Correct and update workflows so we can enable Actions (#171)

The existing workflows are out of date and insecure.
This change updates the relevant workflows to the
current state of the repository, corrects some issues,
and disables workflows that will be handled through
other means.

.github/workflows/codeql-analysis.yml

@@ -38,17 +38,17 @@ jobs:
 
     steps:
     - name: Set up Go 1.x
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
       with:
-        go-version: ^1.19
+        go-version: '1.23'
       id: go
 
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -63,4 +63,4 @@ jobs:
         make all
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v3

.github/workflows/codespell.yml

@@ -8,9 +8,9 @@ jobs:
     name: Check for spelling errors
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - uses: codespell-project/actions-codespell@master
         with:
           check_filenames: true
           skip: ./.git,./.github/workflows/codespell.yml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum
-          ignore_words_list: "AKS,aks,ro"
+          ignore_words_list: "AKS,aks,ro,NotIn"

.github/workflows/darwin.yaml

@@ -1,14 +1,14 @@
 name: MacOS Build & Unit Test
 
 # Controls when the workflow will run
-on:
+#on:
   # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+  #push:
+    #branches: [ main ]
+  #pull_request:
+    #branches: [ main ]
   # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
+  #workflow_dispatch:
 
 jobs:
   build:
@@ -18,7 +18,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v2
         with:
-          go-version: ^1.19
+          go-version: '1.23'
         id: go
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2

.github/workflows/external_e2e.yaml

@@ -1,36 +1,36 @@
----
-name: External E2E Test
+#---
+#name: External E2E Test
 
-on:
-  workflow_dispatch:
+#on:
+  #workflow_dispatch:
 
-jobs:
-  Run-external-e2e-test:
-    name: Run External E2E Test
-    runs-on: ubuntu-latest
-    container: ubuntu:18.04
-    steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v2
-        with:
-          go-version: ^1.19
-        id: go
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-      - name: Install CA and curl
-        run: |
-          apt update -y
-          apt install -y --no-install-recommends curl ca-certificates
-          update-ca-certificates
-      - name: Install ginkgo
-        run: go install github.com/onsi/ginkgo/v2/ginkgo@latest
-      - name: Set up kubectl
-        run: |
-          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/\
-            release/stable.txt)/bin/linux/amd64/kubectl" -o kubectl
-          chmod +x kubectl
-          cp ./kubectl /usr/bin/
-          mkdir ~/.kube
-          echo ${{ secrets.KUBE_CONFIG }} | base64 > ~/.kube/config
-      - name: Run External E2E Test
-        run: test/external-e2e/run.sh
+#jobs:
+  #Run-external-e2e-test:
+    #name: Run External E2E Test
+    #runs-on: ubuntu-latest
+    #container: ubuntu:18.04
+    #steps:
+      #- name: Set up Go 1.x
+        ##uses: actions/setup-go@v2
+        #with:
+          #go-version: '1.23'
+        #id: go
+      #- name: Check out code into the Go module directory
+        #uses: actions/checkout@v2
+      #- name: Install CA and curl
+        #run: |
+          #apt update -y
+          #apt install -y --no-install-recommends curl ca-certificates
+          #update-ca-certificates
+      #- name: Install ginkgo
+        #run: go install github.com/onsi/ginkgo/v2/ginkgo@latest
+      #- name: Set up kubectl
+        #run: |
+          #curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/\
+            #release/stable.txt)/bin/linux/amd64/kubectl" -o kubectl
+          #chmod +x kubectl
+          #cp ./kubectl /usr/bin/
+          #mkdir ~/.kube
+          #echo ${{ secrets.KUBE_CONFIG }} | base64 > ~/.kube/config
+      #- name: Run External E2E Test
+        #run: test/external-e2e/run.sh

.github/workflows/integration_test_aks.yaml

@@ -1,52 +1,52 @@
----
-name: Integration Test on AKS
+#---
+#name: Integration Test on AKS
 
-on:
+#on:
   # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [main]
-  pull_request_target:
-    branches: [main]
-    types: [labeled]
+  #push:
+    #branches: [main]
+  #pull_request:
+    #branches: [main]
+    #types: [labeled]
   # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
+  #workflow_dispatch:
 
-jobs:
-  Run-Integration-Test-on-AKS:
-    if: contains(github.event.pull_request.labels.*.name, 'safe to test')
-    name: Run Integration Test on AKS
-    runs-on: ubuntu-latest
-    steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v2
-        with:
-          go-version: ^1.19
-        id: go
-      - name: Check out code
-        uses: actions/checkout@v2
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-      - name: Build Code
-        run: |
-          make azurelustre
-          cp ./_output/azurelustreplugin ./test/integration_aks/image/
-      - name: Docker login
-        uses: docker/login-action@v1
-        with:
-          registry: ${{ secrets.TEST_ACR_URI }}
-          username: ${{ secrets.TEST_ACR_USERNAME }}
-          password: ${{ secrets.TEST_ACR_PASSWORD }}
-      - name: Build and push integration test container
-        uses: docker/build-push-action@v2
-        with:
-          context: ./test/integration_aks/image
-          push: true
-          tags: ${{ secrets.TEST_ACR_URI }}/azurelustre-csi-integration-test:latest
-      - name: Run integration test
-        run: |
-          ./hack/verify-integration-test-aks.sh
-        env:
-          kube_config: ${{ secrets.KUBE_CONFIG }}
-          test_acr_uri: ${{ secrets.TEST_ACR_URI }}
-          lustre_fs_name: ${{ secrets.LUSTRE_FS_NAME }}
-          lustre_fs_ip: ${{ secrets.LUSTRE_FS_IP }}
+#jobs:
+  #Run-Integration-Test-on-AKS:
+    #if: contains(github.event.pull_request.labels.*.name, 'safe to test')
+    #name: Run Integration Test on AKS
+    #runs-on: ubuntu-latest
+    #steps:
+      #- name: Set up Go 1.x
+        #uses: actions/setup-go@v2
+        #with:
+          #go-version: '1.23'
+        #id: go
+      #- name: Check out code
+        #uses: actions/checkout@v2
+        #with:
+          #ref: ${{ github.event.pull_request.head.sha }}
+      #- name: Build Code
+        #run: |
+          #make azurelustre
+          #cp ./_output/azurelustreplugin ./test/integration_aks/image/
+      #- name: Docker login
+        #uses: docker/login-action@v1
+        #with:
+          #registry: ${{ secrets.TEST_ACR_URI }}
+          #username: ${{ secrets.TEST_ACR_USERNAME }}
+          #password: ${{ secrets.TEST_ACR_PASSWORD }}
+      #- name: Build and push integration test container
+        #uses: docker/build-push-action@v2
+        #with:
+          #context: ./test/integration_aks/image
+          #push: true
+          #tags: ${{ secrets.TEST_ACR_URI }}/azurelustre-csi-integration-test:latest
+      #- name: Run integration test
+        #run: |
+          #./hack/verify-integration-test-aks.sh
+        #env:
+          #kube_config: ${{ secrets.KUBE_CONFIG }}
+          #test_acr_uri: ${{ secrets.TEST_ACR_URI }}
+          #lustre_fs_name: ${{ secrets.LUSTRE_FS_NAME }}
+          #lustre_fs_ip: ${{ secrets.LUSTRE_FS_IP }}

.github/workflows/linux.yaml

@@ -2,11 +2,8 @@ name: Linux Tests
 
 # Controls when the workflow will run
 on:
-  # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+    pull_request: {}
+    push: {}
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
@@ -16,16 +13,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Set up Go 1.x
-      uses: actions/setup-go@v3
+      uses: actions/setup-go@v5
       with:
-        go-version: ^1.19
+        go-version: '1.23'
       id: go
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: Run unit test
       run: |
+
         export PATH=$PATH:$HOME/.local/bin
         sudo apt-get update
         make verify
@@ -42,7 +40,7 @@ jobs:
 
     - name: Get code coverage
       env:
-          COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       run: |
         GO111MODULE=off go get github.com/mattn/goveralls
         $(go env GOPATH)/bin/goveralls -coverprofile=profile.cov -service=github

.github/workflows/sanity_test_local.yaml

@@ -2,11 +2,8 @@ name: Sanity Test Local
 
 # Controls when the workflow will run
 on:
-  # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+  push: {}
+  pull_request: {}
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
@@ -16,11 +13,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Set up Go 1.x
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
       with:
-        go-version: ^1.19
+        go-version: '1.23'
       id: go
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Run Sanity Test
       run: make sanity-test-local

.github/workflows/static.yaml

@@ -2,26 +2,23 @@ name: Static Checks
 
 # Controls when the workflow will run
 on:
-  # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+  pull_request: {}
+  push: {}
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
 jobs:
     go_lint:
         name: Go Lint
-        runs-on: ubuntu-18.04
+        runs-on: ubuntu-latest
         steps:
-            - uses: actions/setup-go@v3
+            - uses: actions/setup-go@v5
               with:
-                go-version: 1.19
+                go-version: '1.23'
             - name: Checkout code
               uses: actions/checkout@master
             - name: Run linter
-              uses: golangci/golangci-lint-action@v3
+              uses: golangci/golangci-lint-action@v6
               with:
                   working-directory: pkg
                   args: -E=gofmt --timeout=30m0s

.github/workflows/trivy.yaml

@@ -13,14 +13,14 @@ on:
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/setup-go@v3
         with:
-          go-version: 1.19
+          go-version: '1.23'
 
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Build an image from Dockerfile
         run: |

.github/workflows/windows.yaml

@@ -1,14 +1,14 @@
 name: Windows Tests
 
 # Controls when the workflow will run
-on:
+#on:
   # Triggers the workflow on push or pull request events but only for the main branch
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+  #push:
+    #branches: [ main ]
+  #pull_request:
+    #branches: [ main ]
   # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
+  #workflow_dispatch:
 
 jobs:
   build:

go.mod

@@ -1,6 +1,6 @@
 module sigs.k8s.io/azurelustre-csi-driver
 
-go 1.19
+go 1.23
 
 require (
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1