Skip to content

versions: Bump golang to 1.24.11 #2706

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
stevenhorsman merged 2 commits into from
Dec 3, 2025
Merged

versions: Bump golang to 1.24.11 #2706

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
90d7e71
versions: Bump golang to 1.24.11
stevenhorsman Dec 3, 2025
2502783
version: Bump actions/setup-go to 6.1.0
stevenhorsman Dec 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/azure-e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ jobs:
run: echo "GO_VERSION=$(yq -e '.tools.golang' versions.yaml)" >> "$GITHUB_ENV"

- name: Set up Go environment
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: "${{ env.GO_VERSION }}"
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -198,7 +198,7 @@ jobs:
version: ${{ env.ORAS_VERSION }}

- name: Set up Go environment
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -99,7 +99,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -146,7 +146,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -195,7 +195,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -247,7 +247,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/caa_build_and_push.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/caa_build_and_push_per_arch.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/csi_wrapper_images.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

Check failure

Code scanning / zizmor

runtime artifacts potentially vulnerable to a cache poisoning attack Error

runtime artifacts potentially vulnerable to a cache poisoning attack
Copy link
Copy Markdown
Member

@beraldoleal beraldoleal Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stevenhorsman is this a valid one?

Copy link
Copy Markdown
Member Author

@stevenhorsman stevenhorsman Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes - you can see from https://github.com/actions/setup-go/releases/tag/v6.1.0. The reason is that it's flagged is that we a cache in this action: cache-dependency-path: "**/go.sum", which we need to track and see if the performance penalty is okay.

with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e_aws.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ jobs:
echo "ORAS_VERSION=$(yq -e '.tools.oras' versions.yaml)" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e_docker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ jobs:
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/e2e_libvirt.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ jobs:
echo "ORAS_VERSION=$(yq -e '.tools.oras' versions.yaml)" >> "$GITHUB_ENV"

- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lib-codeql.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version-file: ./src/cloud-api-adaptor/go.mod
check-latest: true
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -64,7 +64,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down Expand Up @@ -119,7 +119,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand All @@ -140,7 +140,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/webhook_image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ jobs:
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: "**/go.sum"
Expand Down
10 changes: 5 additions & 5 deletions hack/Dockerfile.golang
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ FROM --platform=$TARGETPLATFORM ${BASE_IMAGE} AS base

# DO NOT UPDATE THIS BY HAND !!
# Use hack/update-go-container.sh to update the version and hashes.
ARG GO_VERSION=1.24.9
ARG GO_LINUX_ARM64_SHA256=9aa1243d51d41e2f93e895c89c0a2daf7166768c4a4c3ac79db81029d295a540
ARG GO_LINUX_AMD64_SHA256=5b7899591c2dd6e9da1809fde4a2fad842c45d3f6b9deb235ba82216e31e34a6
ARG GO_LINUX_PPC64LE_SHA256=8e52374ce7500234cf9e43dae2ecd57cc6062d4ab40b42da9d1eecef5fa92df6
ARG GO_LINUX_S390X_SHA256=8fc2a8a4d4c1bf26cf6481e3f1b8f8e68569861b32547907b24da8fb49419f82
ARG GO_VERSION=1.24.11
ARG GO_LINUX_ARM64_SHA256=beaf0f51cbe0bd71b8289b2b6fa96c0b11cd86aa58672691ef2f1de88eb621de
ARG GO_LINUX_AMD64_SHA256=bceca00afaac856bc48b4cc33db7cd9eb383c81811379faed3bdbc80edb0af65
ARG GO_LINUX_PPC64LE_SHA256=f770d0c5d7e7e2edb030133ac7854d9204f4e954e79a176e81362ffedf6ea34c
ARG GO_LINUX_S390X_SHA256=5955ddda3445b2cbfd81b8772044084911f55d0baeb32414da0411f6a377a2d4

FROM base AS base-amd64
ADD --checksum=sha256:${GO_LINUX_AMD64_SHA256} https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz .
Expand Down
2 changes: 1 addition & 1 deletion src/cloud-api-adaptor/versions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ cloudimg:
tools:
bats: 1.10.0
iptables-wrapper: v0.0.0-20240819165702-06cad2ec6cb5
golang: 1.24.9
golang: 1.24.11
kcli: 99.0.202507200957
mkosi: v22
protoc: 3.16.0
Expand Down
Loading