json
file https://github.com/googleapis/gax-nodejs/issues/
validations:
required: true
- type: input
attributes:
label: >
Link to the code that reproduces this issue. A link to a **public** Github Repository or gist with a minimal
reproduction.
description: >
**Skipping this or providing an invalid link will result in the issue being closed**
validations:
required: true
- type: textarea
attributes:
label: >
A step-by-step description of how to reproduce the issue, based on
the linked reproduction.
description: >
Screenshots can be provided in the issue body below.
placeholder: |
1. Start the application in development (next dev)
2. Click X
3. Y will happen
validations:
required: true
- type: textarea
attributes:
label: A clear and concise description of what the bug is, and what you
expected to happen.
placeholder: Following the steps from the previous section, I expected A to
happen, but I observed B instead
validations:
required: true

- type: textarea
attributes:
label: A clear and concise description WHY you expect this behavior, i.e., was it a recent change, there is documentation that points to this behavior, etc. **
placeholder: 'Documentation here(link) states that B should happen instead of A'
validations:
required: true
53 changes: 53 additions & 0 deletions .github/ISSUE_TEMPLATE/documentation_request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Documentation Requests
description: Requests for more information
body:
- type: markdown
attributes:
value: >
Please use this issue type to log documentation requests against the library itself.
These requests should involve documentation on Github (`.md` files), and should relate to the library
itself. If you have questions or documentation requests for an API, please
reach out to the API tracker itself.

Please submit an issue to the API team, either by submitting an
issue in its issue tracker https://cloud.google.com/support/docs/issue-trackers), or by
submitting an issue in its linked tracker in the .repo-metadata.json
file in the API under packages/* ([example](https://github.com/googleapis/gax-nodejs/issues/)).
You can also submit a request to documentation on cloud.google.com itself with the "Send Feedback"
on the bottom of the page.


Please note that documentation requests and questions for specific APIs
will be closed.
- type: checkboxes
attributes:
label: Please make sure you have searched for information in the following
guides.
options:
- label: "Search the issues already opened:
https://github.com/GoogleCloudPlatform/google-cloud-node/issues"
required: true
- label: "Check our Troubleshooting guide:
https://googlecloudplatform.github.io/google-cloud-node/#/docs/guid\
es/troubleshooting"
required: true
- label: "Check our FAQ:
https://googlecloudplatform.github.io/google-cloud-node/#/docs/guid\
es/faq"
required: true
- label: "Check our libraries HOW-TO:
https://github.com/googleapis/gax-nodejs/blob/main/client-libraries\
.md"
required: true
- label: "Check out our authentication guide:
https://github.com/googleapis/google-auth-library-nodejs"
required: true
- label: "Check out handwritten samples for many of our APIs:
https://github.com/GoogleCloudPlatform/nodejs-docs-samples"
required: true
- type: textarea
attributes:
label: >
Documentation Request
validations:
required: true
53 changes: 53 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Feature Request
description: Suggest an idea for this library
labels:
- feature request
body:
- type: markdown
attributes:
value: >
**PLEASE READ**: If you have a support contract with Google, please
create an issue in the [support
console](https://cloud.google.com/support/) instead of filing on GitHub.
This will ensure a timely response. Otherwise, please make sure to
follow the steps below.
- type: textarea
attributes:
label: >
A screenshot that you have tested with "Try this API".
description: >
As our client libraries are mostly autogenerated, we kindly request
that you test whether your feature request is with the client library, or with the
API itself. To do so, please search for your API
here: https://developers.google.com/apis-explorer and attempt to
reproduce the issue in the given method. Please include a screenshot of
the response in "Try this API". This response should NOT match the current
behavior you are experiencing. If the behavior is the same, it means
that you are likely requesting a feature for the API itself. In that
case, please submit an issue to the API team, either by submitting an
issue in its issue tracker https://cloud.google.com/support/docs/issue-trackers, or by
submitting an issue in its linked tracker in the .repo-metadata.json
file in the API under packages/* ([example](https://github.com/googleapis/gax-nodejs/issues/))

Example of library specific issues would be: retry strategies, authentication questions, or issues with typings.
Examples of API issues would include: expanding method parameter types, adding functionality to an API.
validations:
required: true
- type: textarea
attributes:
label: >
What would you like to see in the library?
description: >
Screenshots can be provided in the issue body below.
placeholder: |
1. Set up authentication like so
2. Run the program like so
3. X would be nice to happen

- type: textarea
attributes:
label: Describe alternatives you've considered

- type: textarea
attributes:
label: Additional context/notes
4 changes: 4 additions & 0 deletions .github/ISSUE_TEMPLATE/processs_request.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
name: Process Request
about: Submit a process request to the library. Process requests are any requests related to library infrastructure, for example CI/CD, publishing, releasing, broken links.
---
8 changes: 8 additions & 0 deletions .github/ISSUE_TEMPLATE/questions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
name: Question
about: If you have a question, please use Discussions

---

If you have a general question that goes beyond the library itself, we encourage you to use [Discussions](https://github.com//discussions)
to engage with fellow community members!
4 changes: 1 addition & 3 deletions .github/auto-approve.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,2 @@
processes:
- "NodeDependency"
- "OwlBotTemplateChangesNode"
- "OwlBotPRsNode"
- "NodeDependency"
56 changes: 56 additions & 0 deletions .github/scripts/close-invalid-link.cjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

async function closeIssue(github, owner, repo, number) {
await github.rest.issues.createComment({
owner: owner,
repo: repo,
issue_number: number,
body: 'Issue was opened with an invalid reproduction link. Please make sure the repository is a valid, publicly-accessible github repository, and make sure the url is complete (example: https://github.com/googleapis/google-cloud-node)'
});
await github.rest.issues.update({
owner: owner,
repo: repo,
issue_number: number,
state: 'closed'
});
}
module.exports = async ({github, context}) => {
const owner = context.repo.owner;
const repo = context.repo.repo;
const number = context.issue.number;

const issue = await github.rest.issues.get({
owner: owner,
repo: repo,
issue_number: number,
});

const isBugTemplate = issue.data.body.includes('Link to the code that reproduces this issue');

if (isBugTemplate) {
console.log(`Issue ${number} is a bug template`)
try {
const link = issue.data.body.split('\n')[18].match(/(https?:\/\/(gist\.)?github.com\/.*)/)[0];
console.log(`Issue ${number} contains this link: ${link}`)
const isValidLink = (await fetch(link)).ok;
console.log(`Issue ${number} has a ${isValidLink ? 'valid' : 'invalid'} link`)
if (!isValidLink) {
await closeIssue(github, owner, repo, number);
}
} catch (err) {
await closeIssue(github, owner, repo, number);
}
}
};
69 changes: 69 additions & 0 deletions .github/scripts/close-unresponsive.cjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

function labeledEvent(data) {
return data.event === 'labeled' && data.label.name === 'needs more info';
}

const numberOfDaysLimit = 15;
const close_message = `This has been closed since a request for information has \
not been answered for ${numberOfDaysLimit} days. It can be reopened when the \
requested information is provided.`;

module.exports = async ({github, context}) => {
const owner = context.repo.owner;
const repo = context.repo.repo;

const issues = await github.rest.issues.listForRepo({
owner: owner,
repo: repo,
labels: 'needs more info',
});
const numbers = issues.data.map((e) => e.number);

for (const number of numbers) {
const events = await github.paginate(
github.rest.issues.listEventsForTimeline,
{
owner: owner,
repo: repo,
issue_number: number,
},
(response) => response.data.filter(labeledEvent)
);

const latest_response_label = events[events.length - 1];

const created_at = new Date(latest_response_label.created_at);
const now = new Date();
const diff = now - created_at;
const diffDays = diff / (1000 * 60 * 60 * 24);

if (diffDays > numberOfDaysLimit) {
await github.rest.issues.update({
owner: owner,
repo: repo,
issue_number: number,
state: 'closed',
});

await github.rest.issues.createComment({
owner: owner,
repo: repo,
issue_number: number,
body: close_message,
});
}
}
};
Loading
Loading