Commit Graph

265 Commits

Author SHA1 Message Date
dependabot[bot] f389711943
build(deps): bump github.com/aws/aws-sdk-go from 1.44.45 to 1.44.47 (#10960)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.45 to 1.44.47.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.45...v1.44.47)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-05 09:49:52 +02:00
Julien Pivotto 4aa693da99
Update go dependencies (#10938)
Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-06-30 22:10:19 +02:00
Bram Vogelaar 4456dcc26e feat(nomad): add nomad service discovery
Signed-off-by: Bram Vogelaar <bram@attachmentgenie.com>
2022-06-30 14:17:08 +02:00
Julien Pivotto c511d26dd0
Upgrade Prometheus/common to fix static assets (#10889)
Properly fix #10697

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-06-20 08:59:56 +00:00
Julien Pivotto a0aec2db82
Fix handling of static files (#10879)
Closes #10697

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-06-18 14:26:06 +02:00
dependabot[bot] f4ea0709f9
build(deps): bump k8s.io/client-go from 0.24.0 to 0.24.1
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.24.0 to 0.24.1.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.24.0...v0.24.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-13 09:42:48 +00:00
dependabot[bot] 00982ce4d3
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-09 14:37:17 +00:00
dependabot[bot] c2d6acdcc5
build(deps): bump github.com/vultr/govultr/v2 from 2.17.0 to 2.17.1 (#10811)
Bumps [github.com/vultr/govultr/v2](https://github.com/vultr/govultr) from 2.17.0 to 2.17.1.
- [Release notes](https://github.com/vultr/govultr/releases)
- [Changelog](https://github.com/vultr/govultr/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vultr/govultr/compare/v2.17.0...v2.17.1)

---
updated-dependencies:
- dependency-name: github.com/vultr/govultr/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 15:55:12 +02:00
dependabot[bot] c92d571e5d
build(deps): bump github.com/gophercloud/gophercloud (#10834)
Bumps [github.com/gophercloud/gophercloud](https://github.com/gophercloud/gophercloud) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/gophercloud/gophercloud/releases)
- [Changelog](https://github.com/gophercloud/gophercloud/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gophercloud/gophercloud/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: github.com/gophercloud/gophercloud
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 15:54:38 +02:00
dependabot[bot] 28322709eb
build(deps): bump github.com/aws/aws-sdk-go from 1.44.20 to 1.44.29 (#10832)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.20 to 1.44.29.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.20...v1.44.29)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 10:58:30 +02:00
dependabot[bot] 80eded08f6
build(deps): bump google.golang.org/api from 0.80.0 to 0.83.0 (#10830)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.80.0 to 0.83.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.80.0...v0.83.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 10:54:05 +02:00
dependabot[bot] 2bf9d26732
build(deps): bump k8s.io/api from 0.24.0 to 0.24.1 (#10812)
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.24.0 to 0.24.1.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.24.0...v0.24.1)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 10:50:54 +02:00
dependabot[bot] 636f7e5483
build(deps): bump k8s.io/apimachinery from 0.24.0 to 0.24.1 (#10806)
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.24.0 to 0.24.1.
- [Release notes](https://github.com/kubernetes/apimachinery/releases)
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.24.0...v0.24.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-03 13:48:47 +02:00
dependabot[bot] ad198b081b
build(deps): bump github.com/linode/linodego from 1.5.0 to 1.6.0 (#10792)
Bumps [github.com/linode/linodego](https://github.com/linode/linodego) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/linode/linodego/releases)
- [Commits](https://github.com/linode/linodego/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/linode/linodego
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-03 10:11:16 +02:00
dependabot[bot] c7298b4b08
build(deps): bump github.com/hashicorp/consul/api from 1.12.0 to 1.13.0 (#10794)
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/v1.12.0...api/v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-03 10:11:06 +02:00
David Leadbeater b84494d50d
Update go-yaml v3 to 3.0.1 (#10786)
Picks up the fix for https://github.com/go-yaml/yaml/issues/665 -- we
picked up the important fix for CVE-2022-28948 already.

This only affects go-yaml *v3*; the only user of v3 in Prometheus itself
is rulefmt so the impact seems limited.

Signed-off-by: David Leadbeater <dgl@dgl.cx>
2022-06-02 10:16:44 +10:00
dependabot[bot] 6ee4b52116 build(deps): bump github.com/Azure/azure-sdk-for-go
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 63.0.0+incompatible to 65.0.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v63.0.0...v65.0.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-24 22:19:55 +02:00
dependabot[bot] 4ac961c040 build(deps): bump google.golang.org/api from 0.77.0 to 0.80.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.77.0 to 0.80.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.77.0...v0.80.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-24 22:19:42 +02:00
David Dymko 3ef153b00c vultr integration
Signed-off-by: David Dymko <dymkod@gmail.com>
2022-05-24 18:38:06 +02:00
Matthias Loibl d11c418102 Update Go dependencies
Signed-off-by: Matthias Loibl <mail@matthiasloibl.com>
2022-05-24 17:19:17 +02:00
Julien Pivotto 5722e6ea99 Update OpenTracing
Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-05-24 16:02:15 +02:00
dependabot[bot] 4c13d305d3
build(deps): bump github.com/fsnotify/fsnotify from 1.5.1 to 1.5.4
Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.5.1 to 1.5.4.
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fsnotify/fsnotify/compare/v1.5.1...v1.5.4)

---
updated-dependencies:
- dependency-name: github.com/fsnotify/fsnotify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 16:06:42 +00:00
SuperQ 29b58448e1
Update Go minimum version
* Set Go minimum version to 1.17.
* Update go.mod format for 1.17.
* Remove unecessary exclude block for k8s.io/client-go.
* Remove unecessary retract section.

Signed-off-by: SuperQ <superq@gmail.com>
2022-05-23 15:17:25 +02:00
Felix Ehrenpfort ce3bc818a8
Add service discovery for IONOS Cloud (#10514)
* Add service discovery for IONOS Cloud

Signed-off-by: Felix Ehrenpfort <felix@ehrenpfort.de>
2022-05-20 14:57:23 +02:00
dependabot[bot] 4e6374180d
build(deps): bump google.golang.org/grpc from 1.45.0 to 1.46.0 (#10648)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.45.0 to 1.46.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.45.0...v1.46.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 15:48:50 +02:00
dependabot[bot] 0e938f89fd
build(deps): bump go.opentelemetry.io/otel from 1.6.1 to 1.7.0 (#10653)
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.6.1...v1.7.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 15:48:31 +02:00
dependabot[bot] 51eb754e77
build(deps): bump github.com/linode/linodego from 1.4.0 to 1.4.1 (#10654)
Bumps [github.com/linode/linodego](https://github.com/linode/linodego) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/linode/linodego/releases)
- [Commits](https://github.com/linode/linodego/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/linode/linodego
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 15:47:54 +02:00
dependabot[bot] d066b9c4c5
build(deps): bump k8s.io/api from 0.23.5 to 0.23.6 (#10649)
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.23.5 to 0.23.6.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.23.5...v0.23.6)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 11:06:43 +02:00
dependabot[bot] b2e2751e23
build(deps): bump google.golang.org/api from 0.74.0 to 0.77.0 (#10647)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.74.0 to 0.77.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.74.0...v0.77.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 11:05:23 +02:00
Julien Pivotto 09da88114d Support overriding minimum TLS version
Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
2022-04-20 23:41:30 +02:00
TomasKohout a1aa3721e8
uber.go/automaxprocs package upgrade for cgroups2 support (#10584)
Signed-off-by: Tomas Kohout <tomas.kohout1995@gmail.com>
2022-04-13 09:41:28 -04:00
Julien Pivotto 8abef6d661
Proper support for go modules. (#10486)
* Proper support for go modules.

This pull requests makes Prometheus go-mod compatible.

The general idea is to release the Prometheus libraries as v0.x
releases, next to the v2.x tags used by end users.

This is done by mirroring Prometheus 2.x tags with Prometheus 0.x tags.

When v2.X.0 is released, we would release v0.X.0.

Pre-go mod versions are retracted from go.mod. This is not nice but
should work.

Only v2.x tags will be built and released by CI. v0.x.x tags would just
be normal tags in the repo, not promoted as releases.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2022-04-12 11:00:54 +02:00
Augustin Husson 3fc7d11687
Update Go dependencies (#10527)
Signed-off-by: Augustin Husson <augustin.husson@amadeus.com>
2022-04-04 10:47:38 +02:00
TomasKohout c0fd228bad
Add dependency on go.uber.org/automaxprocs (#10498)
* add dependency on go.uber.org/automaxprocs

Signed-off-by: Tomas Kohout <tomas.kohout1995@gmail.com>

Co-authored-by: Peter Bourgon <peterbourgon@users.noreply.github.com>
Co-authored-by: Julien Pivotto <roidelapluie@gmail.com>
2022-03-30 12:50:11 +02:00
Julien Pivotto 98039cddfa
Update Prometheus common (#10492)
* Update Prometheus common

- Oauth2 supports proxy URL
- HTTP2 can be disabled

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2022-03-30 12:49:03 +02:00
Chris Marchbanks c1387494dd
Merge pull request #10452 from prometheus/release-2.34
Merge Release 2.34 into main
2022-03-15 12:32:18 -06:00
Jan Fajerski 2c3d45c88a
Replace vfsgen with embed for static web assets (#10220)
* remove vfsgen usages

Signed-off-by: Jan Fajerski <jfajersk@redhat.com>

* web: use embed package for static assets

This requires go 1.16.

Signed-off-by: Jan Fajerski <jfajersk@redhat.com>

* circleci: drop go generate in web/ui

Signed-off-by: Jan Fajerski <jfajersk@redhat.com>

* Makefile: compress web assets before build

This commit add compression before (and decompression after) prometheus
is build. This ensures that gzipped assets are embeded in the prometheus
binary, if the builtinassets build tag is passed. If the build tag is
not passed this step is still executed but has no effect.
All this is executed in a subshell so that we can run the decompress
step even if the build step fails, but retain the exit code of promu.
This cleanup could also cover interrupts, but I left that out for now.

Signed-off-by: Jan Fajerski <jfajersk@redhat.com>
2022-03-09 10:21:31 +01:00
Chris Marchbanks ead032919a
Merge pull request #10414 from prometheus/csmarchbanks/cut-2.34.0-rc.1
Cut 2.34.0-rc.1
2022-03-08 11:36:52 -07:00
beorn7 8cf4aa5140 Update containerd/containerd dependency
Signed-off-by: beorn7 <beorn@grafana.com>
2022-03-08 17:38:53 +01:00
Bryan Boreham 8e4407c226
Update grafana/regexp package to reject very deeply nested regexps (#10397)
This is a cherry-pick of ac071634c4
with the following description:

regexp/syntax: reject very deeply nested regexps in Parse

The regexp code assumes it can recurse over the structure of
a regexp safely. Go's growable stacks make that reasonable
for all plausible regexps, but implausible ones can reach the
“infinite recursion?” stack limit.

This CL limits the depth of any parsed regexp to 1000.
That is, the depth of the parse tree is required to be ≤ 1000.
Regexps that require deeper parse trees will return ErrInternalError.

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
2022-03-04 11:45:45 +00:00
dependabot[bot] 7373bcc842
build(deps): bump github.com/Azure/azure-sdk-for-go (#10390)
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.6.0+incompatible to 62.0.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.6.0...v62.0.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-03 15:58:44 +01:00
dependabot[bot] 9fe258a655
build(deps): bump github.com/aws/aws-sdk-go from 1.43.4 to 1.43.10 (#10391)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.4 to 1.43.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.4...v1.43.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-03 15:58:29 +01:00
dependabot[bot] 2ab54a9e77
build(deps): bump github.com/envoyproxy/protoc-gen-validate (#10383)
Bumps [github.com/envoyproxy/protoc-gen-validate](https://github.com/envoyproxy/protoc-gen-validate) from 0.6.3 to 0.6.6.
- [Release notes](https://github.com/envoyproxy/protoc-gen-validate/releases)
- [Commits](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.6.3...v0.6.6)

---
updated-dependencies:
- dependency-name: github.com/envoyproxy/protoc-gen-validate
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-03 15:14:53 +01:00
dependabot[bot] 0b835e341b
build(deps): bump github.com/aws/aws-sdk-go from 1.43.3 to 1.43.4 (#10346)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.3 to 1.43.4.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.3...v1.43.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-23 14:59:47 -07:00
Chris Marchbanks b80ef363fa
Upgrade go dependencies for the release
The k8s dependencies have been manually updated to the most recent
0.22.x release due to 0.23.x requiring go 1.17.

Signed-off-by: Chris Marchbanks <csmarchbanks@gmail.com>
2022-02-22 11:57:06 -07:00
dependabot[bot] 61bcf47706
build(deps): bump go.opentelemetry.io/otel/trace from 1.2.0 to 1.4.0 (#10292)
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.2.0 to 1.4.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.2.0...v1.4.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-22 16:10:58 +01:00
Keegan Carruthers-Smith e17d6aad01
Bump github.com/containerd/containerd to 1.5.9 (#10282)
There is the critical CVE-2021-43816 against containerd which is only
fixed in v1.5.9. In practice I don't believe this affects prometheus.
However, upgrading will help quieten loud vulnerability scanners.

To upgrade I ran go get github.com/containerd/containerd@v1.5.9.

Signed-off-by: Keegan Carruthers-Smith <keegan.csmith@gmail.com>
2022-02-13 00:55:09 +01:00
Bryan Boreham 579331446a
Allow downstream projects to use faster regexp (#10251)
* Add benchmark for FastRegexMatcher

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>

* Use modified regexp package with optimisations

See https://github.com/grafana/regexp/tree/speedup#readme

Includes the following changes proposed upstream:
* [regexp: allow patterns with no alternates to be one-pass](https://go-review.googlesource.com/c/go/+/353711)
* [regexp: speed up onepass prefix check](https://go-review.googlesource.com/c/go/+/354909)
* [regexp: handle prefix string with fold-case](https://go-review.googlesource.com/c/go/+/358756)
* [regexp: avoid copying each instruction executed](https://go-review.googlesource.com/c/go/+/355789)
* [regexp: allow prefix string anchored at beginning](https://go-review.googlesource.com/c/go/+/377294)

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>

* Use regexp code identical to upstream Go

Change `grafana/regexp` import to use `main` branch.

This means Prometheus is not using the proposed optimisations, but
downstream users of Prometheus code are able to `replace` the library
with the `speedup` branch which does.

Signed-off-by: Bryan Boreham <bjboreham@gmail.com>
2022-02-08 11:03:20 +01:00
dependabot[bot] 0cd4e0a8dd
build(deps): bump github.com/aws/aws-sdk-go from 1.42.31 to 1.42.44 (#10247)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.31 to 1.42.44.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.31...v1.42.44)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-02 16:13:08 +01:00
Julien Pivotto 8cc7b7e577
Split remote storage example in its own go mod (#10244)
This commit removes the dependency between Prometheus and influx.

Note: Go keeps adding the indirect dependencies in go.mod, I can't
remove them.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2022-02-02 14:54:13 +01:00