Skip to content

Commit

Permalink
Updating go dependencies. Adding dependabot for images & github actions
Browse files Browse the repository at this point in the history
  • Loading branch information
@samuelattwood
samuelattwood committed Apr 20, 2023
1 parent f77253e commit 7634347
Show file tree
Hide file tree
Showing 6 changed files with 124 additions and 461 deletions.
24 changes: 24 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
version: 2
updates:
# version updates: enabled
# security updates: enabled
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
- package-ecosystem: "docker"
directory: "cicd"
schedule:
interval: "daily"
ignore:
- dependency-name: "golang"
update-types: ["version-update:semver-major"]

# version updates: disabled
# security updates: enabled
# https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#overriding-the-default-behavior-with-a-configuration-file
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "daily"
open-pull-requests-limit: 0
6 changes: 3 additions & 3 deletions cicd/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#syntax=docker/dockerfile-upstream:1.4
#syntax=docker/dockerfile-upstream:1.5
ARG GO_APP

FROM base as deps
FROM alpine:3.17.3 as deps

ARG GO_APP

Expand All @@ -25,7 +25,7 @@ RUN <<EOT
cp ${BIN_PATH} /go/bin
EOT

FROM base
FROM alpine:3.17.3

ARG GO_APP

Expand Down
21 changes: 16 additions & 5 deletions cicd/Dockerfile_goreleaser
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,16 @@
#syntax=docker/dockerfile-upstream:1.4
FROM --platform=$BUILDPLATFORM goreleaser
#syntax=docker/dockerfile-upstream:1.5
FROM --platform=$BUILDPLATFORM golang:1.20.3-bullseye as build

RUN <<EOT
set -e

echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' > /etc/apt/sources.list.d/goreleaser.list
apt-get update
apt-get install -y goreleaser
rm -rf /var/lib/apt/lists/*
EOT

FROM build

ARG CI
ARG GITHUB_TOKEN
Expand All @@ -9,9 +20,9 @@ COPY --from=src . /go/src
RUN <<EOT
set -e
cd /go/src
FLAGS="--rm-dist"
if [[ -z ${GITHUB_TOKEN} ]]; then
if [[ ${CI} != "true" ]]; then FLAGS="${FLAGS} --skip-validate --single-target"; fi
FLAGS="--clean"
if [ -z ${GITHUB_TOKEN} ]; then
if [ ${CI} != "true" ]; then FLAGS="${FLAGS} --skip-validate --single-target"; fi
goreleaser build ${FLAGS}
else
goreleaser release ${FLAGS}
Expand Down
10 changes: 0 additions & 10 deletions docker-bake.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,6 @@ variable CI {
default = false
}

variable image_base {
default = "docker-image://alpine:3.17.1"
}

variable image_goreleaser {
default = "docker-image://goreleaser/goreleaser:v1.14.1"
}

###################
### Functions
###################
Expand Down Expand Up @@ -58,7 +50,6 @@ group "default" {

target "goreleaser" {
contexts = {
goreleaser = image_goreleaser
src = "."
}
args = {
Expand All @@ -70,7 +61,6 @@ target "goreleaser" {

target "prometheus-nats-exporter" {
contexts = {
base = image_base
build = "target:goreleaser"
}
args = {
Expand Down
47 changes: 24 additions & 23 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,39 +4,40 @@ go 1.20

require (
github.com/nats-io/nats-replicator v0.1.0
github.com/nats-io/nats-server/v2 v2.9.14
github.com/nats-io/nats-streaming-server v0.25.3
github.com/nats-io/nats.go v1.23.0
github.com/nats-io/nats-server/v2 v2.9.16
github.com/nats-io/nats-streaming-server v0.25.4
github.com/nats-io/nats.go v1.25.0
github.com/nats-io/stan.go v0.10.4
github.com/prometheus/client_golang v1.14.0
github.com/prometheus/client_golang v1.15.0
github.com/prometheus/client_model v0.3.0
golang.org/x/crypto v0.6.0
golang.org/x/crypto v0.8.0
)

require (
github.com/armon/go-metrics v0.4.0 // indirect
github.com/armon/go-metrics v0.4.1 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/fatih/color v1.13.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/fatih/color v1.15.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/hashicorp/go-hclog v1.2.2 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
github.com/hashicorp/go-msgpack v1.1.5 // indirect
github.com/hashicorp/go-msgpack v0.5.5 // indirect
github.com/hashicorp/go-msgpack/v2 v2.1.0 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/hashicorp/raft v1.3.11 // indirect
github.com/klauspost/compress v1.15.15 // indirect
github.com/mattn/go-colorable v0.1.12 // indirect
github.com/mattn/go-isatty v0.0.14 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/hashicorp/raft v1.4.0 // indirect
github.com/klauspost/compress v1.16.5 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.18 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/minio/highwayhash v1.0.2 // indirect
github.com/nats-io/jwt/v2 v2.3.0 // indirect
github.com/nats-io/nkeys v0.3.0 // indirect
github.com/nats-io/jwt/v2 v2.4.1 // indirect
github.com/nats-io/nkeys v0.4.4 // indirect
github.com/nats-io/nuid v1.0.1 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
go.etcd.io/bbolt v1.3.6 // indirect
golang.org/x/sys v0.5.0 // indirect
github.com/prometheus/common v0.42.0 // indirect
github.com/prometheus/procfs v0.9.0 // indirect
go.etcd.io/bbolt v1.3.7 // indirect
golang.org/x/sys v0.7.0 // indirect
golang.org/x/time v0.3.0 // indirect
google.golang.org/protobuf v1.28.1 // indirect
google.golang.org/protobuf v1.30.0 // indirect
)
Loading

0 comments on commit 7634347

Please sign in to comment.