Upgrade to using hashicorp/[email protected]

.github/workflows/backport-assistant.yml

@@ -19,7 +19,7 @@ jobs:
   backport:
     if: github.event.pull_request.merged
     runs-on: ubuntu-latest
-    container: hashicorpdev/backport-assistant:0.4.4
+    container: hashicorpdev/backport-assistant:0.5.3
     steps:
       - name: Run Backport Assistant for release branches
         run: |

.github/workflows/build-distros.yml

@@ -14,7 +14,7 @@ permissions:
   contents: read
 
 env:
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent,hashicorpmetrics' || 'hashicorpmetrics' }}
   GOPRIVATE: github.com/hashicorp # Required for enterprise deps
 
 concurrency:

.github/workflows/build.yml

@@ -107,6 +107,10 @@ jobs:
     name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build
     steps:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+
+      - name: Setup Git
+        if: ${{ endsWith(github.repository, '-enterprise') }}
+        run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
 
       - name: Setup with node and yarn
         uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
@@ -134,6 +138,7 @@ jobs:
           PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }}
           CGO_ENABLED: "0"
           GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}"
+          GOTAGS: hashicorpmetrics
         uses: hashicorp/actions-go-build@make-clean-flag-optional
         with:
           product_name: ${{ env.PKG_NAME }}
@@ -145,7 +150,7 @@ jobs:
           clean: false
           instructions: |-
             cp LICENSE $TARGET_DIR/LICENSE.txt
-            go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
+            go build -ldflags="$GOLDFLAGS" -tags="$GOTAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
 
       - name: Copy license file
         if: ${{ !endsWith(github.repository, '-enterprise') }}
@@ -208,6 +213,10 @@ jobs:
     name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build
     steps:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+
+      # NOTE: This step is specifically needed for ENT. It allows us to access the required private HashiCorp repos.
+      - name: Setup Git
+        run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
 
       - name: Setup with node and yarn
         uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
@@ -235,6 +244,7 @@ jobs:
           PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }}
           CGO_ENABLED: "0"
           GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}"
+          GOTAGS: hashicorpmetrics
         uses: hashicorp/actions-go-build@make-clean-flag-optional
         with:
           product_name: ${{ env.PKG_NAME }}
@@ -246,7 +256,7 @@ jobs:
           clean: false
           instructions: |-
             cp LICENSE $TARGET_DIR/LICENSE.txt
-            go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
+            go build -ldflags="$GOLDFLAGS" -tags="$GOTAGS" -o "$BIN_PATH" -trimpath -buildvcs=false
 
   build-docker:
     name: Docker ${{ matrix.arch }} build

.github/workflows/go-tests.yml

@@ -115,6 +115,8 @@ jobs:
     - setup
     - get-go-version
     runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }}
+    env:
+      GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'hashicorpmetrics,consulent' || 'hashicorpmetrics' }}
     steps:
     - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
     # NOTE: This step is specifically needed for ENT. It allows us to access the required private HashiCorp repos.
@@ -124,7 +126,7 @@ jobs:
     - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
       with:
         go-version: ${{ needs.get-go-version.outputs.go-version }}
-    - run: go install github.com/reillywatson/enumcover/cmd/enumcover@master && enumcover ./...
+    - run: go install github.com/reillywatson/enumcover/cmd/enumcover@master && GOFLAGS="-tags=${GOTAGS}" enumcover ./...
 
   lint-container-test-deps:
     needs:
@@ -280,7 +282,7 @@ jobs:
       runner-count: 6
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -302,7 +304,7 @@ jobs:
       package-names-command: "go list ./... | grep -E -v '^github.com/hashicorp/consul/agent(/consul|/local|/routine-leak-checker)?$' | grep -E -v '^github.com/hashicorp/consul(/command|/connect|/snapshot)'"
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -324,7 +326,7 @@ jobs:
       go-test-flags: "-short"
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -347,7 +349,7 @@ jobs:
   #     go-test-flags: -short"
   #     runs-on: ${{ needs.setup.outputs.compute-large }}
   #     repository-name: ${{ github.repository }}
-  #     go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+  #     go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
   #     go-version: ${{ needs.get-go-version.outputs.go-version }}
   #   permissions:
   #     id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -367,7 +369,7 @@ jobs:
       directory: envoyextensions
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -387,7 +389,7 @@ jobs:
       directory: troubleshoot
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -408,7 +410,7 @@ jobs:
       directory: api
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version-previous }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -428,7 +430,7 @@ jobs:
       directory: api
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -449,7 +451,7 @@ jobs:
       directory: sdk
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version-previous }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -469,7 +471,7 @@ jobs:
       directory: sdk
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.
@@ -489,7 +491,7 @@ jobs:
       directory: testing/deployer
       runs-on: ${{ needs.setup.outputs.compute-large }}
       repository-name: ${{ github.repository }}
-      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+      go-tags: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}"
       go-version: ${{ needs.get-go-version.outputs.go-version }}
     permissions:
       id-token: write # NOTE: this permission is explicitly required for Vault auth.

.github/workflows/goldenfile-checker.yml

@@ -14,6 +14,9 @@ on:
       - main
       - release/*
 
+env:
+  GOFLAGS: -tags=${{ endsWith(github.repository, '-enterprise') && 'hashicorpmetrics,consulent' || 'hashicorpmetrics' }}
+
 jobs:
   get-go-version:
     uses: ./.github/workflows/reusable-get-go-version.yml

.github/workflows/nightly-test-integ-peering_commontopo.yml

@@ -12,7 +12,7 @@ on:
 env:
   TEST_RESULTS_DIR: /tmp/test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.10.1"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/nightly-test-integrations-1.15.x.yml

@@ -13,7 +13,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/nightly-test-integrations-1.18.x.yml

@@ -13,7 +13,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/nightly-test-integrations-1.19.x.yml

@@ -13,7 +13,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/nightly-test-integrations-1.20.x.yml

@@ -13,7 +13,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/nightly-test-integrations.yml

@@ -13,7 +13,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.github/workflows/reusable-dev-build-windows.yml

@@ -24,6 +24,10 @@ on:
     secrets:
       elevated-github-token:
         required: true
+
+env:
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+
 jobs:
   build:
     runs-on: 'windows-2019'
@@ -39,7 +43,7 @@ jobs:
       - name: Build
         env:
           GOARCH: ${{ inputs.goarch }}
-        run: go build .
+        run: go build -tags="$GOTAGS" .
       # save dev build to pass to downstream jobs
       - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:

.github/workflows/reusable-lint.yml

@@ -21,7 +21,7 @@ on:
       elevated-github-token:
         required: true
 env:
-  GOTAGS: "${{ github.event.repository.name == 'consul-enterprise' && 'consulent consuldev' || '' }}"
+  GOTAGS: hashicorpmetrics,${{ github.event.repository.name == 'consul-enterprise' && 'consulent,consuldev' || '' }}
   GOARCH: ${{inputs.go-arch}}
   GOPRIVATE: github.com/hashicorp # Required for enterprise deps
 

.github/workflows/reusable-unit-split.yml

@@ -53,7 +53,8 @@ env:
   GOARCH: ${{inputs.go-arch}}
   TOTAL_RUNNERS: ${{inputs.runner-count}}
   CONSUL_LICENSE: ${{secrets.consul-license}}
-  GOTAGS: ${{ inputs.go-tags}}
+  GOTAGS: hashicorpmetrics,${{ inputs.go-tags }}
+  GOFLAGS: "-tags=hashicorpmetrics,${{ inputs.go-tags }}"
   GOPRIVATE: github.com/hashicorp # Required for enterprise deps
   DATADOG_API_KEY: ${{secrets.datadog-api-key}}
 
@@ -67,6 +68,10 @@ jobs:
       - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
         with:
           go-version: ${{ inputs.go-version }}
+      # Needed only for enterprise
+      - name: Setup Git
+        if: ${{ endsWith(inputs.repository-name, '-enterprise') }}
+        run: git config --global url."https://${{ secrets.elevated-github-token }}:@github.com".insteadOf "https://github.com"
       - id: set-matrix
         run: ./.github/scripts/set_test_package_matrix.sh ${{env.TOTAL_RUNNERS}}
 
@@ -119,7 +124,7 @@ jobs:
         run: chmod +x $GITHUB_WORKSPACE/${{inputs.directory}}/consul
       - run: go env
       - name: Run tests 
-        working-directory: ${{inputs.directory}}
+        working-directory: ${{inputs.directory}}          
         run: |
           # separate the list
           PACKAGE_NAMES="${{ join(matrix.package, ' ') }}"
@@ -128,6 +133,7 @@ jobs:
           # some tests expect this umask, and arm images have a different default
           umask 0022
 
+          # Note that the build tags will be used from the GOFLAGS environment variable
           go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \
           --format=github-actions \
           --format-hide-empty-pkg \
@@ -136,7 +142,6 @@ jobs:
           --rerun-fails-report=/tmp/gotestsum-rerun-fails \
           --packages="$PACKAGE_NAMES" \
           --junitfile ${{env.TEST_RESULTS}}/gotestsum-report.xml -- \
-          -tags="${{env.GOTAGS}}" \
           ${{inputs.go-test-flags}} \
           -cover -coverprofile=coverage.txt \
           -timeout=30m

.github/workflows/reusable-unit.yml

@@ -48,7 +48,7 @@ env:
   GOTESTSUM_VERSION: "1.11.0"
   GOARCH: ${{inputs.go-arch}}
   CONSUL_LICENSE: ${{secrets.consul-license}}
-  GOTAGS: ${{ inputs.go-tags}}
+  GOTAGS: hashicorpmetrics,${{ inputs.go-tags}}
   GOPRIVATE: github.com/hashicorp # Required for enterprise deps
   DATADOG_API_KEY: ${{secrets.datadog-api-key}}
 

.github/workflows/test-integrations.yml

@@ -23,7 +23,7 @@ env:
   TEST_RESULTS_DIR: /tmp/test-results
   TEST_RESULTS_ARTIFACT_NAME: test-results
   CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }}
-  GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
+  GOTAGS: hashicorpmetrics ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
   GOTESTSUM_VERSION: "1.11.0"
   CONSUL_BINARY_UPLOAD_NAME: consul-bin
   # strip the hashicorp/ off the front of github.repository for consul

.golangci.yml

@@ -29,8 +29,8 @@ issues:
       text: 'SA1019: "io/ioutil" has been deprecated since Go 1.16'
 
     # Allow usage of deprecated values.
-    - linters: [ staticcheck ]
-      text: 'SA1019:'
+    - linters: [staticcheck]
+      text: "SA1019:"
       path: "(agent/grpc-external|agent/grpc-internal)"
 
     # An argument that always receives the same value is often not a problem.
@@ -104,10 +104,14 @@ linters-settings:
       main:
         listMode: lax
         deny:
-        - pkg: net/rpc
-          desc: "only use forked copy in github.com/hashicorp/consul-net-rpc/net/rpc"
-        - pkg: github.com/golang/protobuf
-          desc: "only use google.golang.org/protobuf"
+          - pkg: net/rpc
+            desc: "only use forked copy in github.com/hashicorp/consul-net-rpc/net/rpc"
+          - pkg: github.com/golang/protobuf
+            desc: "only use google.golang.org/protobuf"
+          - pkg: github.com/armon/go-metrics
+            desc: "use github.com/hashicorp/go-metrics"
+          - pkg: github.com/hashicorp/go-metrics/compat
+            desc: "use github.com/hashicorp/go-metrics"
 
 run:
   timeout: 10m