diff --git a/.github/workflows/fossa-license-scanning.yml b/.github/workflows/fossa-license-scanning.yml new file mode 100644 index 000000000..e291514cb --- /dev/null +++ b/.github/workflows/fossa-license-scanning.yml @@ -0,0 +1,25 @@ +name: FOSSA License Scanning + +on: + push: + branches: + - main + pull_request: + +jobs: + fossa-scan: + if: github.repository_owner == 'kubeflow' # FOSSA is not intended to run on forks. + runs-on: ubuntu-latest + env: + # push-only token, intentional; see https://github.com/fossa-contrib/fossa-action?tab=readme-ov-file#push-only-api-token + # this also how other CNCF projects are doing e.g. https://github.com/cncf/foundation/issues/109 + FOSSA_API_KEY: 80871bdd477c2c97f65e9822cae99d20 # This is a push-only token that is safe to be exposed. + steps: + - name: Checkout tree + uses: actions/checkout@v4 + + - name: Run FOSSA scan and upload build data + uses: fossas/fossa-action@v1.4.0 + with: + api-key: ${{ env.FOSSA_API_KEY }} + project: "github.com/kubeflow/model-registry" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 94bcbc8fb..d16b26fe0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -28,11 +28,6 @@ The make command shipped with Mac OSX (at the time of writing) is a bit old: ``` % make --version GNU Make 3.81 -Copyright (C) 2006 Free Software Foundation, Inc. -This is free software; see the source for copying conditions. -There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A -PARTICULAR PURPOSE. - This program built for i386-apple-darwin11.3.0 ``` diff --git a/go.mod b/go.mod index ca416fe37..245465be9 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( github.com/containerd/log v0.1.0 // indirect github.com/cpuguy83/dockercfg v0.3.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/docker/docker v27.2.1+incompatible + github.com/docker/docker v27.2.1+incompatible // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect diff --git a/internal/testutils/test_container_utils.go b/internal/testutils/test_container_utils.go index 0a1c21c3d..bfa6307d8 100644 --- a/internal/testutils/test_container_utils.go +++ b/internal/testutils/test_container_utils.go @@ -10,7 +10,6 @@ import ( "os/exec" "testing" - "github.com/docker/docker/api/types/container" "github.com/kubeflow/model-registry/internal/ml_metadata/proto" testcontainers "github.com/testcontainers/testcontainers-go" "github.com/testcontainers/testcontainers-go/wait" @@ -86,8 +85,13 @@ func SetupMLMetadataTestContainer(t *testing.T) (*grpc.ClientConn, proto.Metadat Env: map[string]string{ "METADATA_STORE_SERVER_CONFIG_FILE": "/tmp/shared/conn_config.pb", }, - HostConfigModifier: func(hc *container.HostConfig) { - hc.Binds = []string{wd + ":/tmp/shared"} + Mounts: testcontainers.ContainerMounts{ + testcontainers.ContainerMount{ + Source: testcontainers.GenericBindMountSource{ // nolint keep deprecated method to avoid depending directly to docker api exposed by testcontainers' HostConfigModifier + HostPath: wd, + }, + Target: "/tmp/shared", + }, }, WaitingFor: wait.ForLog("Server listening on"), }