constellation/dev-docs/workflows/bump-go-version.md

# Bump Go version

`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

## Steps

Replace `"1.xx.x"` with the new version in [MODULE.bazel](/MODULE.bazel):

```starlark
go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk")
go_sdk.download(
    name = "go_sdk",
    patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],
    version = "1.xx.x", <--- Replace this one
              ~~~~~~~~
)

```

Replace `go-version: "1.xx.x"` with the new version in all GitHub actions/workflows, our go.mod files and Containerfiles.
You can use the following command to find replace all instances of `go-version: "1.xx.x"` in the `.github` directory:

```bash
OLD_VERSION="1.xx.x"
NEW_VERSION="1.xx.y"
find .github -type f -exec sed -i "s/go-version: \"${OLD_VERSION}\"/go-version: \"${NEW_VERSION}\"/g" {} \;
sed -i "s/go ${OLD_VERSION}/go ${NEW_VERSION}/g" go.mod
sed -i "s/go ${OLD_VERSION}/go ${NEW_VERSION}/g" hack/tools/go.mod
sed -i "s/${OLD_VERSION}/${NEW_VERSION}/g" go.work
sed -i "s/GO_VER=${OLD_VERSION}/GO_VER=${NEW_VERSION}/g" 3rdparty/gcp-guest-agent/Dockerfile
```

Or manually:

```yaml
- name: Setup Go environment
  uses: actions/setup-go@v5
  with:
  go-version: "1.xx.x" <--- Replace this one
              ~~~~~~~~
```
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 20:17:14 +01:00			`# Bump Go version`
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 11:34:31 +02:00
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 20:17:14 +01:00			`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

			`## Steps`

deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 10:27:39 +02:00			Replace `"1.xx.x"` with the new version in [MODULE.bazel](/MODULE.bazel):
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 20:17:14 +01:00
bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 11:52:22 +01:00			```starlark
dev-docs: document new location of Go toolchain version 2024-05-22 10:49:00 +02:00			`go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk")`
			`go_sdk.download(`
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 11:34:31 +02:00			`name = "go_sdk",`
			`patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],`
			`version = "1.xx.x", <--- Replace this one`
			`~~~~~~~~`
			`)`

bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 11:52:22 +01:00			```
deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 10:27:39 +02:00
dependencies: bump Go to v1.23.5 (#3599) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2025-01-20 11:53:55 +01:00			Replace `go-version: "1.xx.x"` with the new version in all GitHub actions/workflows, our go.mod files and Containerfiles.
deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 10:27:39 +02:00			You can use the following command to find replace all instances of `go-version: "1.xx.x"` in the `.github` directory:

			```bash
			`OLD_VERSION="1.xx.x"`
			`NEW_VERSION="1.xx.y"`
			`find .github -type f -exec sed -i "s/go-version: \"${OLD_VERSION}\"/go-version: \"${NEW_VERSION}\"/g" {} \;`
deps: bump Go version to v1.22.5 (#3225) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-07-03 09:49:37 +02:00			`sed -i "s/go ${OLD_VERSION}/go ${NEW_VERSION}/g" go.mod`
dependencies: bump Go to v1.23.5 (#3599) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2025-01-20 11:53:55 +01:00			`sed -i "s/go ${OLD_VERSION}/go ${NEW_VERSION}/g" hack/tools/go.mod`
deps: bump Go version to v1.22.5 (#3225) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-07-03 09:49:37 +02:00			`sed -i "s/${OLD_VERSION}/${NEW_VERSION}/g" go.work`
dependencies: bump Go to v1.23.5 (#3599) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2025-01-20 11:53:55 +01:00			`sed -i "s/GO_VER=${OLD_VERSION}/GO_VER=${NEW_VERSION}/g" 3rdparty/gcp-guest-agent/Dockerfile`
deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 10:27:39 +02:00			```

			`Or manually:`

			```yaml
			`- name: Setup Go environment`
			`uses: actions/setup-go@v5`
			`with:`
			`go-version: "1.xx.x" <--- Replace this one`
			`~~~~~~~~`
			```