From 45c5407079ea611622d3849775e04afd4a390834 Mon Sep 17 00:00:00 2001 From: Ashley Davis Date: Fri, 17 Feb 2023 09:19:39 +0000 Subject: [PATCH] bump to go 1.19, bump dep versions and fix CVEs fixes CVE-2022-41717 and CVE-2022-41723 also updates distroless base image for new tzdata Signed-off-by: Ashley Davis --- Dockerfile.approver | 7 ++++--- Dockerfile.driver | 6 +++--- Makefile | 4 ++-- go.mod | 10 +++++----- go.sum | 8 ++++++++ 5 files changed, 22 insertions(+), 13 deletions(-) diff --git a/Dockerfile.approver b/Dockerfile.approver index cec2bc68..8b97624a 100644 --- a/Dockerfile.approver +++ b/Dockerfile.approver @@ -12,10 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Build the istio-csr binary -FROM docker.io/library/golang:1.18 as builder +FROM docker.io/library/golang:1.19 as builder WORKDIR /workspace + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum @@ -31,7 +31,8 @@ RUN make build-approver # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM gcr.io/distroless/static@sha256:be5d77c62dbe7fedfb0a4e5ec2f91078080800ab1f18358e5f31fcc8faa023c4 +# +FROM gcr.io/distroless/static@sha256:c3c3d0230d487c0ad3a0d87ad03ee02ea2ff0b3dcce91ca06a1019e07de05f12 LABEL description="cert-manager CSI Driver SPIFFE Approver" WORKDIR / diff --git a/Dockerfile.driver b/Dockerfile.driver index 928dbc9f..af52ba36 100644 --- a/Dockerfile.driver +++ b/Dockerfile.driver @@ -12,10 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Build the istio-csr binary -FROM docker.io/library/golang:1.18 as builder +FROM docker.io/library/golang:1.19 as builder WORKDIR /workspace + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum @@ -29,7 +29,7 @@ COPY internal/flags internal/flags # Build RUN make build-driver -FROM alpine:3.14 +FROM alpine:3.17 LABEL description="cert-manager CSI Driver SPIFFE" WORKDIR / diff --git a/Makefile b/Makefile index 8edd0bcd..0c2342a8 100644 --- a/Makefile +++ b/Makefile @@ -17,8 +17,8 @@ BINDIR ?= $(CURDIR)/bin ARCH ?= $(shell go env GOARCH) OS ?= $(shell go env GOOS) -HELM_VERSION ?= 3.10.3 -KUBEBUILDER_TOOLS_VERISON ?= 1.22.0 +HELM_VERSION ?= 3.11.1 +KUBEBUILDER_TOOLS_VERISON ?= 1.26.0 IMAGE_PLATFORMS ?= linux/amd64,linux/arm64,linux/arm/v7,linux/ppc64le GOMARKDOC_FLAGS=--format github --repository.url "https://github.com/cert-manager/csi-driver-spiffe" --repository.default-branch master --repository.path / diff --git a/go.mod b/go.mod index c9e1f5f8..0d59ce52 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/cert-manager/csi-driver-spiffe -go 1.18 +go 1.19 require ( github.com/cert-manager/cert-manager v1.10.0 @@ -147,12 +147,12 @@ require ( github.com/zeebo/errs v1.2.2 // indirect go.starlark.net v0.0.0-20221028183056-acb66ad56dd2 // indirect golang.org/x/crypto v0.2.0 // indirect - golang.org/x/net v0.2.0 // indirect + golang.org/x/net v0.7.0 // indirect golang.org/x/oauth2 v0.2.0 // indirect golang.org/x/sync v0.0.0-20220923202941-7f9b1623fab7 // indirect - golang.org/x/sys v0.2.0 // indirect - golang.org/x/term v0.2.0 // indirect - golang.org/x/text v0.4.0 // indirect + golang.org/x/sys v0.5.0 // indirect + golang.org/x/term v0.5.0 // indirect + golang.org/x/text v0.7.0 // indirect golang.org/x/time v0.2.0 // indirect golang.org/x/tools v0.1.12 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect diff --git a/go.sum b/go.sum index eb4c4353..8af1b069 100644 --- a/go.sum +++ b/go.sum @@ -871,6 +871,8 @@ golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -974,6 +976,8 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -981,6 +985,8 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= +golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -992,6 +998,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=