constellation/dev-docs/workflows/bump-go-version.md

# Bump Go version

`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

## Steps

Replace `"1.xx.x"` with the new version in [MODULE.bazel](/MODULE.bazel):

```starlark
go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk")
go_sdk.download(
    name = "go_sdk",
    patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],
    version = "1.xx.x", <--- Replace this one
              ~~~~~~~~
)

```

Replace `go-version: "1.xx.x"` with the new version in all GitHub actions and workflows.
You can use the following command to find replace all instances of `go-version: "1.xx.x"` in the `.github` directory:

```bash
OLD_VERSION="1.xx.x"
NEW_VERSION="1.xx.y"
find .github -type f -exec sed -i "s/go-version: \"${OLD_VERSION}\"/go-version: \"${NEW_VERSION}\"/g" {} \;
```

Or manually:

```yaml
- name: Setup Go environment
  uses: actions/setup-go@v5
  with:
  go-version: "1.xx.x" <--- Replace this one
              ~~~~~~~~
```
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00			`# Bump Go version`
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 05:34:31 -04:00
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00			`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

			`## Steps`

deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 04:27:39 -04:00			Replace `"1.xx.x"` with the new version in [MODULE.bazel](/MODULE.bazel):
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00
bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 05:52:22 -05:00			```starlark
dev-docs: document new location of Go toolchain version 2024-05-22 04:49:00 -04:00			`go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk")`
			`go_sdk.download(`
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 05:34:31 -04:00			`name = "go_sdk",`
			`patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],`
			`version = "1.xx.x", <--- Replace this one`
			`~~~~~~~~`
			`)`

bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 05:52:22 -05:00			```
deps: bump Go version to v1.22.4 (#3146) Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-06-05 04:27:39 -04:00
			Replace `go-version: "1.xx.x"` with the new version in all GitHub actions and workflows.
			You can use the following command to find replace all instances of `go-version: "1.xx.x"` in the `.github` directory:

			```bash
			`OLD_VERSION="1.xx.x"`
			`NEW_VERSION="1.xx.y"`
			`find .github -type f -exec sed -i "s/go-version: \"${OLD_VERSION}\"/go-version: \"${NEW_VERSION}\"/g" {} \;`
			```

			`Or manually:`

			```yaml
			`- name: Setup Go environment`
			`uses: actions/setup-go@v5`
			`with:`
			`go-version: "1.xx.x" <--- Replace this one`
			`~~~~~~~~`
			```