From 2fd6ea078df96b39a0770e92bc6fc296d68db9c8 Mon Sep 17 00:00:00 2001 From: Matthias Bertschy Date: Wed, 21 Aug 2024 16:54:45 +0200 Subject: [PATCH 1/2] update to go 1.23 and base image to debian12 Signed-off-by: Matthias Bertschy --- .github/workflows/pr-created.yaml | 4 ++-- .github/workflows/pr-merged.yaml | 2 +- build/Dockerfile | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr-created.yaml b/.github/workflows/pr-created.yaml index 5a54e9d..8209e35 100644 --- a/.github/workflows/pr-created.yaml +++ b/.github/workflows/pr-created.yaml @@ -20,7 +20,7 @@ jobs: pr-created: uses: kubescape/workflows/.github/workflows/incluster-comp-pr-created.yaml@main with: - GO_VERSION: "1.22" + GO_VERSION: "1.23" CGO_ENABLED: 0 secrets: inherit @@ -55,7 +55,7 @@ jobs: CGO_ENABLED: 0 uses: actions/setup-go@v4 with: - go-version: "1.22" + go-version: "1.23" - name: Run test run: | diff --git a/.github/workflows/pr-merged.yaml b/.github/workflows/pr-merged.yaml index a828445..ece455a 100644 --- a/.github/workflows/pr-merged.yaml +++ b/.github/workflows/pr-merged.yaml @@ -19,7 +19,7 @@ jobs: CGO_ENABLED: 0 GO111MODULE: "on" BUILD_PLATFORM: linux/amd64,linux/arm64 - GO_VERSION: "1.22" + GO_VERSION: "1.23" REQUIRED_TESTS: '[]' COSIGN: true HELM_E2E_TEST: false # TODO: Enable this when helm e2e test is ready diff --git a/build/Dockerfile b/build/Dockerfile index cc2d3c4..0e5d370 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=$BUILDPLATFORM golang:1.22-bullseye AS builder +FROM --platform=$BUILDPLATFORM golang:1.23-bookworm AS builder ENV GO111MODULE=on CGO_ENABLED=0 WORKDIR /work @@ -14,7 +14,7 @@ RUN --mount=target=. \ --mount=type=cache,target=/go/pkg \ GOOS=$TARGETOS GOARCH=$TARGETARCH go build -o /out/server ./cmd/server -FROM gcr.io/distroless/static-debian11:latest +FROM gcr.io/distroless/static-debian12:latest COPY --from=builder /out/client /usr/bin/client COPY --from=builder /out/server /usr/bin/server From 0da529a5e0a241cfe835e1bc4b24ad07b02360f0 Mon Sep 17 00:00:00 2001 From: Matthias Bertschy Date: Wed, 21 Aug 2024 16:59:31 +0200 Subject: [PATCH 2/2] bump docker/docker for vuln Signed-off-by: Matthias Bertschy --- go.mod | 2 +- go.sum | 4 ++-- tests/go.mod | 2 +- tests/go.sum | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index ecd9b5f..ca2c98c 100644 --- a/go.mod +++ b/go.mod @@ -60,7 +60,7 @@ require ( github.com/cpuguy83/dockercfg v0.3.1 // indirect github.com/danieljoos/wincred v1.2.1 // indirect github.com/distribution/reference v0.5.0 // indirect - github.com/docker/docker v25.0.5+incompatible // indirect + github.com/docker/docker v25.0.6+incompatible // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/dvsekhvalnov/jose2go v1.6.0 // indirect diff --git a/go.sum b/go.sum index 94a769a..4c1b869 100644 --- a/go.sum +++ b/go.sum @@ -94,8 +94,8 @@ github.com/dimfeld/httptreemux v5.0.1+incompatible h1:Qj3gVcDNoOthBAqftuD596rm4w github.com/dimfeld/httptreemux v5.0.1+incompatible/go.mod h1:rbUlSV+CCpv/SuqUTP/8Bk2O3LyUV436/yaRGkhP6Z0= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE= -github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v25.0.6+incompatible h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg= +github.com/docker/docker v25.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= diff --git a/tests/go.mod b/tests/go.mod index 287e28b..d3c66bb 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -124,7 +124,7 @@ require ( github.com/distribution/reference v0.6.0 // indirect github.com/docker/cli v25.0.4+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v26.1.0+incompatible // indirect + github.com/docker/docker v26.1.5+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.1 // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect diff --git a/tests/go.sum b/tests/go.sum index e6885d1..a36656d 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -378,8 +378,8 @@ github.com/docker/cli v25.0.4+incompatible h1:DatRkJ+nrFoYL2HZUzjM5Z5sAmcA5XGp+A github.com/docker/cli v25.0.4+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v26.1.0+incompatible h1:W1G9MPNbskA6VZWL7b3ZljTh0pXI68FpINx0GKaOdaM= -github.com/docker/docker v26.1.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v26.1.5+incompatible h1:NEAxTwEjxV6VbBMBoGG3zPqbiJosIApZjxlbrG9q3/g= +github.com/docker/docker v26.1.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=