From 2db522bc7a9637f0d9bb1de4206a0b96192c103c Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:40:13 +0300 Subject: [PATCH 01/10] cleanup: remove unused files and fix LICENSE Remove goreleaser, Dockerfiles, CI workflows (release, secrets), community boilerplate (COC, CONTRIBUTING, CODEOWNERS, issue/PR templates, SECURITY), dependabot (replaced by Renovate), and demo.svg. Trim accidental choosealicense.com UI text from LICENSE. --- .github/CODEOWNERS | 23 ------ .github/CODE_OF_CONDUCT.md | 76 ------------------- .github/CONTRIBUTING.md | 13 ---- .github/ISSUE_TEMPLATE/bug_report.md | 58 --------------- .github/ISSUE_TEMPLATE/feature_request.md | 38 ---------- .github/LICENSE | 14 ---- .github/PULL_REQUEST_TEMPLATE.md | 4 - .github/SECURITY.md | 1 - .github/dependabot.yml | 16 ---- .github/workflows/release.yml | 54 -------------- .github/workflows/secrets.yml | 17 ----- .goreleaser.yml | 90 ----------------------- Dockerfile | 16 ---- Dockerfile.goreleaser | 8 -- demo.svg | 77 ------------------- 15 files changed, 505 deletions(-) delete mode 100644 .github/CODEOWNERS delete mode 100644 .github/CODE_OF_CONDUCT.md delete mode 100644 .github/CONTRIBUTING.md delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md delete mode 100644 .github/SECURITY.md delete mode 100644 .github/dependabot.yml delete mode 100644 .github/workflows/release.yml delete mode 100644 .github/workflows/secrets.yml delete mode 100644 .goreleaser.yml delete mode 100644 Dockerfile delete mode 100644 Dockerfile.goreleaser delete mode 100644 demo.svg diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index 5af24cc..0000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,23 +0,0 @@ -# catch-all -* @trufflesecurity/product-eng - -# teams -pkg/sources/ @trufflesecurity/backend -pkg/detectors/ @trufflesecurity/detection - -# critical detectors -pkg/detectors/aws/ @trufflesecurity/backend -pkg/detectors/gcp/ @trufflesecurity/backend -pkg/detectors/azure/ @trufflesecurity/backend -pkg/detectors/okta/ @trufflesecurity/backend -pkg/detectors/privatekey/ @trufflesecurity/backend -pkg/detectors/slack/ @trufflesecurity/backend -pkg/detectors/slackwebhook/ @trufflesecurity/backend -pkg/detectors/microsoftteamswebhook/ @trufflesecurity/backend -pkg/detectors/twilio/ @trufflesecurity/backend -pkg/detectors/sendgrid/ @trufflesecurity/backend -pkg/detectors/gitlab/ @trufflesecurity/backend -pkg/detectors/gitlabv2/ @trufflesecurity/backend -pkg/detectors/github/ @trufflesecurity/backend -pkg/detectors/github_old/ @trufflesecurity/backend -pkg/detectors/githubapp/ @trufflesecurity/backend diff --git a/.github/CODE_OF_CONDUCT.md b/.github/CODE_OF_CONDUCT.md deleted file mode 100644 index 2a603b1..0000000 --- a/.github/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,76 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, sex characteristics, gender identity and expression, -level of experience, education, socio-economic status, nationality, personal -appearance, race, religion, or sexual identity and orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or - advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at community@trufflesec.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html - -[homepage]: https://www.contributor-covenant.org - -For answers to common questions about this code of conduct, see -https://www.contributor-covenant.org/faq diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md deleted file mode 100644 index 06c7855..0000000 --- a/.github/CONTRIBUTING.md +++ /dev/null @@ -1,13 +0,0 @@ -# Contribution guidelines - -Please create an issue to collect feedback prior to feature additions. If possible try to keep PRs scoped to one feature, and add tests for new features. - -When showing interest in a bug, enhancement, PR, or issue, please use the thumbs up/thumbs down emoji on the original message rather than adding comments expressing the same. - -Contributors need to [sign our CLA](https://cla-assistant.io/trufflesecurity/trufflehog) before we are able to accept contributions. - -# Resources - -## Adding new secret detectors - -We have published some [documentation and tooling to get started on adding new secret detectors](hack/docs/Adding_Detectors_external.md). Let's improve detection together! \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 4e54872..0000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,58 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: "" -labels: bug, needs triage -assignees: trufflesecurity/product-eng ---- - -### Community Note - -* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request -* Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request -* If you are interested in working on this issue or have submitted a pull request, please leave a comment - -### TruffleHog Version - - -### Trace Output - - - -### Expected Behavior - - - -### Actual Behavior - - - -### Steps to Reproduce - - - 1. Go to '...' - 2. Click on '....' - 3. Scroll down to '....' - 4. See error - -## Environment - * OS: [e.g. iOS] - * Version [e.g. 22] - -## Additional Context - - -### References - - - -* #0000 - diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index ee1224f..0000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: "" -labels: enhancement, needs triage -assignees: trufflesecurity/product-eng ---- - -### Community Note - -* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request -* Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request -* If you are interested in working on this issue or have submitted a pull request, please leave a comment - -### Description - - - -## Problem to be Addressed - - -## Description of the Preferred Solution - - -## Additional Context - - -### References - - - -* #0000 diff --git a/.github/LICENSE b/.github/LICENSE index d2bc34f..eeb411b 100644 --- a/.github/LICENSE +++ b/.github/LICENSE @@ -659,17 +659,3 @@ specific requirements. if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU AGPL, see . -Copy license text to clipboard -Suggest this license -Make a pull request to suggest this license for a project that is not licensed. Please be polite: see if a license has already been suggested, try to suggest a license fitting for the project’s community, and keep your communication with project maintainers friendly. - -Enter GitHub repository URL -How to apply this license -Create a text file (typically named LICENSE or LICENSE.txt) in the root of your source code and copy the text of the license into the file. - -Optional steps -The Free Software Foundation recommends taking the additional step of adding a boilerplate notice to the top of each file. The boilerplate can be found at the end of the license. - -Add AGPL-3.0-or-later (or AGPL-3.0-only to disallow future versions) to your project’s package description, if applicable (e.g., Node.js, Ruby, and Rust). This will ensure the license is displayed in package directories. - - Source diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index d878651..0000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,4 +0,0 @@ - diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index f6ae871..0000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1 +0,0 @@ -Please report any security issues to security@trufflesec.com and include `trufflehog` in the subject \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 34d7642..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,16 +0,0 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - -version: 2 -updates: - - package-ecosystem: "gomod" # See documentation for possible values - directory: "/" # Location of package manifests - schedule: - interval: "weekly" - - package-ecosystem: "github-actions" - directory: "/" - schedule: - # Check for updates to GitHub Actions every weekday - interval: "weekly" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index be30ae0..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,54 +0,0 @@ -name: Release - -# on: -# push: -# tags: -# - 'v*' - -on: - push: - tags: - - v* - branches: - - main - -permissions: - contents: write - packages: write - -jobs: - Release: - runs-on: ubuntu-latest - env: - DOCKER_CLI_EXPERIMENTAL: "enabled" - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Docker Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Docker Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '1.24' - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v6 - with: - distribution: goreleaser - version: latest - args: release --rm-dist - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - HOMEBREW_TAP_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }} diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml deleted file mode 100644 index 7eee6ea..0000000 --- a/.github/workflows/secrets.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Leaked Secrets Scan -on: [pull_request] -jobs: - TruffleHog: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: TruffleHog OSS - uses: trufflesecurity/trufflehog@main - with: - path: ./ - base: ${{ github.event.repository.default_branch }} - head: HEAD - extra_args: --debug --only-verified diff --git a/.goreleaser.yml b/.goreleaser.yml deleted file mode 100644 index 28ccdcf..0000000 --- a/.goreleaser.yml +++ /dev/null @@ -1,90 +0,0 @@ -builds: - - binary: cloudsql-exporter - ldflags: - - -X 'github.com/trufflesecurity/cloudsql-exporter/pkg/version.BuildVersion={{ .Version }}' - env: [CGO_ENABLED=0] - goos: - - linux - - windows - - darwin - goarch: - - amd64 - - arm64 -dockers: - - image_templates: ["trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64"] - dockerfile: Dockerfile.goreleaser - use: buildx - build_flag_templates: - - --platform=linux/amd64 - - --label=org.opencontainers.image.title={{ .ProjectName }} - - --label=org.opencontainers.image.description={{ .ProjectName }} - - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.version={{ .Version }} - - --label=org.opencontainers.image.revision={{ .FullCommit }} - - --label=org.opencontainers.image.licenses=AGPL-3.0 - - image_templates: ["trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8"] - goarch: arm64 - dockerfile: Dockerfile.goreleaser - use: buildx - build_flag_templates: - - --platform=linux/arm64/v8 - - --label=org.opencontainers.image.title={{ .ProjectName }} - - --label=org.opencontainers.image.description={{ .ProjectName }} - - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.version={{ .Version }} - - --label=org.opencontainers.image.revision={{ .FullCommit }} - - --label=org.opencontainers.image.licenses=AGPL-3.0 - - image_templates: ["ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64"] - dockerfile: Dockerfile.goreleaser - use: buildx - build_flag_templates: - - --platform=linux/amd64 - - --label=org.opencontainers.image.title={{ .ProjectName }} - - --label=org.opencontainers.image.description={{ .ProjectName }} - - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.version={{ .Version }} - - --label=org.opencontainers.image.revision={{ .FullCommit }} - - --label=org.opencontainers.image.licenses=AGPL-3.0 - - image_templates: ["ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8"] - goarch: arm64 - dockerfile: Dockerfile.goreleaser - use: buildx - build_flag_templates: - - --platform=linux/arm64/v8 - - --label=org.opencontainers.image.title={{ .ProjectName }} - - --label=org.opencontainers.image.description={{ .ProjectName }} - - --label=org.opencontainers.image.url=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.source=https://github.com/trufflesecurity/{{ .ProjectName }} - - --label=org.opencontainers.image.version={{ .Version }} - - --label=org.opencontainers.image.revision={{ .FullCommit }} - - --label=org.opencontainers.image.licenses=AGPL-3.0 -docker_manifests: - - name_template: trufflesecurity/{{ .ProjectName }}:{{ .Version }} - image_templates: - - trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64 - - trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8 - - name_template: trufflesecurity/{{ .ProjectName }}:latest - image_templates: - - trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64 - - trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8 - - name_template: ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }} - image_templates: - - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64 - - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8 - - name_template: ghcr.io/trufflesecurity/{{ .ProjectName }}:latest - image_templates: - - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-amd64 - - ghcr.io/trufflesecurity/{{ .ProjectName }}:{{ .Version }}-arm64v8 -brews: - - tap: - owner: trufflesecurity - name: homebrew-cloudsql-exporter - token: "{{ .Env.HOMEBREW_TAP_TOKEN }}" - description: "Find credentials all over the place" - name: "cloudsql-exporter" - homepage: "https://github.com/trufflesecurity/cloudsql-exporter" - install: | - bin.install "cloudsql-exporter" diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index ea12f5a..0000000 --- a/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM --platform=${BUILDPLATFORM} golang:bullseye as builder - -WORKDIR /build -COPY . . -ENV CGO_ENABLED=0 -ARG TARGETOS TARGETARCH -RUN --mount=type=cache,target=/go/pkg/mod \ - --mount=type=cache,target=/root/.cache/go-build \ - GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o cloudsql-exporter . - -FROM alpine:3.22 -RUN apk add --no-cache git ca-certificates \ - && rm -rf /var/cache/apk/* && \ - update-ca-certificates -COPY --from=builder /build/cloudsql-exporter /usr/bin/cloudsql-exporter -ENTRYPOINT ["/usr/bin/cloudsql-exporter"] diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser deleted file mode 100644 index 8dc5835..0000000 --- a/Dockerfile.goreleaser +++ /dev/null @@ -1,8 +0,0 @@ -FROM alpine:3.22 - -RUN apk add --no-cache git ca-certificates \ - && rm -rf /var/cache/apk/* && \ - update-ca-certificates -WORKDIR /usr/bin/ -COPY cloudsql-exporter . -ENTRYPOINT ["/usr/bin/cloudsql-exporter"] diff --git a/demo.svg b/demo.svg deleted file mode 100644 index b2b2621..0000000 --- a/demo.svg +++ /dev/null @@ -1,77 +0,0 @@ - - - - - - - - - - - cloudsql-exporter git:(main) cloudsql-exporter git:(main) cloudsql-exporter --bucket thog-prod-cloudsql-backups --project public-event-monitoring-prod --ensure-iam-bindings cloudsql-exporter git:(main) cloudsql-exporter --bucket thog-prod-cloudsql-backups --project public-event-monitoring-prod --ensure-iam-bindings 2022/09/12 04:27:17 Enumerating Cloud SQL instances in project public-event-monitoring-prod2022/09/12 04:27:18 Found instance public-event-monitoring2022/09/12 04:27:18 Found database postgres for instance public-event-monitoring2022/09/12 04:27:18 Exporting backup for instance public-event-monitoring2022/09/12 04:27:19 Ensuring role roles/storage.objectCreator to bucket thog-prod-cloudsql-backups for service account p1033154858811-piv4tn@gcp-sa-cloud-sql.iam.gserviceaccount.com used by instance public-event-monitoring2022/09/12 04:27:19 Role roles/storage.objectCreator already exists for service account p1033154858811-piv4tn@gcp-sa-cloud-sql.iam.gserviceaccount.com2022/09/12 04:27:19 Ensuring role roles/storage.objectViewer to bucket thog-prod-cloudsql-backups for service account p1033154858811-piv4tn@gcp-sa-cloud-sql.iam.gserviceaccount.com used by instance public-event-monitoring2022/09/12 04:27:19 Role roles/storage.objectViewer already exists for service account p1033154858811-piv4tn@gcp-sa-cloud-sql.iam.gserviceaccount.com2022/09/12 04:27:19 Exporting database postgres for instance public-event-monitoring2022/09/12 04:28:11 Backup completecloudsql-exporter git:(main) - \ No newline at end of file From e5ebbc483283db03fe683331797705ead99deb12 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:41:37 +0300 Subject: [PATCH 02/10] fix: handle missing role binding in AddRoleBindingToGCSBucket When the IAM policy had no existing binding for the requested role, the function silently fell through without adding the member. Now appends a new binding when the role is not found. Also fixes mutating a loop copy instead of the slice element directly. --- pkg/cloudsql/cloudsql.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkg/cloudsql/cloudsql.go b/pkg/cloudsql/cloudsql.go index 19538d5..34910bb 100644 --- a/pkg/cloudsql/cloudsql.go +++ b/pkg/cloudsql/cloudsql.go @@ -73,6 +73,7 @@ func AddRoleBindingToGCSBucket(ctx context.Context, storageSvc *storage.Service, return err } + found := false for i, binding := range policy.Bindings { if binding.Role == role { for _, member := range binding.Members { @@ -81,12 +82,19 @@ func AddRoleBindingToGCSBucket(ctx context.Context, storageSvc *storage.Service, return nil } } - binding.Members = append(binding.Members, svcAcctMember) - policy.Bindings[i] = binding + policy.Bindings[i].Members = append(policy.Bindings[i].Members, svcAcctMember) + found = true break } } + if !found { + policy.Bindings = append(policy.Bindings, &storage.PolicyBindings{ + Role: role, + Members: []string{svcAcctMember}, + }) + } + _, err = storageSvc.Buckets.SetIamPolicy(bucketName, policy).Do() if err != nil { return err From 068e59ef6648054811015520c581625245a407ce Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:42:43 +0300 Subject: [PATCH 03/10] fix: use timeout parameter in WaitForSQLOperation The timeout argument was accepted but never used. Now creates a derived context with the specified timeout so operations don't poll indefinitely. --- pkg/cloudsql/cloudsql.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pkg/cloudsql/cloudsql.go b/pkg/cloudsql/cloudsql.go index 34910bb..e37ea64 100644 --- a/pkg/cloudsql/cloudsql.go +++ b/pkg/cloudsql/cloudsql.go @@ -157,20 +157,23 @@ func WaitForSQLOperation(ctx context.Context, sqlAdminSvc *sqladmin.Service, tim return errors.New("got nil op") } + ctx, cancel := context.WithTimeout(ctx, timeout) + defer cancel() + + opName := op.Name for { select { case <-ctx.Done(): - return errors.New("timeout reached") + return fmt.Errorf("timeout waiting for operation %s: %w", opName, ctx.Err()) default: time.Sleep(time.Second * 10) - op, err := sqlAdminSvc.Operations.Get(gcpProject, op.Name).Do() + current, err := sqlAdminSvc.Operations.Get(gcpProject, opName).Do() if err != nil { return err } - if op.Status == "DONE" { + if current.Status == "DONE" { return nil } } } - } From d3a3f4af822010fb9166498aa82aa0d63d48c88e Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:43:18 +0300 Subject: [PATCH 04/10] fix: set version before parsing args so --version works --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index fab1434..2b1ac82 100644 --- a/main.go +++ b/main.go @@ -28,8 +28,8 @@ func main() { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kingpin.MustParse(app.Parse(os.Args[1:])) app.Version("cloudsql-exporter " + version.BuildVersion) + kingpin.MustParse(app.Parse(os.Args[1:])) sqlAdminSvc, err := sqladmin.NewService(ctx) if err != nil { From 337e672972939b85e921f7ad3cf23c2a1053bb11 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:45:11 +0300 Subject: [PATCH 05/10] fix: filter system databases for both MySQL and PostgreSQL Previously only skipped 'mysql'. Now also skips information_schema, performance_schema, sys (MySQL) and postgres, cloudsqladmin, template0, template1 (PostgreSQL). --- pkg/cloudsql/cloudsql.go | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/pkg/cloudsql/cloudsql.go b/pkg/cloudsql/cloudsql.go index e37ea64..385ce3c 100644 --- a/pkg/cloudsql/cloudsql.go +++ b/pkg/cloudsql/cloudsql.go @@ -112,9 +112,22 @@ func ListDatabasesForCloudSQLInstance(ctx context.Context, sqlAdminSvc *sqladmin return nil, err } + systemDatabases := map[string]bool{ + // MySQL + "mysql": true, + "information_schema": true, + "performance_schema": true, + "sys": true, + // PostgreSQL + "postgres": true, + "cloudsqladmin": true, + "template0": true, + "template1": true, + } + for _, database := range list.Items { - if database.Name == "mysql" { - log.Printf("Skipping database %s", database.Name) + if systemDatabases[database.Name] { + log.Printf("Skipping system database %s", database.Name) continue } log.Printf("Found database %s for instance %s", database.Name, instanceID) From a46ccd5829ed087e7fe853e093a6f702c0a75c00 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:49:42 +0300 Subject: [PATCH 06/10] cleanup: remove unused Databases.Items() method --- pkg/cloudsql/cloudsql.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pkg/cloudsql/cloudsql.go b/pkg/cloudsql/cloudsql.go index 385ce3c..72cfc79 100644 --- a/pkg/cloudsql/cloudsql.go +++ b/pkg/cloudsql/cloudsql.go @@ -14,10 +14,6 @@ import ( type InstanceID string type Databases []string -func (d Databases) Items() []string { - return d -} - type Instances map[InstanceID]Databases // EnumerateCloudSQLDatabaseInstances enumerates Cloud SQL database instances in the given project. From 0e0a92b0b47de441f7795f2e360694bc61c1a6dc Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:50:54 +0300 Subject: [PATCH 07/10] ci: restore least-privilege permissions in lint workflow --- .github/workflows/lint.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 15c2421..d9dbddc 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -7,6 +7,9 @@ on: - master pull_request: +permissions: + contents: read + jobs: golangci: name: golangci‑lint From 36e2e58b606d0e4cbf0a2e03dafd380a39e541b6 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:51:56 +0300 Subject: [PATCH 08/10] deps: bump google.golang.org/api to v0.276.0 Also updates all transitive dependencies and go directive to 1.25.0. --- go.mod | 41 ++++++++++++----------- go.sum | 104 ++++++++++++++++++++++++++++++--------------------------- 2 files changed, 75 insertions(+), 70 deletions(-) diff --git a/go.mod b/go.mod index 31e0e72..83a7234 100644 --- a/go.mod +++ b/go.mod @@ -1,36 +1,37 @@ module github.com/flashadmin/cloudsql-exporter -go 1.23.0 +go 1.25.0 require ( github.com/alecthomas/kingpin/v2 v2.4.0 - google.golang.org/api v0.237.0 + google.golang.org/api v0.276.0 ) require ( - cloud.google.com/go/auth v0.16.2 // indirect + cloud.google.com/go/auth v0.20.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect - cloud.google.com/go/compute/metadata v0.7.0 // indirect + cloud.google.com/go/compute/metadata v0.9.0 // indirect github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/logr v1.4.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/google/s2a-go v0.1.9 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect - github.com/googleapis/gax-go/v2 v2.14.2 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.14 // indirect + github.com/googleapis/gax-go/v2 v2.21.0 // indirect github.com/xhit/go-str2duration/v2 v2.1.0 // indirect - go.opentelemetry.io/auto/sdk v1.1.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect - go.opentelemetry.io/otel v1.36.0 // indirect - go.opentelemetry.io/otel/metric v1.36.0 // indirect - go.opentelemetry.io/otel/trace v1.36.0 // indirect - golang.org/x/crypto v0.39.0 // indirect - golang.org/x/net v0.41.0 // indirect - golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.33.0 // indirect - golang.org/x/text v0.26.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect - google.golang.org/grpc v1.73.0 // indirect - google.golang.org/protobuf v1.36.6 // indirect + go.opentelemetry.io/auto/sdk v1.2.1 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 // indirect + go.opentelemetry.io/otel v1.43.0 // indirect + go.opentelemetry.io/otel/metric v1.43.0 // indirect + go.opentelemetry.io/otel/trace v1.43.0 // indirect + golang.org/x/crypto v0.49.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/text v0.35.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect + google.golang.org/grpc v1.80.0 // indirect + google.golang.org/protobuf v1.36.11 // indirect ) diff --git a/go.sum b/go.sum index 276e983..d7f6fd4 100644 --- a/go.sum +++ b/go.sum @@ -1,21 +1,23 @@ -cloud.google.com/go/auth v0.16.2 h1:QvBAGFPLrDeoiNjyfVunhQ10HKNYuOwZ5noee0M5df4= -cloud.google.com/go/auth v0.16.2/go.mod h1:sRBas2Y1fB1vZTdurouM0AzuYQBMZinrUYL8EufhtEA= +cloud.google.com/go/auth v0.20.0 h1:kXTssoVb4azsVDoUiF8KvxAqrsQcQtB53DcSgta74CA= +cloud.google.com/go/auth v0.20.0/go.mod h1:942/yi/itH1SsmpyrbnTMDgGfdy2BUqIKyd0cyYLc5Q= cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc= cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c= -cloud.google.com/go/compute/metadata v0.7.0 h1:PBWF+iiAerVNe8UCHxdOt6eHLVc3ydFeOCw78U8ytSU= -cloud.google.com/go/compute/metadata v0.7.0/go.mod h1:j5MvL9PprKL39t166CoB1uVHfQMs4tFQZZcKwksXUjo= +cloud.google.com/go/compute/metadata v0.9.0 h1:pDUj4QMoPejqq20dK0Pg2N4yG9zIkYGdBtwLoEkH9Zs= +cloud.google.com/go/compute/metadata v0.9.0/go.mod h1:E0bWwX5wTnLPedCKqk3pJmVgCBSM6qQI1yTBdEb3C10= github.com/alecthomas/kingpin/v2 v2.4.0 h1:f48lwail6p8zpO1bC4TxtqACaGqHYA22qkHjHpqDjYY= github.com/alecthomas/kingpin/v2 v2.4.0/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE= github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 h1:ez/4by2iGztzR4L0zgAOR8lTQK9VlyBVVd7G4omaOQs= github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= -github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= @@ -26,56 +28,58 @@ github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4= -github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA= -github.com/googleapis/gax-go/v2 v2.14.2 h1:eBLnkZ9635krYIPD+ag1USrOAI0Nr0QYF3+/3GqO0k0= -github.com/googleapis/gax-go/v2 v2.14.2/go.mod h1:ON64QhlJkhVtSqp4v1uaK92VyZ2gmvDQsweuyLV+8+w= +github.com/googleapis/enterprise-certificate-proxy v0.3.14 h1:yh8ncqsbUY4shRD5dA6RlzjJaT4hi3kII+zYw8wmLb8= +github.com/googleapis/enterprise-certificate-proxy v0.3.14/go.mod h1:vqVt9yG9480NtzREnTlmGSBmFrA+bzb0yl0TxoBQXOg= +github.com/googleapis/gax-go/v2 v2.21.0 h1:h45NjjzEO3faG9Lg/cFrBh2PgegVVgzqKzuZl/wMbiI= +github.com/googleapis/gax-go/v2 v2.21.0/go.mod h1:But/NJU6TnZsrLai/xBAQLLz+Hc7fHZJt/hsCz3Fih4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= -go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= -go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q= -go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg= -go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E= -go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE= -go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs= -go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs= -go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY= -go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis= -go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4= -go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w= -go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA= -golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= -golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= -golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw= -golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= -golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8= -golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= -golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M= -golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA= -google.golang.org/api v0.237.0 h1:MP7XVsGZesOsx3Q8WVa4sUdbrsTvDSOERd3Vh4xj/wc= -google.golang.org/api v0.237.0/go.mod h1:cOVEm2TpdAGHL2z+UwyS+kmlGr3bVWQQ6sYEqkKje50= -google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRxSBsYDiSBN0cuJvM7QYW+MrpIRY78= -google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk= -google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2 h1:vPV0tzlsK6EzEDHNNH5sa7Hs9bd7iXR7B1tSiPepkV0= -google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:pKLAc5OolXC3ViWGI62vvC0n10CpwAtRcTNCFwTKBEw= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= -google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok= -google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= +go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 h1:OyrsyzuttWTSur2qN/Lm0m2a8yqyIjUVBZcxFPuXq2o= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0/go.mod h1:C2NGBr+kAB4bk3xtMXfZ94gqFDtg/GkI7e9zqGh5Beg= +go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I= +go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0= +go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM= +go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY= +go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg= +go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg= +go.opentelemetry.io/otel/sdk/metric v1.42.0 h1:D/1QR46Clz6ajyZ3G8SgNlTJKBdGp84q9RKCAZ3YGuA= +go.opentelemetry.io/otel/sdk/metric v1.42.0/go.mod h1:Ua6AAlDKdZ7tdvaQKfSmnFTdHx37+J4ba8MwVCYM5hc= +go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A= +go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4= +gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E= +google.golang.org/api v0.276.0 h1:nVArUtfLEihtW+b0DdcqRGK1xoEm2+ltAihyztq7MKY= +google.golang.org/api v0.276.0/go.mod h1:Fnag/EWUPIcJXuIkP1pjoTgS5vdxlk3eeemL7Do6bvw= +google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7 h1:XzmzkmB14QhVhgnawEVsOn6OFsnpyxNPRY9QV01dNB0= +google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7/go.mod h1:L43LFes82YgSonw6iTXTxXUX1OlULt4AQtkik4ULL/I= +google.golang.org/genproto/googleapis/api v0.0.0-20260319201613-d00831a3d3e7 h1:41r6JMbpzBMen0R/4TZeeAmGXSJC7DftGINUodzTkPI= +google.golang.org/genproto/googleapis/api v0.0.0-20260319201613-d00831a3d3e7/go.mod h1:EIQZ5bFCfRQDV4MhRle7+OgjNtZ6P1PiZBgAKuxXu/Y= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 h1:m8qni9SQFH0tJc1X0vmnpw/0t+AImlSvp30sEupozUg= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8= +google.golang.org/grpc v1.80.0 h1:Xr6m2WmWZLETvUNvIUmeD5OAagMw3FiKmMlTdViWsHM= +google.golang.org/grpc v1.80.0/go.mod h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4= +google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= +google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= From fdb69817af7c5fe4945d73ab4b9a69485f2cd320 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:56:07 +0300 Subject: [PATCH 09/10] ci: bump checkout v6, setup-go v6, golangci-lint-action v9; remove codeql --- .github/workflows/codeql-analysis.yml | 70 --------------------------- .github/workflows/lint.yml | 6 +-- 2 files changed, 3 insertions(+), 73 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 40077dc..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,70 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ main ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ main ] - schedule: - - cron: '35 11 * * 2' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'go' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://git.io/codeql-language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - # ℹ️ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d9dbddc..f36a497 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -15,12 +15,12 @@ jobs: name: golangci‑lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@v6 + - uses: actions/setup-go@v6 with: go-version: stable - name: golangci-lint - uses: golangci/golangci-lint-action@v8 + uses: golangci/golangci-lint-action@v9 with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version version: latest From 29c2301d6aba7275e0420eddfdd7e639ea0972a4 Mon Sep 17 00:00:00 2001 From: Denis Bryzgalov Date: Wed, 15 Apr 2026 11:56:47 +0300 Subject: [PATCH 10/10] deps: bump go directive to 1.26 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 83a7234..61f3b6f 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/flashadmin/cloudsql-exporter -go 1.25.0 +go 1.26 require ( github.com/alecthomas/kingpin/v2 v2.4.0