Skip to content

Commit 005791e

Browse files
harsimranmaanderekbit
harsimranmaan
authored and
derekbit
committed
Update dependencies
Fixes some common flagged CVEs. Updates kustomize templates(removes deprecations) Updates tooling versions Update golanci-lint config(removes deprecations)
1 parent c4fdcad commit 005791e

File tree

2,400 files changed

+179073
-76848
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

2,400 files changed

+179073
-76848
lines changed

Diff for: .github/workflows/trivy-scan.yaml

+2-2
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
uses: actions/checkout@v4
1818

1919
- name: Run Trivy vulnerability scanner in fs mode
20-
uses: aquasecurity/trivy-action@0.24.0
20+
uses: aquasecurity/trivy-action@0.29.0
2121
with:
2222
scan-type: "fs"
2323
scan-ref: "."
@@ -31,4 +31,4 @@ jobs:
3131
if: failure()
3232
uses: github/codeql-action/upload-sarif@v3
3333
with:
34-
sarif_file: "trivy-results.sarif"
34+
sarif_file: "trivy-results.sarif"

Diff for: .golangci.json

+7-5
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,12 @@
1010
"ineffassign"
1111
]
1212
},
13-
"run": {
14-
"skip-files": [
13+
"issues": {
14+
"exclude-files": [
1515
"/zz_generated_"
16-
],
17-
"deadline": "5m"
16+
]
17+
},
18+
"run": {
19+
"timeout": "5m"
1820
}
19-
}
21+
}

Diff for: Dockerfile.dapper

+9-9
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,25 @@
1-
FROM golang:1.23.1-alpine
1+
FROM golang:1.23.4-alpine
22

33
ARG DAPPER_HOST_ARCH
44
ENV ARCH $DAPPER_HOST_ARCH
55

66
RUN apk -U add bash git gcc musl-dev docker vim less file curl wget ca-certificates jq
77
RUN rm -rf /go/src /go/pkg
88
RUN if [ "${ARCH}" == "amd64" ]; then \
9-
curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.41.1; \
9+
curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.41.1; \
1010
fi; \
1111
if [ "${ARCH}" == "amd64" ] || [ "${ARCH}" == "arm64" ]; then \
12-
kind_version=$(curl -sL https://api.github.com/repos/kubernetes-sigs/kind/releases/latest | jq -r ".tag_name") && curl -sL "https://kind.sigs.k8s.io/dl/${kind_version}/kind-linux-${ARCH}" -o kind && install kind /usr/local/bin; \
13-
kubectl_version=$(curl -sL https://dl.k8s.io/release/stable.txt) && curl -sLO "https://dl.k8s.io/release/${kubectl_version}/bin/linux/${ARCH}/kubectl" && install kubectl /usr/local/bin; \
14-
curl -sL "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv4.2.0/kustomize_v4.2.0_linux_${ARCH}.tar.gz" | tar -zxv -C /usr/local/bin; \
12+
kind_version=$(curl -sL https://api.github.com/repos/kubernetes-sigs/kind/releases/latest | jq -r ".tag_name") && curl -sL "https://kind.sigs.k8s.io/dl/${kind_version}/kind-linux-${ARCH}" -o kind && install kind /usr/local/bin; \
13+
kubectl_version=$(curl -sL https://dl.k8s.io/release/stable.txt) && curl -sLO "https://dl.k8s.io/release/${kubectl_version}/bin/linux/${ARCH}/kubectl" && install kubectl /usr/local/bin; \
14+
curl -sL "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.5.0/kustomize_v5.5.0_linux_${ARCH}.tar.gz" | tar -zxv -C /usr/local/bin; \
1515
fi
1616

17-
RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.60.3
17+
RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.63.4
1818

1919
# The docker version in dapper is too old to have buildx. Install it manually.
20-
RUN wget https://github.com/docker/buildx/releases/download/v0.13.1/buildx-v0.13.1.linux-${ARCH} && \
21-
chmod +x buildx-v0.13.1.linux-${ARCH} && \
22-
mv buildx-v0.13.1.linux-${ARCH} /usr/local/bin/buildx
20+
RUN wget https://github.com/docker/buildx/releases/download/v0.19.3/buildx-v0.19.3.linux-${ARCH} && \
21+
chmod +x buildx-v0.19.3.linux-${ARCH} && \
22+
mv buildx-v0.19.3.linux-${ARCH} /usr/local/bin/buildx
2323

2424
ENV DAPPER_ENV REPO TAG DRONE_TAG
2525
ENV DAPPER_SOURCE /go/src/github.com/rancher/local-path-provisioner/

Diff for: examples/distroless/Dockerfile.helper

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM golang:1.23.1-alpine AS builder
1+
FROM golang:1.23.4-alpine AS builder
22

33
COPY main.go /main.go
44
COPY go.mod /go.mod

Diff for: examples/distroless/Dockerfile.provisioner

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM golang:1.23.5-alpine AS builder
1+
FROM golang:1.23.4-alpine AS builder
22

33
ARG GIT_REPO
44
ARG GIT_BRANCH

Diff for: examples/distroless/go.mod

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
module manager
22

3-
go 1.17
3+
go 1.23.0

Diff for: go.mod

+43-40
Original file line numberDiff line numberDiff line change
@@ -6,61 +6,64 @@ require (
66
github.com/Sirupsen/logrus v0.11.0
77
github.com/kelseyhightower/envconfig v1.4.0
88
github.com/pkg/errors v0.9.1
9-
github.com/stretchr/testify v1.8.4
10-
github.com/urfave/cli v1.19.1
11-
k8s.io/api v0.30.0
12-
k8s.io/apimachinery v0.30.0
13-
k8s.io/client-go v0.30.0
14-
k8s.io/klog/v2 v2.120.1
9+
github.com/stretchr/testify v1.10.0
10+
github.com/urfave/cli v1.22.16
11+
k8s.io/api v0.32.0
12+
k8s.io/apimachinery v0.32.0
13+
k8s.io/client-go v0.32.0
14+
k8s.io/klog/v2 v2.130.1
1515
sigs.k8s.io/sig-storage-lib-external-provisioner/v10 v10.0.1
16-
sigs.k8s.io/yaml v1.3.0
16+
sigs.k8s.io/yaml v1.4.0
1717
)
1818

1919
require (
2020
github.com/beorn7/perks v1.0.1 // indirect
21-
github.com/cespare/xxhash/v2 v2.1.2 // indirect
22-
github.com/davecgh/go-spew v1.1.1 // indirect
23-
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
24-
github.com/go-logr/logr v1.4.1 // indirect
25-
github.com/go-openapi/jsonpointer v0.19.6 // indirect
26-
github.com/go-openapi/jsonreference v0.20.2 // indirect
27-
github.com/go-openapi/swag v0.22.3 // indirect
21+
github.com/cespare/xxhash/v2 v2.3.0 // indirect
22+
github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
23+
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
24+
github.com/emicklei/go-restful/v3 v3.12.1 // indirect
25+
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
26+
github.com/go-logr/logr v1.4.2 // indirect
27+
github.com/go-openapi/jsonpointer v0.21.0 // indirect
28+
github.com/go-openapi/jsonreference v0.21.0 // indirect
29+
github.com/go-openapi/swag v0.23.0 // indirect
2830
github.com/gogo/protobuf v1.3.2 // indirect
29-
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
3031
github.com/golang/protobuf v1.5.4 // indirect
31-
github.com/google/gnostic-models v0.6.8 // indirect
32+
github.com/google/gnostic-models v0.6.9 // indirect
3233
github.com/google/go-cmp v0.6.0 // indirect
3334
github.com/google/gofuzz v1.2.0 // indirect
34-
github.com/google/uuid v1.3.0 // indirect
35-
github.com/imdario/mergo v0.3.6 // indirect
35+
github.com/google/uuid v1.6.0 // indirect
3636
github.com/josharian/intern v1.0.0 // indirect
3737
github.com/json-iterator/go v1.1.12 // indirect
38-
github.com/mailru/easyjson v0.7.7 // indirect
39-
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
40-
github.com/miekg/dns v1.1.29 // indirect
38+
github.com/klauspost/compress v1.17.11 // indirect
39+
github.com/mailru/easyjson v0.9.0 // indirect
40+
github.com/miekg/dns v1.1.62 // indirect
4141
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
4242
github.com/modern-go/reflect2 v1.0.2 // indirect
4343
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
44-
github.com/pmezard/go-difflib v1.0.0 // indirect
45-
github.com/prometheus/client_golang v1.11.1 // indirect
46-
github.com/prometheus/client_model v0.3.0 // indirect
47-
github.com/prometheus/common v0.32.1 // indirect
48-
github.com/prometheus/procfs v0.8.0 // indirect
44+
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
45+
github.com/prometheus/client_golang v1.20.5 // indirect
46+
github.com/prometheus/client_model v0.6.1 // indirect
47+
github.com/prometheus/common v0.61.0 // indirect
48+
github.com/prometheus/procfs v0.15.1 // indirect
49+
github.com/russross/blackfriday/v2 v2.1.0 // indirect
4950
github.com/spf13/pflag v1.0.5 // indirect
50-
golang.org/x/crypto v0.25.0 // indirect
51-
golang.org/x/net v0.27.0 // indirect
52-
golang.org/x/oauth2 v0.10.0 // indirect
53-
golang.org/x/sys v0.22.0 // indirect
54-
golang.org/x/term v0.22.0 // indirect
55-
golang.org/x/text v0.16.0 // indirect
56-
golang.org/x/time v0.3.0 // indirect
57-
google.golang.org/appengine v1.6.7 // indirect
58-
google.golang.org/protobuf v1.34.2 // indirect
51+
github.com/x448/float16 v0.8.4 // indirect
52+
golang.org/x/mod v0.22.0 // indirect
53+
golang.org/x/net v0.34.0 // indirect
54+
golang.org/x/oauth2 v0.25.0 // indirect
55+
golang.org/x/sync v0.10.0 // indirect
56+
golang.org/x/sys v0.29.0 // indirect
57+
golang.org/x/term v0.28.0 // indirect
58+
golang.org/x/text v0.21.0 // indirect
59+
golang.org/x/time v0.9.0 // indirect
60+
golang.org/x/tools v0.29.0 // indirect
61+
google.golang.org/protobuf v1.36.2 // indirect
62+
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
5963
gopkg.in/inf.v0 v0.9.1 // indirect
60-
gopkg.in/yaml.v2 v2.4.0 // indirect
6164
gopkg.in/yaml.v3 v3.0.1 // indirect
62-
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
63-
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
64-
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
65-
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
65+
k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect
66+
k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
67+
sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
68+
sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
6669
)

0 commit comments

Comments
 (0)