Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Alpine to v3.16 #661

Merged
merged 4 commits into from
May 25, 2022
Merged

Update Alpine to v3.16 #661

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
886974a
Update runc to v1.1.2
stefanprodan May 25, 2022
70ee93c
Update Alpine to v3.16
stefanprodan May 25, 2022
0d7cb09
Update dependencies
hiddeco May 25, 2022
0539f6f
Drop deprecated github.com/golang/protobuf
hiddeco May 25, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ COPY internal/ internal/
ENV CGO_ENABLED=0
RUN xx-go build -a -o kustomize-controller main.go

FROM alpine:3.15
FROM alpine:3.16

RUN apk add --no-cache ca-certificates tini git openssh-client gnupg

Expand Down
50 changes: 22 additions & 28 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.13.2
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.4.0
github.com/aws/aws-sdk-go-v2 v1.16.4
github.com/aws/aws-sdk-go-v2/config v1.15.4
github.com/aws/aws-sdk-go-v2/credentials v1.12.0
github.com/aws/aws-sdk-go-v2/service/kms v1.17.1
github.com/aws/aws-sdk-go-v2/service/sts v1.16.4
github.com/aws/aws-sdk-go-v2/config v1.15.7
github.com/aws/aws-sdk-go-v2/credentials v1.12.2
github.com/aws/aws-sdk-go-v2/service/kms v1.17.2
github.com/aws/aws-sdk-go-v2/service/sts v1.16.6
github.com/cyphar/filepath-securejoin v0.2.3
github.com/dimchansky/utfbom v1.1.1
github.com/drone/envsubst v1.0.3
Expand All @@ -28,17 +28,17 @@ require (
github.com/fluxcd/pkg/testserver v0.2.0
github.com/fluxcd/pkg/untar v0.1.0
github.com/fluxcd/source-controller/api v0.24.4
github.com/golang/protobuf v1.5.2
github.com/hashicorp/go-retryablehttp v0.7.1
github.com/hashicorp/vault/api v1.5.0
github.com/onsi/gomega v1.19.0
github.com/ory/dockertest v3.3.5+incompatible
github.com/spf13/pflag v1.0.5
go.mozilla.org/sops/v3 v3.7.3
golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4
google.golang.org/api v0.74.0
google.golang.org/genproto v0.0.0-20220405205423-9d709892a2bf
google.golang.org/grpc v1.45.0
golang.org/x/net v0.0.0-20220524220425-1d687d428aca
google.golang.org/api v0.81.0
google.golang.org/genproto v0.0.0-20220525015930-6ca3db687a9d
google.golang.org/grpc v1.46.2
google.golang.org/protobuf v1.28.0
k8s.io/api v0.24.0
k8s.io/apiextensions-apiserver v0.24.0
k8s.io/apimachinery v0.24.0
Expand All @@ -49,27 +49,21 @@ require (
sigs.k8s.io/yaml v1.3.0
)

// Fix CVE-2022-27191
replace golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4

// Pin kustomize to v4.5.5
replace (
sigs.k8s.io/kustomize/api => sigs.k8s.io/kustomize/api v0.11.5
sigs.k8s.io/kustomize/kyaml => sigs.k8s.io/kustomize/kyaml v0.13.7
)

// Fix CVE-2021-30465
// Fix CVE-2021-43784
// Fix GO-2021-0085
// Fix GO-2021-0087
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.3
// Fix CVE-2022-29162
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.2

// Fix CVE-2021-41190
replace github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2
// Fix CVE-2022-27191
replace golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898

require (
cloud.google.com/go v0.100.2 // indirect
cloud.google.com/go/compute v1.5.0 // indirect
cloud.google.com/go/compute v1.6.1 // indirect
cloud.google.com/go/iam v0.3.0 // indirect
github.com/Azure/azure-sdk-for-go v63.3.0+incompatible // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v0.9.1 // indirect
Expand All @@ -95,12 +89,12 @@ require (
github.com/armon/go-metrics v0.3.10 // indirect
github.com/armon/go-radix v1.0.0 // indirect
github.com/aws/aws-sdk-go v1.43.43 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.4 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.4 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.5 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.5 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.12 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.4 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.11.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.5 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.11.5 // indirect
github.com/aws/smithy-go v1.11.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver v3.5.1+incompatible // indirect
Expand All @@ -127,14 +121,15 @@ require (
github.com/golang-jwt/jwt v3.2.1+incompatible // indirect
github.com/golang-jwt/jwt/v4 v4.3.0 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/google/btree v1.0.1 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/go-cmp v0.5.8 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/googleapis/gax-go/v2 v2.2.0 // indirect
github.com/googleapis/gax-go/v2 v2.4.0 // indirect
github.com/goware/prefixer v0.0.0-20160118172347-395022866408 // indirect
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
Expand Down Expand Up @@ -204,13 +199,12 @@ require (
go.uber.org/zap v1.21.0 // indirect
golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect
golang.org/x/sys v0.0.0-20220513210249-45d2b4557a2a // indirect
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
golang.org/x/text v0.3.7 // indirect
golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.66.4 // indirect
gopkg.in/square/go-jose.v2 v2.6.0 // indirect
Expand Down
Loading