From c79c07198538e30791b293e0c3599f033e9da6ba Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 29 Nov 2024 07:34:06 +0100 Subject: [PATCH 01/63] Update RHCOS to OCP version map (#2606) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index 0512ae62d..fe2602b2c 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -223,6 +223,7 @@ 4.12.68 / 412.86.202410300039-0 4.12.69 / 412.86.202411061519-0 4.12.7 / 412.86.202303011010-0 +4.12.70 / 412.86.202411270001-0 4.12.8 / 412.86.202303141242-0 4.12.9 / 412.86.202303211731-0 4.13.0 / 413.92.202305041429-0 @@ -339,6 +340,7 @@ 4.14.4 / 414.92.202311222314-0 4.14.40 / 414.92.202410290222-0 4.14.41 / 414.92.202411130444-0 +4.14.42 / 414.92.202411260513-0 4.14.5 / 414.92.202311281318-0 4.14.6 / 414.92.202312011602-0 4.14.7 / 414.92.202312132152-0 @@ -426,6 +428,7 @@ 4.16.21 / 416.94.202411061221-0 4.16.23 / 416.94.202411111409-0 4.16.24 / 416.94.202411201433-0 +4.16.25 / 416.94.202411261619-0 4.16.3 / 416.94.202407081958-0 4.16.4 / 416.94.202407171205-0 4.16.5 / 416.94.202407231922-0 @@ -450,6 +453,7 @@ 4.17.4 / 417.94.202411050056-0 4.17.5 / 417.94.202411070820-0 4.17.6 / 417.94.202411201839-0 +4.17.7 / 417.94.202411261220-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From 9e35ac5cdc8bd56bd92357a9852f1d1a30254f87 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 29 Nov 2024 07:34:27 +0100 Subject: [PATCH 02/63] Bump depends-on/depends-on-action (#2604) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from 9e8a61fce18b15281e831f1bba0e14c71d1e1f46 to 3f0a220b74074edace48e46f7bacc29e5ef555c2. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/9e8a61fce18b15281e831f1bba0e14c71d1e1f46...3f0a220b74074edace48e46f7bacc29e5ef555c2) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 7ce9ab2cf..3898258b5 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index bfc1c3de4..a88d30ffc 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@9e8a61fce18b15281e831f1bba0e14c71d1e1f46 # main + uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main with: token: ${{ secrets.GITHUB_TOKEN }} From 9718894c4bac4fd05a0acc35b4b5adb17d2fac18 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 29 Nov 2024 07:34:44 +0100 Subject: [PATCH 03/63] Bump ubi9/ubi from `2bae906` to `1057dab` (#2605) Bumps ubi9/ubi from `2bae906` to `1057dab`. --- updated-dependencies: - dependency-name: ubi9/ubi dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cf332f38c..523f11913 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:2bae9062eddbbc18e76555972e7026ffe02cef560a0076e6d7f72bed2c05723f AS build +FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:1057dab827c782abcfb9bda0c3900c0966b5066e671d54976a7bcb3a2d1a5e53 AS build ENV CERTSUITE_DIR=/usr/certsuite ENV \ CERTSUITE_SRC_DIR=${CERTSUITE_DIR}/src \ From a8f7ac2e80a02e24e67d2a8b12c683aba9ef7b7d Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Fri, 29 Nov 2024 06:58:16 -0600 Subject: [PATCH 04/63] Remove legacy RunAsUser vars (#2602) --- tests/identifiers/doclinks.go | 1 - tests/identifiers/identifiers.go | 1 - tests/identifiers/remediation.go | 2 -- 3 files changed, 4 deletions(-) diff --git a/tests/identifiers/doclinks.go b/tests/identifiers/doclinks.go index 9fa0d3d17..819cd1b4b 100644 --- a/tests/identifiers/doclinks.go +++ b/tests/identifiers/doclinks.go @@ -111,7 +111,6 @@ const ( TestOperatorCrdSchemaIdentifierDocLink = DocOperatorRequirement TestOperatorCrdVersioningIdentifierDocLink = DocOperatorRequirement TestOperatorSingleCrdOwnerIdentifierDocLink = DocOperatorRequirement - TestOperatorRunAsUserIDDocLink = DocOperatorRequirement TestOperatorRunAsNonRootDocLink = DocOperatorRequirement TestOperatorAutomountTokensDocLink = DocOperatorRequirement TestOperatorReadOnlyFilesystemDocLink = DocOperatorRequirement diff --git a/tests/identifiers/identifiers.go b/tests/identifiers/identifiers.go index ec505d4e2..095b43ccc 100644 --- a/tests/identifiers/identifiers.go +++ b/tests/identifiers/identifiers.go @@ -128,7 +128,6 @@ var ( TestOperatorOlmSkipRange claim.Identifier TestOperatorAutomountTokens claim.Identifier TestOperatorRunAsNonRoot claim.Identifier - TestOperatorRunAsUserID claim.Identifier TestOperatorCrdVersioningIdentifier claim.Identifier TestOperatorCrdSchemaIdentifier claim.Identifier TestOperatorSingleCrdOwnerIdentifier claim.Identifier diff --git a/tests/identifiers/remediation.go b/tests/identifiers/remediation.go index 510594360..591937513 100644 --- a/tests/identifiers/remediation.go +++ b/tests/identifiers/remediation.go @@ -87,8 +87,6 @@ const ( OperatorCrdSchemaIdentifierRemediation = `Ensure that the Operator CRD is defined with OpenAPI spec.` - OperatorRunAsUserID = `Ensure that the user ID of the pods is not 0.` - OperatorRunAsNonRoot = `Ensure that the pods are running as non root.` OperatorAutomountTokens = `Ensure that the pods have the automount service account token disabled.` From 4661a8406b367c63ef70cda02ad7eb150ed8243e Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Mon, 2 Dec 2024 08:14:35 -0600 Subject: [PATCH 05/63] Add additional testhelper pkg unit tests (#2601) --- pkg/testhelper/testhelper_test.go | 135 ++++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) diff --git a/pkg/testhelper/testhelper_test.go b/pkg/testhelper/testhelper_test.go index 01b23bbd8..8f9931641 100644 --- a/pkg/testhelper/testhelper_test.go +++ b/pkg/testhelper/testhelper_test.go @@ -1104,3 +1104,138 @@ func TestGetNoOperatorsSkipFn(t *testing.T) { assert.Equal(t, testCase.expectedResult, result) } } + +func TestFailureReasonOutTestString(t *testing.T) { + testCases := []struct { + testFailureReasonOut FailureReasonOut + expectedResult string + }{ + { + testFailureReasonOut: FailureReasonOut{ + CompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject1", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + NonCompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject2", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + }, + //nolint:lll + expectedResult: `testhelper.FailureReasonOut{CompliantObjectsOut: []*testhelper.ReportObject{&testhelper.ReportObject{ObjectType:"testObject1", ObjectFieldsKeys:[]string{"key1", "key2"}, ObjectFieldsValues:[]string{"value1", "value2"}},},NonCompliantObjectsOut: []*testhelper.ReportObject{&testhelper.ReportObject{ObjectType:"testObject2", ObjectFieldsKeys:[]string{"key1", "key2"}, ObjectFieldsValues:[]string{"value1", "value2"}},},}`, + }, + } + + for _, testCase := range testCases { + assert.Equal(t, testCase.expectedResult, FailureReasonOutTestString(testCase.testFailureReasonOut)) + } +} + +func TestReportObjectTestString(t *testing.T) { + testCases := []struct { + testReportObject ReportObject + expectedResult string + }{ + { + testReportObject: ReportObject{ + ObjectType: "testObject", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + expectedResult: `[]testhelper.ReportObject{testhelper.ReportObject{ObjectType:"testObject", ObjectFieldsKeys:[]string{"key1", "key2"}, ObjectFieldsValues:[]string{"value1", "value2"}},}`, + }, + } + + for _, testCase := range testCases { + assert.Equal(t, testCase.expectedResult, ReportObjectTestString([]*ReportObject{&testCase.testReportObject})) + } +} + +func TestFailureReasonOutEqual(t *testing.T) { + testCases := []struct { + testFailureReasonOut1 FailureReasonOut + testFailureReasonOut2 FailureReasonOut + expectedResult bool + }{ + { // Test Case #1 - Equal + testFailureReasonOut1: FailureReasonOut{ + CompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject1", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + NonCompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject2", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + }, + testFailureReasonOut2: FailureReasonOut{ + CompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject1", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + NonCompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject2", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + }, + expectedResult: true, + }, + { // Test Case #2 - Not Equal + testFailureReasonOut1: FailureReasonOut{ + CompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject1", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + NonCompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject2", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + }, + testFailureReasonOut2: FailureReasonOut{ + CompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject1", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + NonCompliantObjectsOut: []*ReportObject{ + { + ObjectType: "testObject3", + ObjectFieldsKeys: []string{"key1", "key2"}, + ObjectFieldsValues: []string{"value1", "value2"}, + }, + }, + }, + expectedResult: false, + }, + } + + for _, testCase := range testCases { + assert.Equal(t, testCase.expectedResult, testCase.testFailureReasonOut1.Equal(testCase.testFailureReasonOut2)) + } +} From d6482e5c4ba095d0e2356c83e998ff01c3e8967d Mon Sep 17 00:00:00 2001 From: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com> Date: Tue, 3 Dec 2024 09:03:31 +0100 Subject: [PATCH 06/63] Fix for operator-single-crd-owner test case. (#2603) As stated in issue https://github.com/redhat-best-practices-for-k8s/certsuite/issues/2593 , the test case operator-single-crd-owner might produce false positives. The original implementation didn't handle cases where a single CRD name can have more than one version. --- tests/operator/suite.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tests/operator/suite.go b/tests/operator/suite.go index ed44397ce..e4bf6e841 100644 --- a/tests/operator/suite.go +++ b/tests/operator/suite.go @@ -317,9 +317,19 @@ func testOperatorSingleCrdOwner(check *checksdb.Check, env *provider.TestEnviron for i := range env.Operators { operator := env.Operators[i] ownedCrds := operator.Csv.Spec.CustomResourceDefinitions.Owned + + // Helper map to filter out different versions of the same CRD name. + uniqueOnwnedCrds := map[string]struct{}{} for j := range ownedCrds { - crdOwners[ownedCrds[j].Name] = append(crdOwners[ownedCrds[j].Name], operator.Name) + uniqueOnwnedCrds[ownedCrds[j].Name] = struct{}{} + } + + // Now we can append the operator as CRD owner + for crdName := range uniqueOnwnedCrds { + crdOwners[crdName] = append(crdOwners[crdName], operator.Name) } + + check.LogInfo("CRDs owned by operator %s: %+v", operator.Name, uniqueOnwnedCrds) } // Flag those that are owned by more than one operator From b2c97b5c5b0a217bd10fd8197e2b73d57e3f91fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 11:49:01 -0600 Subject: [PATCH 07/63] Bump github/codeql-action from 3.27.5 to 3.27.6 (#2607) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.5 to 3.27.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f09c1c0a94de965c15400f5634aa42fac8fb8f88...aa578102511db1f4524ed59b8cc2bae4f6e88195) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8ed9114e2..ffefcf6ff 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 with: languages: ${{ matrix.language }} tools: latest @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -78,4 +78,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f79356472..32a7c97b7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 with: sarif_file: results.sarif From 25fde504e096c9e2d037b477d9e6e78a6432eb86 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 15:04:41 -0600 Subject: [PATCH 08/63] Bump ubi9/python-39 in /.github/actions/documentation (#2608) Bumps ubi9/python-39 from `84c0289` to `eb65add`. --- updated-dependencies: - dependency-name: ubi9/python-39 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/documentation/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/documentation/Dockerfile b/.github/actions/documentation/Dockerfile index d56af10d1..bc9e6eb38 100644 --- a/.github/actions/documentation/Dockerfile +++ b/.github/actions/documentation/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:84c028923cd3c8554c9b5c1423a553a4cb8f3ee88c17a3d87756c9b08f5e8fe7 +FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:eb65add9b84a3d3ac104b7bc091f49faffe9e69aef8bafb0654547b1708c4841 # Pin versions in pip. # hadolint ignore=DL3013 From baef626a3e3ddcc32ff9f49eb2ba82caaabaff60 Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Wed, 4 Dec 2024 00:54:06 -0600 Subject: [PATCH 09/63] Update Go to v1.23.4 (#2609) --- .github/actions/setup/action.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/merge.yaml | 2 +- .github/workflows/pre-main.yaml | 8 ++++---- .github/workflows/preflight.yml | 2 +- .github/workflows/update-rhcos-mapping.yml | 2 +- .github/workflows/upload-release-assets.yaml | 2 +- Dockerfile | 8 ++++---- go.mod | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index 08ebcf216..a80345b7e 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -16,7 +16,7 @@ runs: - name: Set up Go 1.23 uses: actions/setup-go@v4 with: - go-version: 1.23.3 + go-version: 1.23.4 cache: false - name: Disable default go problem matcher diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ffefcf6ff..42ae25d5b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -48,7 +48,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 6239c4ae3..ea5e173b2 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -27,7 +27,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Check out code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 3898258b5..04373f51e 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -44,7 +44,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Disable default go problem matcher run: echo "::remove-matcher owner=go::" @@ -119,7 +119,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Disable default go problem matcher run: echo "::remove-matcher owner=go::" @@ -189,7 +189,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Disable default go problem matcher run: echo "::remove-matcher owner=go::" @@ -288,7 +288,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 # Perform smoke tests using a Certsuite container. - name: Check out code diff --git a/.github/workflows/preflight.yml b/.github/workflows/preflight.yml index 59eb612b0..9306b85b2 100644 --- a/.github/workflows/preflight.yml +++ b/.github/workflows/preflight.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Disable default go problem matcher run: echo "::remove-matcher owner=go::" diff --git a/.github/workflows/update-rhcos-mapping.yml b/.github/workflows/update-rhcos-mapping.yml index a160d9292..ccfc76327 100644 --- a/.github/workflows/update-rhcos-mapping.yml +++ b/.github/workflows/update-rhcos-mapping.yml @@ -30,7 +30,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 # This prevents any failures due to the updated rhcos_versions_map file from # making it into the PR phase. diff --git a/.github/workflows/upload-release-assets.yaml b/.github/workflows/upload-release-assets.yaml index a019e2510..489d98cc0 100644 --- a/.github/workflows/upload-release-assets.yaml +++ b/.github/workflows/upload-release-assets.yaml @@ -16,7 +16,7 @@ jobs: - name: Set up Go 1.23 uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: - go-version: 1.23.3 + go-version: 1.23.4 - name: Check out code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/Dockerfile b/Dockerfile index 523f11913..1c69b93c3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,19 +27,19 @@ ENV \ ENV \ GO_DL_URL=https://golang.org/dl \ GOPATH=/root/go -ENV GO_BIN_URL_x86_64=${GO_DL_URL}/go1.23.3.linux-amd64.tar.gz -ENV GO_BIN_URL_aarch64=${GO_DL_URL}/go1.23.3.linux-arm64.tar.gz +ENV GO_BIN_URL_x86_64=${GO_DL_URL}/go1.23.4.linux-amd64.tar.gz +ENV GO_BIN_URL_aarch64=${GO_DL_URL}/go1.23.4.linux-arm64.tar.gz # Determine the CPU architecture and download the appropriate Go binary RUN \ if [ "$(uname -m)" = x86_64 ]; then \ wget --directory-prefix=${TEMP_DIR} ${GO_BIN_URL_x86_64} --quiet \ && rm -rf /usr/local/go \ - && tar -C /usr/local -xzf ${TEMP_DIR}/go1.23.3.linux-amd64.tar.gz; \ + && tar -C /usr/local -xzf ${TEMP_DIR}/go1.23.4.linux-amd64.tar.gz; \ elif [ "$(uname -m)" = aarch64 ]; then \ wget --directory-prefix=${TEMP_DIR} ${GO_BIN_URL_aarch64} --quiet \ && rm -rf /usr/local/go \ - && tar -C /usr/local -xzf ${TEMP_DIR}/go1.23.3.linux-arm64.tar.gz; \ + && tar -C /usr/local -xzf ${TEMP_DIR}/go1.23.4.linux-arm64.tar.gz; \ else \ echo "CPU architecture is not supported." && exit 1; \ fi diff --git a/go.mod b/go.mod index ca77897de..50653394e 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/redhat-best-practices-for-k8s/certsuite -go 1.23.3 +go 1.23.4 require ( github.com/Masterminds/semver/v3 v3.3.1 From 7f5ff9104e654e7306db410c5b23795615f73564 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 00:26:58 +0200 Subject: [PATCH 10/63] Bump google.golang.org/api from 0.209.0 to 0.210.0 (#2611) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.209.0 to 0.210.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.209.0...v0.210.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 10 +++++----- go.sum | 24 ++++++++++++------------ 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/go.mod b/go.mod index 50653394e..d95a976b0 100644 --- a/go.mod +++ b/go.mod @@ -28,8 +28,8 @@ require ( ) require ( - cloud.google.com/go/auth v0.10.2 // indirect - cloud.google.com/go/auth/oauth2adapt v0.2.5 // indirect + cloud.google.com/go/auth v0.11.0 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect cloud.google.com/go/compute/metadata v0.5.2 // indirect dario.cat/mergo v1.0.1 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect @@ -204,8 +204,8 @@ require ( golang.org/x/time v0.8.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241113202542-65e8d215514f // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 // indirect google.golang.org/grpc v1.67.1 // indirect google.golang.org/protobuf v1.35.2 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect @@ -252,7 +252,7 @@ require ( github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.26.0 - google.golang.org/api v0.209.0 + google.golang.org/api v0.210.0 k8s.io/kubectl v0.31.3 ) diff --git a/go.sum b/go.sum index 8b392c2ae..be94fb674 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go/auth v0.10.2 h1:oKF7rgBfSHdp/kuhXtqU/tNDr0mZqhYbEh+6SiqzkKo= -cloud.google.com/go/auth v0.10.2/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI= -cloud.google.com/go/auth/oauth2adapt v0.2.5 h1:2p29+dePqsCHPP1bqDJcKj4qxRyYCcbzKpFyKGt3MTk= -cloud.google.com/go/auth/oauth2adapt v0.2.5/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8= +cloud.google.com/go/auth v0.11.0 h1:Ic5SZz2lsvbYcWT5dfjNWgw6tTlGi2Wc8hyQSC9BstA= +cloud.google.com/go/auth v0.11.0/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI= +cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU= +cloud.google.com/go/auth/oauth2adapt v0.2.6/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8= cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= @@ -749,19 +749,19 @@ golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSm golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.209.0 h1:Ja2OXNlyRlWCWu8o+GgI4yUn/wz9h/5ZfFbKz+dQX+w= -google.golang.org/api v0.209.0/go.mod h1:I53S168Yr/PNDNMi5yPnDc0/LGRZO6o7PoEbl/HY3CM= +google.golang.org/api v0.210.0 h1:HMNffZ57OoZCRYSbdWVRoqOa8V8NIHLL0CzdBPLztWk= +google.golang.org/api v0.210.0/go.mod h1:B9XDZGnx2NtyjzVkOVTGrFSAVZgPcbedzKg/gTLwqBs= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20241113202542-65e8d215514f h1:zDoHYmMzMacIdjNe+P2XiTmPsLawi/pCbSPfxt6lTfw= -google.golang.org/genproto v0.0.0-20241113202542-65e8d215514f/go.mod h1:Q5m6g8b5KaFFzsQFIGdJkSJDGeJiybVenoYFMMa3ohI= -google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 h1:M0KvPgPmDZHPlbRbaNU1APr28TvwvvdUPlSv7PUvy8g= -google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28/go.mod h1:dguCy7UOdZhTvLzDyt15+rOrawrpM4q7DD9dQ1P11P4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241113202542-65e8d215514f h1:C1QccEa9kUwvMgEUORqQD9S17QesQijxjZ84sO82mfo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241113202542-65e8d215514f/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= +google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 h1:ToEetK57OidYuqD4Q5w+vfEnPvPpuTwedCNVohYJfNk= +google.golang.org/genproto v0.0.0-20241118233622-e639e219e697/go.mod h1:JJrvXBWRZaFMxBufik1a4RpFw4HhgVtBBWQeQgUj2cc= +google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f h1:M65LEviCfuZTfrfzwwEoxVtgvfkFkBUbFnRbxCXuXhU= +google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f/go.mod h1:Yo94eF2nj7igQt+TiJ49KxjIH8ndLYPZMIRSiRcEbg0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 h1:LWZqQOEjDyONlF1H6afSWpAL/znlREo2tHfLoe+8LMA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= From af934773bdde4c79b3c4433e8fed13ad0dfd13cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 10:45:27 -0600 Subject: [PATCH 11/63] Bump golang.org/x/term from 0.26.0 to 0.27.0 (#2610) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.26.0 to 0.27.0. - [Commits](https://github.com/golang/term/compare/v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index d95a976b0..ee18bc460 100644 --- a/go.mod +++ b/go.mod @@ -199,7 +199,7 @@ require ( golang.org/x/net v0.31.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.9.0 // indirect - golang.org/x/sys v0.27.0 // indirect + golang.org/x/sys v0.28.0 // indirect golang.org/x/text v0.20.0 // indirect golang.org/x/time v0.8.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect @@ -251,7 +251,7 @@ require ( github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 - golang.org/x/term v0.26.0 + golang.org/x/term v0.27.0 google.golang.org/api v0.210.0 k8s.io/kubectl v0.31.3 ) diff --git a/go.sum b/go.sum index be94fb674..5ac851b17 100644 --- a/go.sum +++ b/go.sum @@ -715,13 +715,13 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= -golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU= -golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= From c90ecc2e5f0174d1158f3bb89f8f69ae30762914 Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Thu, 5 Dec 2024 10:48:26 -0600 Subject: [PATCH 12/63] operator: image bundle < 1000 references test (#2549) * operator: image bundle < 1000 references test Look through CSVs and PackageManifests Remove curl lookup; use relatedImages Add filter for already reported catalogsources additional cleanup; catalogsource pkg and tests total up channel entries for bundle count cleanup and rebuild catalog * use grpcurl for ocp 4.12 or below * Remove packageManifest name filter * Test grpcurl * Add skip for channel entry loop --- .github/workflows/pre-main.yaml | 2 +- CATALOG.md | 24 +++- cmd/certsuite/run/run.go | 2 +- docs/runtime-env.md | 2 +- expected_results.yaml | 2 +- pkg/autodiscover/autodiscover.go | 8 ++ pkg/provider/catalogsources.go | 106 +++++++++++++++++ pkg/provider/catalogsources_test.go | 85 ++++++++++++++ pkg/provider/provider.go | 3 + pkg/testhelper/testhelper.go | 20 ++++ pkg/testhelper/testhelper_test.go | 66 +++++++++++ tests/identifiers/doclinks.go | 31 ++--- tests/identifiers/identifiers.go | 17 +++ tests/identifiers/remediation.go | 2 + tests/operator/catalogsource/catalogsource.go | 30 +++++ .../catalogsource/catalogsource_test.go | 49 ++++++++ tests/operator/helper_test.go | 4 +- tests/operator/suite.go | 109 ++++++++++++++++++ version.json | 2 +- 19 files changed, 539 insertions(+), 25 deletions(-) create mode 100644 pkg/provider/catalogsources.go create mode 100644 pkg/provider/catalogsources_test.go create mode 100644 tests/operator/catalogsource/catalogsource.go create mode 100644 tests/operator/catalogsource/catalogsource_test.go diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 04373f51e..5c470ef02 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -19,7 +19,7 @@ env: OCT_IMAGE_NAME: redhat-best-practices-for-k8s/oct OCT_IMAGE_TAG: latest PROBE_IMAGE_NAME: redhat-best-practices-for-k8s/certsuite-probe - PROBE_IMAGE_TAG: v0.0.10 + PROBE_IMAGE_TAG: v0.0.11 CERTSUITE_CONFIG_DIR: /tmp/certsuite/config CERTSUITE_OUTPUT_DIR: /tmp/certsuite/output SMOKE_TESTS_LOG_LEVEL: debug diff --git a/CATALOG.md b/CATALOG.md index c28fda8d8..6c80a42df 100644 --- a/CATALOG.md +++ b/CATALOG.md @@ -7,7 +7,7 @@ Depending on the workload type, not all tests are required to pass to satisfy be ## Test cases summary -### Total test cases: 116 +### Total test cases: 117 ### Total suites: 10 @@ -19,7 +19,7 @@ Depending on the workload type, not all tests are required to pass to satisfy be |manageability|2| |networking|12| |observability|5| -|operator|10| +|operator|11| |performance|6| |platform-alteration|13| |preflight|17| @@ -36,11 +36,11 @@ Depending on the workload type, not all tests are required to pass to satisfy be |---|---| |8|1| -### Non-Telco specific tests only: 68 +### Non-Telco specific tests only: 69 |Mandatory|Optional| |---|---| -|43|25| +|44|25| ### Telco specific tests only: 27 @@ -1186,6 +1186,22 @@ Tags|telco,observability ### operator +#### operator-catalogsource-bundle-count + +Property|Description +---|--- +Unique ID|operator-catalogsource-bundle-count +Description|Tests operator catalog source bundle count is less than 1000 +Suggested Remediation|Ensure that the Operator's catalog source has a valid bundle count less than 1000. +Best Practice Reference|https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-cnf-operator-requirements +Exception Process|No exceptions +Tags|common,operator +|**Scenario**|**Optional/Mandatory**| +|Extended|Mandatory| +|Far-Edge|Mandatory| +|Non-Telco|Mandatory| +|Telco|Mandatory| + #### operator-crd-openapi-schema Property|Description diff --git a/cmd/certsuite/run/run.go b/cmd/certsuite/run/run.go index ba5a10795..5755a90a7 100644 --- a/cmd/certsuite/run/run.go +++ b/cmd/certsuite/run/run.go @@ -39,7 +39,7 @@ func NewCommand() *cobra.Command { runCmd.PersistentFlags().Bool("include-web-files", false, "Save web files in the configured output folder") runCmd.PersistentFlags().Bool("enable-data-collection", false, "Allow sending test results to an external data collector") runCmd.PersistentFlags().Bool("create-xml-junit-file", false, "Create a JUnit file with the test results") - runCmd.PersistentFlags().String("certsuite-probe-image", "quay.io/redhat-best-practices-for-k8s/certsuite-probe:v0.0.10", "Certsuite probe image") + runCmd.PersistentFlags().String("certsuite-probe-image", "quay.io/redhat-best-practices-for-k8s/certsuite-probe:v0.0.11", "Certsuite probe image") runCmd.PersistentFlags().String("daemonset-cpu-req", "100m", "CPU request for the probe daemonset container") runCmd.PersistentFlags().String("daemonset-cpu-lim", "100m", "CPU limit for the probe daemonset container") runCmd.PersistentFlags().String("daemonset-mem-req", "100M", "Memory request for the probe daemonset container") diff --git a/docs/runtime-env.md b/docs/runtime-env.md index 8305a1b88..046fab8c5 100644 --- a/docs/runtime-env.md +++ b/docs/runtime-env.md @@ -63,4 +63,4 @@ See more about this variable [here](https://github.com/redhat-openshift-ecosyste against a private container registry that has self-signed certificates. Note that you can also specify the probe pod image to use with `SUPPORT_IMAGE` -environment variable, default to `certsuite-probe:v0.0.10`. +environment variable, default to `certsuite-probe:v0.0.11`. diff --git a/expected_results.yaml b/expected_results.yaml index bf91fbcfe..a3a6c30e1 100644 --- a/expected_results.yaml +++ b/expected_results.yaml @@ -66,7 +66,6 @@ testCases: - platform-alteration-tainted-node-kernel fail: - affiliated-certification-container-is-certified-digest # test container image is not certified - skip: - access-control-sys-ptrace-capability - affiliated-certification-helm-version @@ -87,6 +86,7 @@ testCases: - operator-single-crd-owner - operator-pods-no-hugepages - operator-multiple-same-operators + - operator-catalogsource-bundle-count - performance-exclusive-cpu-pool-rt-scheduling-policy - performance-isolated-cpu-pool-rt-scheduling-policy - performance-shared-cpu-pool-non-rt-scheduling-policy diff --git a/pkg/autodiscover/autodiscover.go b/pkg/autodiscover/autodiscover.go index 600ec3795..948020fa3 100644 --- a/pkg/autodiscover/autodiscover.go +++ b/pkg/autodiscover/autodiscover.go @@ -92,6 +92,7 @@ type DiscoveredTestData struct { RoleBindings []rbacv1.RoleBinding // Contains all rolebindings from all namespaces Roles []rbacv1.Role // Contains all roles from all namespaces Services []*corev1.Service + AllServices []*corev1.Service ServiceAccounts []*corev1.ServiceAccount AllServiceAccounts []*corev1.ServiceAccount Hpas []*scalingv1.HorizontalPodAutoscaler @@ -169,7 +170,10 @@ func DoAutoDiscover(config *configuration.TestConfiguration) DiscoveredTestData } data.AllInstallPlans = getAllInstallPlans(oc.OlmClient) data.AllCatalogSources = getAllCatalogSources(oc.OlmClient) + log.Info("Collected %d catalog sources during autodiscovery", len(data.AllCatalogSources)) + data.AllPackageManifests = getAllPackageManifests(oc.OlmPkgClient) + data.Namespaces = namespacesListToStringList(config.TargetNameSpaces) data.Pods, data.AllPods = findPodsByLabels(oc.K8sClient.CoreV1(), podsUnderTestLabelsObjects, data.Namespaces) data.AbnormalEvents = findAbnormalEvents(oc.K8sClient.CoreV1(), data.Namespaces) @@ -276,6 +280,10 @@ func DoAutoDiscover(config *configuration.TestConfiguration) DiscoveredTestData if err != nil { log.Fatal("Cannot get list of services, err: %v", err) } + data.AllServices, err = getServices(oc.K8sClient.CoreV1(), data.AllNamespaces, data.ServicesIgnoreList) + if err != nil { + log.Fatal("Cannot get list of all services, err: %v", err) + } data.ServiceAccounts, err = getServiceAccounts(oc.K8sClient.CoreV1(), data.Namespaces) if err != nil { log.Fatal("Cannot get list of service accounts under test, err: %v", err) diff --git a/pkg/provider/catalogsources.go b/pkg/provider/catalogsources.go new file mode 100644 index 000000000..fbf48c0f8 --- /dev/null +++ b/pkg/provider/catalogsources.go @@ -0,0 +1,106 @@ +package provider + +import ( + "strconv" + "strings" + + "github.com/Masterminds/semver" + olmv1Alpha "github.com/operator-framework/api/pkg/operators/v1alpha1" + "github.com/redhat-best-practices-for-k8s/certsuite/internal/clientsholder" + "github.com/redhat-best-practices-for-k8s/certsuite/internal/log" +) + +func GetCatalogSourceBundleCount(env *TestEnvironment, cs *olmv1Alpha.CatalogSource) int { + // Now that we know the catalog source, we are going to count up all of the relatedImages + // that are associated with the catalog source. This will give us the number of bundles that + // are available in the catalog source. + + // If the OCP version is <= 4.12, we need to use the probe container to get the bundle count + const ( + ocpMajorVersion = 4 + ocpMinorVersion = 12 + ) + + // Check if the cluster is running an OCP version <= 4.12 + if env.OpenshiftVersion != "" { + log.Info("Cluster is determined to be running Openshift version %q.", env.OpenshiftVersion) + version, err := semver.NewVersion(env.OpenshiftVersion) + if err != nil { + log.Error("Failed to parse Openshift version %q.", env.OpenshiftVersion) + return 0 + } + + if version.Major() < ocpMajorVersion || (version.Major() == ocpMajorVersion && version.Minor() <= ocpMinorVersion) { + return getCatalogSourceBundleCountFromProbeContainer(env, cs) + } + + // If we didn't find the bundle count via the probe container, we can attempt to use the package manifests + } + + // If we didn't find the bundle count via the probe container, we can use the package manifests + // to get the bundle count + return getCatalogSourceBundleCountFromPackageManifests(env, cs) +} + +func getCatalogSourceBundleCountFromProbeContainer(env *TestEnvironment, cs *olmv1Alpha.CatalogSource) int { + // We need to use the probe container to get the bundle count + // This is because the package manifests are not available in the cluster + // for OCP versions <= 4.12 + o := clientsholder.GetClientsHolder() + + // Find the kubernetes service associated with the catalog source + for _, svc := range env.AllServices { + // Skip if the service is not associated with the catalog source + if svc.Spec.Selector["olm.catalogSource"] != cs.Name { + continue + } + + log.Info("Found service %q associated with catalog source %q.", svc.Name, cs.Name) + + // Use a probe pod to get the bundle count + for _, probePod := range env.ProbePods { + ctx := clientsholder.NewContext(probePod.Namespace, probePod.Name, probePod.Spec.Containers[0].Name) + cmd := "grpcurl -plaintext " + svc.Spec.ClusterIP + ":50051 api.Registry.ListBundles | jq -s 'length'" + cmdValue, errStr, err := o.ExecCommandContainer(ctx, cmd) + if err != nil || errStr != "" { + log.Error("Failed to execute command %s in probe pod %s", cmd, probePod.String()) + continue + } + + // Sanitize the command output + cmdValue = strings.TrimSpace(cmdValue) + cmdValue = strings.Trim(cmdValue, "\"") + + // Parse the command output + bundleCount, err := strconv.Atoi(cmdValue) + if err != nil { + log.Error("Failed to convert bundle count to integer: %s", cmdValue) + continue + } + + // Try each probe pod until we get a valid bundle count (which should only be 1 probe pod) + log.Info("Found bundle count via grpcurl %d for catalog source %q.", bundleCount, cs.Name) + return bundleCount + } + } + + log.Warn("Warning: No services found associated with catalog source %q.", cs.Name) + return -1 +} + +func getCatalogSourceBundleCountFromPackageManifests(env *TestEnvironment, cs *olmv1Alpha.CatalogSource) int { + totalRelatedBundles := 0 + for _, pm := range env.AllPackageManifests { + // Skip if the package manifest is not associated with the catalog source + if pm.Status.CatalogSource != cs.Name || pm.Status.CatalogSourceNamespace != cs.Namespace { + continue + } + + // Count up the number of related bundles + for c := range pm.Status.Channels { + totalRelatedBundles += len(pm.Status.Channels[c].Entries) + } + } + + return totalRelatedBundles +} diff --git a/pkg/provider/catalogsources_test.go b/pkg/provider/catalogsources_test.go new file mode 100644 index 000000000..09cd4b282 --- /dev/null +++ b/pkg/provider/catalogsources_test.go @@ -0,0 +1,85 @@ +package provider + +import ( + "testing" + + olmv1Alpha "github.com/operator-framework/api/pkg/operators/v1alpha1" + olmpkgv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "github.com/stretchr/testify/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func TestGetCatalogSourceBundleCount(t *testing.T) { + generateEnv := func(channelEntries []olmpkgv1.ChannelEntry) *TestEnvironment { + return &TestEnvironment{ + AllPackageManifests: []*olmpkgv1.PackageManifest{ + { + Status: olmpkgv1.PackageManifestStatus{ + CatalogSource: "test-catalog-source", + CatalogSourceNamespace: "test-catalog-source-namespace", + Channels: []olmpkgv1.PackageChannel{ + { + Entries: channelEntries, + }, + }, + }, + }, + }, + } + } + + testCases := []struct { + testEnv *TestEnvironment + testCS *olmv1Alpha.CatalogSource + expected int + }{ + { // Test case 1 + testEnv: generateEnv([]olmpkgv1.ChannelEntry{ + { + Name: "test-csv.v1.0.0", + }, + { + Name: "test-csv.v1.0.1", + }, + }), + testCS: &olmv1Alpha.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-catalog-source", + Namespace: "test-catalog-source-namespace", + }, + }, + expected: 2, + }, + { // Test Case 2 - No matching catalog source found, expecting 0 + testEnv: generateEnv([]olmpkgv1.ChannelEntry{ + { + Name: "test-csv.v1.0.0", + }, + { + Name: "test-csv.v1.0.1", + }, + }), + testCS: &olmv1Alpha.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-catalog-source2", + Namespace: "test-catalog-source-namespace", + }, + }, + expected: 0, + }, + { // Test Case 3 - No images in the catalog source, expecting 0 + testEnv: generateEnv([]olmpkgv1.ChannelEntry{}), + testCS: &olmv1Alpha.CatalogSource{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-catalog-source", + Namespace: "test-catalog-source-namespace", + }, + }, + expected: 0, + }, + } + + for _, testCase := range testCases { + assert.Equal(t, testCase.expected, GetCatalogSourceBundleCount(testCase.testEnv, testCase.testCS)) + } +} diff --git a/pkg/provider/provider.go b/pkg/provider/provider.go index 07a7636b8..c01d57975 100644 --- a/pkg/provider/provider.go +++ b/pkg/provider/provider.go @@ -104,6 +104,7 @@ type TestEnvironment struct { // rename this with testTarget HorizontalScaler []*scalingv1.HorizontalPodAutoscaler `json:"testHorizontalScaler"` Services []*corev1.Service `json:"testServices"` + AllServices []*corev1.Service `json:"testAllServices"` ServiceAccounts []*corev1.ServiceAccount `json:"testServiceAccounts"` AllServiceAccounts []*corev1.ServiceAccount `json:"AllServiceAccounts"` AllServiceAccountsMap map[string]*corev1.ServiceAccount @@ -261,6 +262,7 @@ func buildTestEnvironment() { //nolint:funlen,gocyclo aEvent := NewEvent(&data.AbnormalEvents[i]) env.AbnormalEvents = append(env.AbnormalEvents, &aEvent) } + // Service accounts env.ServiceAccounts = data.ServiceAccounts env.AllServiceAccounts = data.AllServiceAccounts @@ -334,6 +336,7 @@ func buildTestEnvironment() { //nolint:funlen,gocyclo env.RoleBindings = data.RoleBindings env.Roles = data.Roles env.Services = data.Services + env.AllServices = data.AllServices env.NetworkPolicies = data.NetworkPolicies for _, nsHelmChartReleases := range data.HelmChartReleases { for _, helmChartRelease := range nsHelmChartReleases { diff --git a/pkg/testhelper/testhelper.go b/pkg/testhelper/testhelper.go index 41b94c25d..ad933f1bc 100644 --- a/pkg/testhelper/testhelper.go +++ b/pkg/testhelper/testhelper.go @@ -189,6 +189,7 @@ const ( HelmType = "Helm" OperatorType = "Operator" ContainerType = "Container" + CatalogSourceType = "Catalog Source" ContainerImageType = "Container Image" NodeType = "Node" OCPClusterType = "OCP Cluster" @@ -309,6 +310,16 @@ func NewOperatorReportObject(aNamespace, aOperatorName, aReason string, isCompli return out } +// NewCatalogSourceReportObject creates a new ReportObject for a catalog source. +// It takes the namespace, catalog source name, reason, and compliance status as input parameters. +// It returns the created ReportObject. +func NewCatalogSourceReportObject(aNamespace, aCatalogSourceName, aReason string, isCompliant bool) (out *ReportObject) { + out = NewReportObject(aReason, CatalogSourceType, isCompliant) + out.AddField(Namespace, aNamespace) + out.AddField(Name, aCatalogSourceName) + return out +} + // NewDeploymentReportObject creates a new ReportObject for a deployment. // It takes the namespace, deployment name, reason, and compliance status as input parameters. // It returns a pointer to the created ReportObject. @@ -638,6 +649,15 @@ func GetNoHugepagesPodsSkipFn(env *provider.TestEnvironment) func() (bool, strin } } +func GetNoCatalogSourcesSkipFn(env *provider.TestEnvironment) func() (bool, string) { + return func() (bool, string) { + if len(env.AllCatalogSources) == 0 { + return true, "no catalog sources found" + } + return false, "" + } +} + func GetNoOperatorsSkipFn(env *provider.TestEnvironment) func() (bool, string) { return func() (bool, string) { if len(env.Operators) == 0 { diff --git a/pkg/testhelper/testhelper_test.go b/pkg/testhelper/testhelper_test.go index 8f9931641..d82b8daf0 100644 --- a/pkg/testhelper/testhelper_test.go +++ b/pkg/testhelper/testhelper_test.go @@ -19,6 +19,7 @@ package testhelper import ( "testing" + "github.com/operator-framework/api/pkg/operators/v1alpha1" "github.com/redhat-best-practices-for-k8s/certsuite/pkg/provider" "github.com/stretchr/testify/assert" appsv1 "k8s.io/api/apps/v1" @@ -381,6 +382,49 @@ func TestNewDeploymentReportObject(t *testing.T) { } } +func TestNewCatalogSourceReportObject(t *testing.T) { + testCases := []struct { + testNamespace string + testCatalogSource string + testReason string + testIsCompliant bool + expectedOutput *ReportObject + }{ + { + testNamespace: "testNamespace", + testCatalogSource: "testCatalogSource", + testReason: "testReason", + testIsCompliant: true, + expectedOutput: &ReportObject{ + ObjectType: CatalogSourceType, + ObjectFieldsKeys: []string{ + Name, + Namespace, + ReasonForCompliance, + }, + ObjectFieldsValues: []string{ + "testNamespace", + "testCatalogSource", + "testReason", + }, + }, + }, + } + + for _, testCase := range testCases { + reportObj := NewCatalogSourceReportObject(testCase.testNamespace, testCase.testCatalogSource, testCase.testReason, testCase.testIsCompliant) + + assert.Equal(t, testCase.expectedOutput.ObjectType, reportObj.ObjectType) + for _, reportKey := range reportObj.ObjectFieldsKeys { + assert.Contains(t, testCase.expectedOutput.ObjectFieldsKeys, reportKey) + } + + for _, reportValue := range reportObj.ObjectFieldsValues { + assert.Contains(t, testCase.expectedOutput.ObjectFieldsValues, reportValue) + } + } +} + func TestNewStatefulSetReportObject(t *testing.T) { testCases := []struct { testNamespace string @@ -1239,3 +1283,25 @@ func TestFailureReasonOutEqual(t *testing.T) { assert.Equal(t, testCase.expectedResult, testCase.testFailureReasonOut1.Equal(testCase.testFailureReasonOut2)) } } + +func TestGetNoCatalogSourcesSkipFn(t *testing.T) { + testCases := []struct { + testEnv *provider.TestEnvironment + expectedResult bool + }{ + {testEnv: &provider.TestEnvironment{AllCatalogSources: nil}, expectedResult: true}, + {testEnv: &provider.TestEnvironment{AllCatalogSources: []*v1alpha1.CatalogSource{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "test1", + }, + }, + }}, expectedResult: false}, + } + + for _, testCase := range testCases { + testFunc := GetNoCatalogSourcesSkipFn(testCase.testEnv) + result, _ := testFunc() + assert.Equal(t, testCase.expectedResult, result) + } +} diff --git a/tests/identifiers/doclinks.go b/tests/identifiers/doclinks.go index 819cd1b4b..7c542bd32 100644 --- a/tests/identifiers/doclinks.go +++ b/tests/identifiers/doclinks.go @@ -102,21 +102,22 @@ const ( TestRtAppNoExecProbesDocLink = NoDocLinkFarEdge // Operator Test Suite - DocOperatorRequirement = "https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-cnf-operator-requirements" - TestOperatorInstallStatusSucceededIdentifierDocLink = DocOperatorRequirement - TestOperatorNoPrivilegesDocLink = DocOperatorRequirement - TestOperatorIsCertifiedIdentifierDocLink = DocOperatorRequirement - TestOperatorIsInstalledViaOLMIdentifierDocLink = DocOperatorRequirement - TestOperatorHasSemanticVersioningIdentifierDocLink = DocOperatorRequirement - TestOperatorCrdSchemaIdentifierDocLink = DocOperatorRequirement - TestOperatorCrdVersioningIdentifierDocLink = DocOperatorRequirement - TestOperatorSingleCrdOwnerIdentifierDocLink = DocOperatorRequirement - TestOperatorRunAsNonRootDocLink = DocOperatorRequirement - TestOperatorAutomountTokensDocLink = DocOperatorRequirement - TestOperatorReadOnlyFilesystemDocLink = DocOperatorRequirement - TestOperatorPodsNoHugepagesDocLink = DocOperatorRequirement - TestOperatorOlmSkipRangeDocLink = DocOperatorRequirement - TestMultipleSameOperatorsIdentifierDocLink = DocOperatorRequirement + DocOperatorRequirement = "https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-cnf-operator-requirements" + TestOperatorInstallStatusSucceededIdentifierDocLink = DocOperatorRequirement + TestOperatorNoPrivilegesDocLink = DocOperatorRequirement + TestOperatorIsCertifiedIdentifierDocLink = DocOperatorRequirement + TestOperatorIsInstalledViaOLMIdentifierDocLink = DocOperatorRequirement + TestOperatorHasSemanticVersioningIdentifierDocLink = DocOperatorRequirement + TestOperatorCrdSchemaIdentifierDocLink = DocOperatorRequirement + TestOperatorCrdVersioningIdentifierDocLink = DocOperatorRequirement + TestOperatorSingleCrdOwnerIdentifierDocLink = DocOperatorRequirement + TestOperatorRunAsNonRootDocLink = DocOperatorRequirement + TestOperatorAutomountTokensDocLink = DocOperatorRequirement + TestOperatorReadOnlyFilesystemDocLink = DocOperatorRequirement + TestOperatorPodsNoHugepagesDocLink = DocOperatorRequirement + TestOperatorCatalogSourceBundleCountIdentifierDocLink = DocOperatorRequirement + TestOperatorOlmSkipRangeDocLink = DocOperatorRequirement + TestMultipleSameOperatorsIdentifierDocLink = DocOperatorRequirement // Observability Test Suite TestLoggingIdentifierDocLink = "https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-logging" diff --git a/tests/identifiers/identifiers.go b/tests/identifiers/identifiers.go index 095b43ccc..c19eb0e58 100644 --- a/tests/identifiers/identifiers.go +++ b/tests/identifiers/identifiers.go @@ -133,6 +133,7 @@ var ( TestOperatorSingleCrdOwnerIdentifier claim.Identifier TestOperatorPodsNoHugepages claim.Identifier TestMultipleSameOperatorsIdentifier claim.Identifier + TestOperatorCatalogSourceBundleCountIdentifier claim.Identifier TestPodNodeSelectorAndAffinityBestPractices claim.Identifier TestPodHighAvailabilityBestPractices claim.Identifier TestPodClusterRoleBindingsBestPracticesIdentifier claim.Identifier @@ -1067,6 +1068,22 @@ that Node's kernel may not have the same hacks.'`, }, TagCommon) + TestOperatorCatalogSourceBundleCountIdentifier = AddCatalogEntry( + "catalogsource-bundle-count", + common.OperatorTestKey, + `Tests operator catalog source bundle count is less than 1000`, + OperatorCatalogSourceBundleCountRemediation, + NoExceptions, + TestOperatorCatalogSourceBundleCountIdentifierDocLink, + false, + map[string]string{ + FarEdge: Mandatory, + Telco: Mandatory, + NonTelco: Mandatory, + Extended: Mandatory, + }, + TagCommon) + TestMultipleSameOperatorsIdentifier = AddCatalogEntry( "multiple-same-operators", common.OperatorTestKey, diff --git a/tests/identifiers/remediation.go b/tests/identifiers/remediation.go index 591937513..34294186d 100644 --- a/tests/identifiers/remediation.go +++ b/tests/identifiers/remediation.go @@ -99,6 +99,8 @@ const ( OperatorPodsNoHugepagesRemediation = `Ensure that the pods are not using hugepages` + OperatorCatalogSourceBundleCountRemediation = `Ensure that the Operator's catalog source has a valid bundle count less than 1000.` + MultipleSameOperatorsRemediation = `Ensure that only one Operator of the same type is installed in the cluster.` PodNodeSelectorAndAffinityBestPracticesRemediation = `In most cases, Pod's should not specify their host Nodes through nodeSelector or nodeAffinity. However, there are cases in which workloads require specialized hardware specific to a particular class of Node.` diff --git a/tests/operator/catalogsource/catalogsource.go b/tests/operator/catalogsource/catalogsource.go new file mode 100644 index 000000000..94526473d --- /dev/null +++ b/tests/operator/catalogsource/catalogsource.go @@ -0,0 +1,30 @@ +package catalogsource + +import ( + olmpkgv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "github.com/redhat-best-practices-for-k8s/certsuite/internal/log" +) + +func SkipPMBasedOnChannel(channels []olmpkgv1.PackageChannel, csvName string) bool { + // This logic is in place because it is possible for an operator to pull from a multiple package manifests. + skipPMBasedOnChannel := true + for c := range channels { + log.Debug("Comparing channel currentCSV %q with current CSV %q", channels[c].CurrentCSV, csvName) + log.Debug("Number of channel entries %d", len(channels[c].Entries)) + for _, entry := range channels[c].Entries { + log.Debug("Comparing entry name %q with current CSV %q", entry.Name, csvName) + + if entry.Name == csvName { + log.Debug("Skipping package manifest based on channel entry %q", entry.Name) + skipPMBasedOnChannel = false + break + } + } + + if !skipPMBasedOnChannel { + break + } + } + + return skipPMBasedOnChannel +} diff --git a/tests/operator/catalogsource/catalogsource_test.go b/tests/operator/catalogsource/catalogsource_test.go new file mode 100644 index 000000000..eb5ee1e4f --- /dev/null +++ b/tests/operator/catalogsource/catalogsource_test.go @@ -0,0 +1,49 @@ +package catalogsource + +import ( + "testing" + + olmpkgv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" + "github.com/stretchr/testify/assert" +) + +func TestSkipPMBasedOnChannel(t *testing.T) { + testCases := []struct { + testChannels []olmpkgv1.PackageChannel + testCSVName string + expected bool + }{ + { // Test Case #1 - Do not skip package manifest based on channel entry + testChannels: []olmpkgv1.PackageChannel{ + { + CurrentCSV: "test-csv.v1.0.0", + Entries: []olmpkgv1.ChannelEntry{ + { + Name: "test-csv.v1.0.0", + }, + }, + }, + }, + testCSVName: "test-csv.v1.0.0", + expected: false, + }, + { // Test Case #2 - Skip package manifest based on channel entry + testChannels: []olmpkgv1.PackageChannel{ + { + CurrentCSV: "test-csv.v1.0.0", + Entries: []olmpkgv1.ChannelEntry{ + { + Name: "test-csv.v1.0.0", + }, + }, + }, + }, + testCSVName: "test-csv.v1.0.1", + expected: true, + }, + } + + for _, tc := range testCases { + assert.Equal(t, tc.expected, SkipPMBasedOnChannel(tc.testChannels, tc.testCSVName)) + } +} diff --git a/tests/operator/helper_test.go b/tests/operator/helper_test.go index 3f2f9a681..00c9b2ecd 100644 --- a/tests/operator/helper_test.go +++ b/tests/operator/helper_test.go @@ -20,7 +20,9 @@ Package operator provides CNFCERT tests used to validate operator CNF facets. package operator -import "testing" +import ( + "testing" +) func TestSplitCsv(t *testing.T) { tests := []struct { diff --git a/tests/operator/suite.go b/tests/operator/suite.go index e4bf6e841..363e86ecb 100644 --- a/tests/operator/suite.go +++ b/tests/operator/suite.go @@ -17,15 +17,19 @@ package operator import ( + "strconv" "strings" + "github.com/Masterminds/semver" "github.com/redhat-best-practices-for-k8s/certsuite/tests/common" "github.com/redhat-best-practices-for-k8s/certsuite/tests/identifiers" + "github.com/redhat-best-practices-for-k8s/certsuite/tests/operator/catalogsource" "github.com/redhat-best-practices-for-k8s/certsuite/tests/operator/phasecheck" "github.com/redhat-best-practices-for-k8s/certsuite/internal/log" "github.com/redhat-best-practices-for-k8s/certsuite/pkg/checksdb" "github.com/redhat-best-practices-for-k8s/certsuite/pkg/provider" + "github.com/redhat-best-practices-for-k8s/certsuite/pkg/stringhelper" "github.com/redhat-best-practices-for-k8s/certsuite/pkg/testhelper" "github.com/redhat-best-practices-for-k8s/certsuite/pkg/versions" ) @@ -115,6 +119,13 @@ func LoadChecks() { testMultipleSameOperators(c, &env) return nil })) + + checksGroup.Add(checksdb.NewCheck(identifiers.GetTestIDAndLabels(identifiers.TestOperatorCatalogSourceBundleCountIdentifier)). + WithSkipCheckFn(testhelper.GetNoCatalogSourcesSkipFn(&env)). + WithCheckFn(func(c *checksdb.Check) error { + testOperatorCatalogSourceBundleCount(c, &env) + return nil + })) } // This function check if the Operator CRD version follows K8s versioning @@ -438,3 +449,101 @@ func testMultipleSameOperators(check *checksdb.Check, env *provider.TestEnvironm check.SetResult(compliantObjects, nonCompliantObjects) } + +//nolint:funlen +func testOperatorCatalogSourceBundleCount(check *checksdb.Check, env *provider.TestEnvironment) { + var compliantObjects []*testhelper.ReportObject + var nonCompliantObjects []*testhelper.ReportObject + + const ( + bundleCountLimit = 1000 + + // If the OCP version is <= 4.12, we need to use the probe container to get the bundle count. + // This means we cannot use the package manifests to skip based on channel. + ocpMajorVersion = 4 + ocpMinorVersion = 12 + ) + + ocp412Skip := false + // Check if the cluster is running an OCP version <= 4.12 + if env.OpenshiftVersion != "" { + log.Info("Cluster is determined to be running Openshift version %q.", env.OpenshiftVersion) + version, err := semver.NewVersion(env.OpenshiftVersion) + if err != nil { + log.Error("Failed to parse Openshift version %q.", env.OpenshiftVersion) + check.LogError("Failed to parse Openshift version %q.", env.OpenshiftVersion) + return + } + + if version.Major() < ocpMajorVersion || (version.Major() == ocpMajorVersion && version.Minor() <= ocpMinorVersion) { + log.Info("Cluster is running an OCP version <= 4.12.") + ocp412Skip = true + } else { + log.Info("Cluster is running an OCP version > 4.12.") + } + } + + bundleCountLimitStr := strconv.Itoa(bundleCountLimit) + + // Loop through all labeled operators and check if they have more than 1000 referenced images. + var catalogsAlreadyReported []string + for _, op := range env.Operators { + catalogSourceCheckComplete := false + check.LogInfo("Checking bundle count for operator %q", op.Csv.Name) + + // Search through packagemanifests to match the name of the CSV. + for _, pm := range env.AllPackageManifests { + // Skip package manifests based on channel entries. + // Note: This only works for OCP versions > 4.12 due to channel entries existence. + if !ocp412Skip && catalogsource.SkipPMBasedOnChannel(pm.Status.Channels, op.Csv.Name) { + log.Debug("Skipping package manifest %q based on channel", pm.Name) + continue + } + + // Search through all catalog sources to match the name and namespace of the package manifest. + for _, catalogSource := range env.AllCatalogSources { + if catalogSource.Name != pm.Status.CatalogSource || catalogSource.Namespace != pm.Status.CatalogSourceNamespace { + log.Debug("Skipping catalog source %q based on name or namespace", catalogSource.Name) + continue + } + + // If the catalog source has already been reported, skip it. + if stringhelper.StringInSlice(catalogsAlreadyReported, catalogSource.Name+"."+catalogSource.Namespace, false) { + log.Debug("Skipping catalog source %q based on already reported", catalogSource.Name) + continue + } + + log.Debug("Found matching catalog source %q for operator %q", catalogSource.Name, op.Csv.Name) + + // The name and namespace match. Lookup the bundle count. + bundleCount := provider.GetCatalogSourceBundleCount(env, catalogSource) + + if bundleCount == -1 { + check.LogError("Failed to get bundle count for CatalogSource %q", catalogSource.Name) + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewCatalogSourceReportObject(catalogSource.Namespace, catalogSource.Name, "Failed to get bundle count", false)) + } else { + if bundleCount > bundleCountLimit { + check.LogError("CatalogSource %q has more than "+bundleCountLimitStr+" ("+strconv.Itoa(bundleCount)+") referenced images", catalogSource.Name) + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewCatalogSourceReportObject(catalogSource.Namespace, catalogSource.Name, "CatalogSource has more than "+bundleCountLimitStr+" referenced images", false)) + } else { + check.LogInfo("CatalogSource %q has less than "+bundleCountLimitStr+" ("+strconv.Itoa(bundleCount)+") referenced images", catalogSource.Name) + compliantObjects = append(compliantObjects, testhelper.NewCatalogSourceReportObject(catalogSource.Namespace, catalogSource.Name, "CatalogSource has less than "+bundleCountLimitStr+" referenced images", true)) + } + } + + log.Debug("Adding catalog source %q to list of already reported", catalogSource.Name) + catalogsAlreadyReported = append(catalogsAlreadyReported, catalogSource.Name+"."+catalogSource.Namespace) + // Signal that the catalog source check is complete. + catalogSourceCheckComplete = true + break + } + + // If the catalog source check is complete, break out of the loop. + if catalogSourceCheckComplete { + break + } + } + } + + check.SetResult(compliantObjects, nonCompliantObjects) +} diff --git a/version.json b/version.json index effd6611e..6820ff877 100644 --- a/version.json +++ b/version.json @@ -1,5 +1,5 @@ { - "debugTag": "v0.0.10", + "debugTag": "v0.0.11", "claimFormat": "v0.5.0", "parserTag": "v0.5.0" } From 2a7ba8542258a96fc67db935fecf7268dcb6cdb0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 08:43:48 -0600 Subject: [PATCH 13/63] Update RHCOS to OCP version map (#2612) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index fe2602b2c..bb66cbe64 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -429,6 +429,7 @@ 4.16.23 / 416.94.202411111409-0 4.16.24 / 416.94.202411201433-0 4.16.25 / 416.94.202411261619-0 +4.16.26 / 416.94.202412040832-0 4.16.3 / 416.94.202407081958-0 4.16.4 / 416.94.202407171205-0 4.16.5 / 416.94.202407231922-0 @@ -454,6 +455,7 @@ 4.17.5 / 417.94.202411070820-0 4.17.6 / 417.94.202411201839-0 4.17.7 / 417.94.202411261220-0 +4.17.8 / 417.94.202412040832-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From 43f8bd3fd7e67b9e5c6ae9800acafeba1c87a02d Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Fri, 6 Dec 2024 14:52:26 -0600 Subject: [PATCH 14/63] Add 4.18 to the RHCOS script (#2613) --- script/rhcos_versions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/script/rhcos_versions.sh b/script/rhcos_versions.sh index fc22ecd01..c9b88c8cb 100755 --- a/script/rhcos_versions.sh +++ b/script/rhcos_versions.sh @@ -3,7 +3,7 @@ set -x set -e -CHANNELS=(4.17 4.16 4.15 4.14 4.13 4.12 4.11 4.10 4.9 4.8 4.7 4.6 4.5 4.4 4.3 4.2 4.1) +CHANNELS=(4.18 4.17 4.16 4.15 4.14 4.13 4.12 4.11 4.10 4.9 4.8 4.7 4.6 4.5 4.4 4.3 4.2 4.1) CHANNEL_TYPES=(stable candidate) rm -f ./tests/platform/operatingsystem/files/rhcos_version_map &>/dev/null From 2a271d3c5e6d93a2b11dc46d1c740e4fa7ca5c2d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 8 Dec 2024 01:07:47 +0200 Subject: [PATCH 15/63] Update RHCOS to OCP version map (#2615) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index bb66cbe64..ca13495a2 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -286,6 +286,7 @@ 4.13.51 / 413.92.202409180051-0 4.13.52 / 413.92.202410081857-0 4.13.53 / 413.92.202410300103-0 +4.13.54 / 413.92.202411212100-0 4.13.6 / 413.92.202307182034-0 4.13.7 / 413.92.202307260246-0 4.13.8 / 413.92.202307311416-0 @@ -391,6 +392,7 @@ 4.15.37 / 415.92.202410232038-0 4.15.38 / 415.92.202411050056-0 4.15.39 / 415.92.202411201723-0 +4.15.40 / 415.92.202412022228-0 4.15.5 / 415.92.202403191241-0 4.15.6 / 415.92.202403270524-0 4.15.7 / 415.92.202403270524-0 @@ -456,6 +458,12 @@ 4.17.6 / 417.94.202411201839-0 4.17.7 / 417.94.202411261220-0 4.17.8 / 417.94.202412040832-0 +4.18.0-ec.0 / 418.94.202408212252-0 +4.18.0-ec.1 / 418.94.202409131956-0 +4.18.0-ec.2 / 418.94.202410071559-0 +4.18.0-ec.3 / 418.94.202410260038-0 +4.18.0-ec.4 / 418.94.202411210552-0 +4.18.0-rc.0 / 418.94.202411291453-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From 3afe99e0c3323e17595d908c8bcf94782a45da21 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 08:35:30 -0600 Subject: [PATCH 16/63] Update RHCOS to OCP version map (#2616) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index ca13495a2..ab46b6cec 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -464,6 +464,7 @@ 4.18.0-ec.3 / 418.94.202410260038-0 4.18.0-ec.4 / 418.94.202411210552-0 4.18.0-rc.0 / 418.94.202411291453-0 +4.18.0-rc.1 / 418.94.202412050001-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From febef886e3eb1dd50a228ae6968b566040ce538c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 11:43:11 -0600 Subject: [PATCH 17/63] Bump github/codeql-action from 3.27.6 to 3.27.7 (#2620) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.6 to 3.27.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/aa578102511db1f4524ed59b8cc2bae4f6e88195...babb554ede22fd5605947329c4d04d8e7a0b8155) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 42ae25d5b..805047d34 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/init@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 with: languages: ${{ matrix.language }} tools: latest @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/autobuild@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -78,4 +78,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/analyze@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 32a7c97b7..bfa703210 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 with: sarif_file: results.sarif From 9ffdd8792afc764676fd47b13bf8c8018bb5c720 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 12:25:14 -0600 Subject: [PATCH 18/63] Bump github.com/mittwald/go-helm-client from 0.12.14 to 0.12.15 (#2618) Bumps [github.com/mittwald/go-helm-client](https://github.com/mittwald/go-helm-client) from 0.12.14 to 0.12.15. - [Release notes](https://github.com/mittwald/go-helm-client/releases) - [Commits](https://github.com/mittwald/go-helm-client/compare/v0.12.14...v0.12.15) --- updated-dependencies: - dependency-name: github.com/mittwald/go-helm-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ee18bc460..980971510 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( require k8s.io/client-go v0.31.3 require ( - github.com/mittwald/go-helm-client v0.12.14 + github.com/mittwald/go-helm-client v0.12.15 github.com/openshift/api v3.9.0+incompatible github.com/openshift/client-go v0.0.0-20241001162912-da6d55e4611f github.com/operator-framework/api v0.27.0 diff --git a/go.sum b/go.sum index 5ac851b17..385fea575 100644 --- a/go.sum +++ b/go.sum @@ -398,8 +398,8 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/mittwald/go-helm-client v0.12.14 h1:az3GJ4kRmFK609Ic3iHXveNtg92n9jWG0YpKKTIK4oo= -github.com/mittwald/go-helm-client v0.12.14/go.mod h1:2VogAupgnV7FiuoPqtpCYKS/RrMh9fFA3/pD/OmTaLc= +github.com/mittwald/go-helm-client v0.12.15 h1:Ks7ccT3XflaCJ0/453qJLeVKlXo+K+buFehkFG0UWOE= +github.com/mittwald/go-helm-client v0.12.15/go.mod h1:LRRoErsgdw0TUVE8fXcwb1npRKibHGUQexiPhqc/UXA= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= From aa732046705531f72b4f8faa946d4cf440c2f12d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 14:12:36 -0600 Subject: [PATCH 19/63] Bump ubi9/ubi-minimal from `d85040b` to `dee813b` (#2619) Bumps ubi9/ubi-minimal from `d85040b` to `dee813b`. --- updated-dependencies: - dependency-name: ubi9/ubi-minimal dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1c69b93c3..946f20ce7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -102,7 +102,7 @@ FROM quay.io/redhat-best-practices-for-k8s/oct:latest AS db # Copy the state into a new flattened image to reduce size. # TODO run as non-root -FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5@sha256:d85040b6e3ed3628a89683f51a38c709185efc3fb552db2ad1b9180f2a6c38be +FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5@sha256:dee813b83663d420eb108983a1c94c614ff5d3fcb5159a7bd0324f0edbe7fca1 ENV \ CERTSUITE_DIR=/usr/certsuite \ From b6bcda1c92bb1f0b44768d02de8de19b4feee98d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 11 Dec 2024 07:42:33 -0600 Subject: [PATCH 20/63] Update RHCOS to OCP version map (#2621) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index ab46b6cec..e2f90b626 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -393,6 +393,7 @@ 4.15.38 / 415.92.202411050056-0 4.15.39 / 415.92.202411201723-0 4.15.40 / 415.92.202412022228-0 +4.15.41 / 415.92.202412022228-0 4.15.5 / 415.92.202403191241-0 4.15.6 / 415.92.202403270524-0 4.15.7 / 415.92.202403270524-0 From b63eda878532fa0e4c377be8fe1b2de97a311983 Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Wed, 11 Dec 2024 11:50:28 -0600 Subject: [PATCH 21/63] Add 4.18 to beta versions slice (#2622) --- pkg/compatibility/compatibility.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/compatibility/compatibility.go b/pkg/compatibility/compatibility.go index 22cb26bb2..47fe698bf 100644 --- a/pkg/compatibility/compatibility.go +++ b/pkg/compatibility/compatibility.go @@ -50,7 +50,7 @@ type VersionInfo struct { } var ( - ocpBetaVersions = []string{"4.13", "4.14", "4.15", "4.16", "4.17"} + ocpBetaVersions = []string{"4.13", "4.14", "4.15", "4.16", "4.17", "4.18"} ocpLifeCycleDates = map[string]VersionInfo{ // TODO: Adjust all of these periodically to make sure they are up to date with the lifecycle // update documentation. From cdb716d06cca02670971218945273a61af98844d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Dec 2024 14:36:40 -0600 Subject: [PATCH 22/63] Bump actions/setup-go from 5.1.0 to 5.2.0 (#2628) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed...3041bf56c941b39c61721a86cd11f3bb1338122a) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/merge.yaml | 2 +- .github/workflows/pre-main.yaml | 8 ++++---- .github/workflows/preflight.yml | 2 +- .github/workflows/update-rhcos-mapping.yml | 2 +- .github/workflows/upload-release-assets.yaml | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 805047d34..38572f039 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -46,7 +46,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index ea5e173b2..cd61549b2 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -25,7 +25,7 @@ jobs: steps: - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 5c470ef02..4bc17f19a 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -42,7 +42,7 @@ jobs: steps: - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 @@ -117,7 +117,7 @@ jobs: steps: - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 @@ -187,7 +187,7 @@ jobs: echo '{ "auths": {} }' >> ${PFLT_DOCKERCONFIG} - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 @@ -286,7 +286,7 @@ jobs: # needed by depends-on-action - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 diff --git a/.github/workflows/preflight.yml b/.github/workflows/preflight.yml index 9306b85b2..eb38be3f0 100644 --- a/.github/workflows/preflight.yml +++ b/.github/workflows/preflight.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 diff --git a/.github/workflows/update-rhcos-mapping.yml b/.github/workflows/update-rhcos-mapping.yml index ccfc76327..7eb7502d1 100644 --- a/.github/workflows/update-rhcos-mapping.yml +++ b/.github/workflows/update-rhcos-mapping.yml @@ -28,7 +28,7 @@ jobs: run: make update-rhcos-versions - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 diff --git a/.github/workflows/upload-release-assets.yaml b/.github/workflows/upload-release-assets.yaml index 489d98cc0..495547b8a 100644 --- a/.github/workflows/upload-release-assets.yaml +++ b/.github/workflows/upload-release-assets.yaml @@ -14,7 +14,7 @@ jobs: steps: - name: Set up Go 1.23 - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.23.4 From 47bb7db2be9a3f6d9dce4a40272f720767512031 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Dec 2024 14:38:04 -0600 Subject: [PATCH 23/63] Bump k8s.io/client-go from 0.31.3 to 0.31.4 (#2626) Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.31.3 to 0.31.4. - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.31.3...v0.31.4) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 980971510..29c674cbf 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 ) -require k8s.io/client-go v0.31.3 +require k8s.io/client-go v0.31.4 require ( github.com/mittwald/go-helm-client v0.12.15 @@ -22,8 +22,8 @@ require ( github.com/operator-framework/operator-lifecycle-manager v0.30.0 github.com/pkg/errors v0.9.1 // indirect helm.sh/helm/v3 v3.16.3 - k8s.io/api v0.31.3 - k8s.io/apimachinery v0.31.3 + k8s.io/api v0.31.4 + k8s.io/apimachinery v0.31.4 k8s.io/klog/v2 v2.130.1 // indirect ) diff --git a/go.sum b/go.sum index 385fea575..a273f24b5 100644 --- a/go.sum +++ b/go.sum @@ -810,18 +810,18 @@ helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.31.3 h1:umzm5o8lFbdN/hIXbrK9oRpOproJO62CV1zqxXrLgk8= -k8s.io/api v0.31.3/go.mod h1:UJrkIp9pnMOI9K2nlL6vwpxRzzEX5sWgn8kGQe92kCE= +k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= +k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= k8s.io/apiextensions-apiserver v0.31.3 h1:+GFGj2qFiU7rGCsA5o+p/rul1OQIq6oYpQw4+u+nciE= k8s.io/apiextensions-apiserver v0.31.3/go.mod h1:2DSpFhUZZJmn/cr/RweH1cEVVbzFw9YBu4T+U3mf1e4= -k8s.io/apimachinery v0.31.3 h1:6l0WhcYgasZ/wk9ktLq5vLaoXJJr5ts6lkaQzgeYPq4= -k8s.io/apimachinery v0.31.3/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= +k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= k8s.io/apiserver v0.31.3 h1:+1oHTtCB+OheqFEz375D0IlzHZ5VeQKX1KGXnx+TTuY= k8s.io/apiserver v0.31.3/go.mod h1:PrxVbebxrxQPFhJk4powDISIROkNMKHibTg9lTRQ0Qg= k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI= k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8= -k8s.io/client-go v0.31.3 h1:CAlZuM+PH2cm+86LOBemaJI/lQ5linJ6UFxKX/SoG+4= -k8s.io/client-go v0.31.3/go.mod h1:2CgjPUTpv3fE5dNygAr2NcM8nhHzXvxB8KL5gYc3kJs= +k8s.io/client-go v0.31.4 h1:t4QEXt4jgHIkKKlx06+W3+1JOwAFU/2OPiOo7H92eRQ= +k8s.io/client-go v0.31.4/go.mod h1:kvuMro4sFYIa8sulL5Gi5GFqUPvfH2O/dXuKstbaaeg= k8s.io/component-base v0.31.3 h1:DMCXXVx546Rfvhj+3cOm2EUxhS+EyztH423j+8sOwhQ= k8s.io/component-base v0.31.3/go.mod h1:xME6BHfUOafRgT0rGVBGl7TuSg8Z9/deT7qq6w7qjIU= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= From 5a7ab61d6871b883ea4608b89d8c035fb2eeaec4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Dec 2024 14:56:06 -0600 Subject: [PATCH 24/63] Bump k8s.io/apiextensions-apiserver from 0.31.3 to 0.31.4 (#2625) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.31.3 to 0.31.4. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.31.3...v0.31.4) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 29c674cbf..e0ec1da6a 100644 --- a/go.mod +++ b/go.mod @@ -212,9 +212,9 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/apiserver v0.31.3 // indirect + k8s.io/apiserver v0.31.4 // indirect k8s.io/cli-runtime v0.31.3 // indirect - k8s.io/component-base v0.31.3 // indirect + k8s.io/component-base v0.31.4 // indirect k8s.io/kube-aggregator v0.31.1 // indirect k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094 // indirect k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 // indirect @@ -235,7 +235,7 @@ require ( require ( github.com/hashicorp/go-version v1.7.0 - k8s.io/apiextensions-apiserver v0.31.3 + k8s.io/apiextensions-apiserver v0.31.4 ) require ( diff --git a/go.sum b/go.sum index a273f24b5..06c27de97 100644 --- a/go.sum +++ b/go.sum @@ -812,18 +812,18 @@ honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= -k8s.io/apiextensions-apiserver v0.31.3 h1:+GFGj2qFiU7rGCsA5o+p/rul1OQIq6oYpQw4+u+nciE= -k8s.io/apiextensions-apiserver v0.31.3/go.mod h1:2DSpFhUZZJmn/cr/RweH1cEVVbzFw9YBu4T+U3mf1e4= +k8s.io/apiextensions-apiserver v0.31.4 h1:FxbqzSvy92Ca9DIs5jqot883G0Ln/PGXfm/07t39LS0= +k8s.io/apiextensions-apiserver v0.31.4/go.mod h1:hIW9YU8UsqZqIWGG99/gsdIU0Ar45Qd3A12QOe/rvpg= k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/apiserver v0.31.3 h1:+1oHTtCB+OheqFEz375D0IlzHZ5VeQKX1KGXnx+TTuY= -k8s.io/apiserver v0.31.3/go.mod h1:PrxVbebxrxQPFhJk4powDISIROkNMKHibTg9lTRQ0Qg= +k8s.io/apiserver v0.31.4 h1:JbtnTaXVYEAYIHJil6Wd74Wif9sd8jVcBw84kwEmp7o= +k8s.io/apiserver v0.31.4/go.mod h1:JJjoTjZ9PTMLdIFq7mmcJy2B9xLN3HeAUebW6xZyIP0= k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI= k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8= k8s.io/client-go v0.31.4 h1:t4QEXt4jgHIkKKlx06+W3+1JOwAFU/2OPiOo7H92eRQ= k8s.io/client-go v0.31.4/go.mod h1:kvuMro4sFYIa8sulL5Gi5GFqUPvfH2O/dXuKstbaaeg= -k8s.io/component-base v0.31.3 h1:DMCXXVx546Rfvhj+3cOm2EUxhS+EyztH423j+8sOwhQ= -k8s.io/component-base v0.31.3/go.mod h1:xME6BHfUOafRgT0rGVBGl7TuSg8Z9/deT7qq6w7qjIU= +k8s.io/component-base v0.31.4 h1:wCquJh4ul9O8nNBSB8N/o8+gbfu3BVQkVw9jAUY/Qtw= +k8s.io/component-base v0.31.4/go.mod h1:G4dgtf5BccwiDT9DdejK0qM6zTK0jwDGEKnCmb9+u/s= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-aggregator v0.31.1 h1:vrYBTTs3xMrpiEsmBjsLETZE9uuX67oQ8B3i1BFfMPw= From c36ec7771efcfc923a468f6338c338f29054fb03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Dec 2024 15:02:16 -0600 Subject: [PATCH 25/63] Bump k8s.io/kubectl from 0.31.3 to 0.31.4 (#2624) Bumps [k8s.io/kubectl](https://github.com/kubernetes/kubectl) from 0.31.3 to 0.31.4. - [Commits](https://github.com/kubernetes/kubectl/compare/v0.31.3...v0.31.4) --- updated-dependencies: - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index e0ec1da6a..a5ef40f77 100644 --- a/go.mod +++ b/go.mod @@ -213,7 +213,7 @@ require ( gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/apiserver v0.31.4 // indirect - k8s.io/cli-runtime v0.31.3 // indirect + k8s.io/cli-runtime v0.31.4 // indirect k8s.io/component-base v0.31.4 // indirect k8s.io/kube-aggregator v0.31.1 // indirect k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094 // indirect @@ -253,7 +253,7 @@ require ( github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 google.golang.org/api v0.210.0 - k8s.io/kubectl v0.31.3 + k8s.io/kubectl v0.31.4 ) replace github.com/redhat-openshift-ecosystem/openshift-preflight => github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 diff --git a/go.sum b/go.sum index 06c27de97..51e159c23 100644 --- a/go.sum +++ b/go.sum @@ -818,8 +818,8 @@ k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= k8s.io/apiserver v0.31.4 h1:JbtnTaXVYEAYIHJil6Wd74Wif9sd8jVcBw84kwEmp7o= k8s.io/apiserver v0.31.4/go.mod h1:JJjoTjZ9PTMLdIFq7mmcJy2B9xLN3HeAUebW6xZyIP0= -k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI= -k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8= +k8s.io/cli-runtime v0.31.4 h1:iczCWiyXaotW+hyF5cWP8RnEYBCzZfJUF6otJ2m9mw0= +k8s.io/cli-runtime v0.31.4/go.mod h1:0/pRzAH7qc0hWx40ut1R4jLqiy2w/KnbqdaAI2eFG8U= k8s.io/client-go v0.31.4 h1:t4QEXt4jgHIkKKlx06+W3+1JOwAFU/2OPiOo7H92eRQ= k8s.io/client-go v0.31.4/go.mod h1:kvuMro4sFYIa8sulL5Gi5GFqUPvfH2O/dXuKstbaaeg= k8s.io/component-base v0.31.4 h1:wCquJh4ul9O8nNBSB8N/o8+gbfu3BVQkVw9jAUY/Qtw= @@ -830,8 +830,8 @@ k8s.io/kube-aggregator v0.31.1 h1:vrYBTTs3xMrpiEsmBjsLETZE9uuX67oQ8B3i1BFfMPw= k8s.io/kube-aggregator v0.31.1/go.mod h1:+aW4NX50uneozN+BtoCxI4g7ND922p8Wy3tWKFDiWVk= k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094 h1:MErs8YA0abvOqJ8gIupA1Tz6PKXYUw34XsGlA7uSL1k= k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094/go.mod h1:7ioBJr1A6igWjsR2fxq2EZ0mlMwYLejazSIc2bzMp2U= -k8s.io/kubectl v0.31.3 h1:3r111pCjPsvnR98oLLxDMwAeM6OPGmPty6gSKaLTQes= -k8s.io/kubectl v0.31.3/go.mod h1:lhMECDCbJN8He12qcKqs2QfmVo9Pue30geovBVpH5fs= +k8s.io/kubectl v0.31.4 h1:c8Af8xd1VjyoKyWMW0xHv2+tYxEjne8s6OOziMmaD10= +k8s.io/kubectl v0.31.4/go.mod h1:0E0rpXg40Q57wRE6LB9su+4tmwx1IzZrmIEvhQPk0i4= k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 h1:MDF6h2H/h4tbzmtIKTuctcwZmY0tY9mD9fNT47QO6HI= k8s.io/utils v0.0.0-20240921022957-49e7df575cb6/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw= From d0c04eacc9f84f1d9bc782bb124dca3f6cc4ad97 Mon Sep 17 00:00:00 2001 From: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com> Date: Thu, 12 Dec 2024 17:22:33 +0100 Subject: [PATCH 26/63] Fix for access-control-security-context-non-root-user-id-check (#2617) This test case had the same issue that was fixed here: https://github.com/redhat-best-practices-for-k8s/certsuite/pull/2557 I followed the same approach: the field RunAsUser in container's SCC has precedence over pod's level one. Also, replaced the helper function stringhelper.BoolToString with stringhelper.PointerToString(), which works for any type now, as long as it has a stringer method implementation. --- pkg/provider/containers.go | 18 ++++++++++- pkg/provider/pods.go | 27 ++++++++++++++++ pkg/stringhelper/stringhelper.go | 32 +++++++++++++++++-- pkg/stringhelper/stringhelper_test.go | 46 +++++++++++++++++++++++++++ tests/accesscontrol/suite.go | 38 +++++++--------------- 5 files changed, 131 insertions(+), 30 deletions(-) diff --git a/pkg/provider/containers.go b/pkg/provider/containers.go index 8c2a2f71d..609923e47 100644 --- a/pkg/provider/containers.go +++ b/pkg/provider/containers.go @@ -197,10 +197,26 @@ func (c *Container) IsReadOnlyRootFilesystem(logger *log.Logger) bool { func (c *Container) IsContainerRunAsNonRoot(podRunAsNonRoot *bool) (isContainerRunAsNonRoot bool, reason string) { if c.SecurityContext != nil && c.SecurityContext.RunAsNonRoot != nil { - return *c.SecurityContext.RunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to %t at the container level, overriding a %v value defined at pod level.", *c.SecurityContext.RunAsNonRoot, stringhelper.BoolToString(podRunAsNonRoot)) + return *c.SecurityContext.RunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to %t at the container level, overriding a %v value defined at pod level.", + *c.SecurityContext.RunAsNonRoot, stringhelper.PointerToString(podRunAsNonRoot)) } + if podRunAsNonRoot != nil { return *podRunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to nil at container level and inheriting a %t value from the pod level RunAsNonRoot setting.", *podRunAsNonRoot) } + return false, "RunAsNonRoot set to nil at pod and container level" } + +func (c *Container) IsContainerRunAsNonRootUserID(podRunAsNonRootUserID *int64) (isContainerRunAsNonRootUserID bool, reason string) { + if c.SecurityContext != nil && c.SecurityContext.RunAsUser != nil { + return *c.SecurityContext.RunAsUser != 0, fmt.Sprintf("RunAsUser is set to %v at the container level, overriding a %s value defined at pod level.", + *c.SecurityContext.RunAsUser, stringhelper.PointerToString(podRunAsNonRootUserID)) + } + + if podRunAsNonRootUserID != nil { + return *podRunAsNonRootUserID != 0, fmt.Sprintf("RunAsUser is set to nil at container level and inheriting a %v value from the pod level RunAsUser setting.", *podRunAsNonRootUserID) + } + + return false, "RunAsUser set to nil at pod and container level" +} diff --git a/pkg/provider/pods.go b/pkg/provider/pods.go index 3bc4777e8..73c0c97d7 100644 --- a/pkg/provider/pods.go +++ b/pkg/provider/pods.go @@ -547,6 +547,33 @@ func (p *Pod) GetRunAsNonRootFalseContainers(knownContainersToSkip map[string]bo return nonCompliantContainers, nonComplianceReason } +// Returns the list of containers that have the RunAsUser SCC parameter set to 0 (root) +// The RunAsUser parameter is checked first at the pod level and acts as a default value +// for the container configuration, if it is not present. +// The RunAsUser parameter is checked next at the container level. +// See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +func (p *Pod) GetRunAsNonRootUserIDContainers(knownContainersToSkip map[string]bool) (nonCompliantContainers []*Container, nonComplianceReason []string) { + // Check pod-level security context this will be set by default for containers + // If not already configured at the container level + var podRunAsUserID *int64 + if p.Pod.Spec.SecurityContext != nil && p.Pod.Spec.SecurityContext.RunAsUser != nil { + podRunAsUserID = p.Pod.Spec.SecurityContext.RunAsUser + } + // Check each container for the RunAsUser parameter. + // If it is not present, the pod value applies + for _, cut := range p.Containers { + if knownContainersToSkip[cut.Name] { + continue + } + if isRunAsNonRootUserID, reason := cut.IsContainerRunAsNonRootUserID(podRunAsUserID); !isRunAsNonRootUserID { + // found a container with RunAsNonRoot set to false + nonCompliantContainers = append(nonCompliantContainers, cut) + nonComplianceReason = append(nonComplianceReason, reason) + } + } + return nonCompliantContainers, nonComplianceReason +} + // Get the list of top owners of pods func (p *Pod) GetTopOwner() (topOwners map[string]podhelper.TopOwner, err error) { return podhelper.GetPodTopOwner(p.Namespace, p.OwnerReferences) diff --git a/pkg/stringhelper/stringhelper.go b/pkg/stringhelper/stringhelper.go index 6d4d01cf5..9fb64f857 100644 --- a/pkg/stringhelper/stringhelper.go +++ b/pkg/stringhelper/stringhelper.go @@ -67,9 +67,35 @@ func RemoveEmptyStrings(s []string) []string { return r } -func BoolToString(b *bool) string { - if b == nil { +// PointerToString returns the default string representation of the value pointer by p, mainly +// used in log traces to print k8s resources' pointer fields. +// If p is a nil pointer, no matter the type, it will return the string "nil". +// +// # Example 1 +// +// var b* bool +// PointerToString(b) -> returns "nil" +// +// # Example 2 +// +// b := true +// bTrue := &b +// PointerToString(bTrue) -> returns "true" +// +// # Example 3 +// +// var num *int +// PointerToString(num) -> returns "nil" +// +// # Example 4 +// +// num := 1984 +// num1984 := &num +// PointerToString(num1984) -> returns "1984" +func PointerToString[T any](p *T) string { + if p == nil { return "nil" + } else { + return fmt.Sprint(*p) } - return fmt.Sprintf("%t", *b) } diff --git a/pkg/stringhelper/stringhelper_test.go b/pkg/stringhelper/stringhelper_test.go index 5cb8735c8..05bd18ef8 100644 --- a/pkg/stringhelper/stringhelper_test.go +++ b/pkg/stringhelper/stringhelper_test.go @@ -20,6 +20,7 @@ import ( "testing" "github.com/stretchr/testify/assert" + "k8s.io/utils/ptr" ) type otherString string @@ -189,3 +190,48 @@ func TestSubSlice(t *testing.T) { assert.Equal(t, tc.expectedOutput, SubSlice(tc.testSliceA, tc.testSliceB)) } } + +func TestPointerToString(t *testing.T) { + const wantNil = "nil" + + var want string + + // pointer to bool + var boolPointer *bool + want = wantNil + if got := PointerToString(boolPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } + + boolPointer = ptr.To(true) + want = "true" + if got := PointerToString(boolPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } + + // pointer to number + var numPointer *int64 + want = wantNil + if got := PointerToString(numPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } + + numPointer = ptr.To(int64(1984)) + want = "1984" + if got := PointerToString(numPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } + + // pointer to string + var stringPointer *string + want = "nil" + if got := PointerToString(stringPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } + + stringPointer = ptr.To("hello, world!") + want = "hello, world!" + if got := PointerToString(stringPointer); got != want { + t.Errorf("PointerToString() = %v, want %v", got, want) + } +} diff --git a/tests/accesscontrol/suite.go b/tests/accesscontrol/suite.go index 3dd3e4814..c60840f80 100644 --- a/tests/accesscontrol/suite.go +++ b/tests/accesscontrol/suite.go @@ -355,37 +355,23 @@ func testBpfCapability(check *checksdb.Check, env *provider.TestEnvironment) { func testSecConRootUserID(check *checksdb.Check, env *provider.TestEnvironment) { var compliantObjects []*testhelper.ReportObject var nonCompliantObjects []*testhelper.ReportObject + for _, put := range env.Pods { - check.LogInfo("Testing Pod %q", put) - if put.IsRunAsUserID(0) { - check.LogError("Root user detected (RunAsUser uid=0) in Pod %q", put) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Root User detected (RunAsUser uid=0)", false)) + check.LogInfo("Testing Pod %q in namespace %q", put.Name, put.Namespace) + nonCompliantContainers, nonComplianceReason := put.GetRunAsNonRootUserIDContainers(knownContainersToSkip) + if len(nonCompliantContainers) == 0 { + check.LogInfo("Pod %q is configured with RunAsUser SCC parameter different than 0 for all of its containers", put.Name) + compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsUser SCC parameter different than 0 for all of its containers", true)) } else { - check.LogInfo("Non-root user detected in Pod %q", put) - compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Root User not detected (RunAsUser uid=0)", true)) - } - - for _, cut := range put.Containers { - check.LogInfo("Testing Container %q", cut) - if knownContainersToSkip[cut.Name] { - check.LogInfo("Skipping container %q in Pod %q", cut.Name, put.Name) - compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, cut.Name, "Container is allowed to run as root", true)) - continue - } - - // Check the container level RunAsUser parameter - if cut.SecurityContext != nil && cut.SecurityContext.RunAsUser != nil { - if *(cut.SecurityContext.RunAsUser) == 0 { - check.LogError("Root user detected (RunAsUser uid=0) in Container %q (%q)", cut.Name, put) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, cut.Name, "Root User detected (RunAsUser uid=0)", false)) - } else { - check.LogInfo("Non-root user detected (RunAsUser uid=0) in Container %q (%q)", cut, put) - compliantObjects = append(compliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, cut.Name, "Root User not detected (RunAsUser uid=0)", true)) - } + check.LogError("Pod %q is configured with RunAsUser SCC parameter equal to 0 for some of its containers", put.Name) + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsNonRoot SCC parameter set to false for some of its containers", false)) + for index := range nonCompliantContainers { + check.LogError("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]) + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, + nonCompliantContainers[index].Name, fmt.Sprintf("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]), false)) } } } - check.SetResult(compliantObjects, nonCompliantObjects) } From 9768ef7e8a636ce7e118219b1732a922b2cd923d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 10:22:48 -0600 Subject: [PATCH 27/63] Bump depends-on/depends-on-action (#2630) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from 3f0a220b74074edace48e46f7bacc29e5ef555c2 to ce4047f663174688ea42a21fac1b1007d97b79bb. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/3f0a220b74074edace48e46f7bacc29e5ef555c2...ce4047f663174688ea42a21fac1b1007d97b79bb) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 4bc17f19a..ce5c1850f 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index a88d30ffc..023c53658 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@3f0a220b74074edace48e46f7bacc29e5ef555c2 # main + uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main with: token: ${{ secrets.GITHUB_TOKEN }} From edfd1d00d53810b349c7137c6c2c630965856d3e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 10:33:24 -0600 Subject: [PATCH 28/63] Bump google.golang.org/api from 0.210.0 to 0.211.0 (#2631) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.210.0 to 0.211.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.210.0...v0.211.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 17 +++++----- go.sum | 99 +++++++++++----------------------------------------------- 2 files changed, 26 insertions(+), 90 deletions(-) diff --git a/go.mod b/go.mod index a5ef40f77..015e14c24 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( ) require ( - cloud.google.com/go/auth v0.11.0 // indirect + cloud.google.com/go/auth v0.12.1 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect cloud.google.com/go/compute/metadata v0.5.2 // indirect dario.cat/mergo v1.0.1 // indirect @@ -181,7 +181,6 @@ require ( github.com/xlab/treeprint v1.2.0 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect go.etcd.io/etcd/client/v3 v3.5.15 // indirect - go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect go.opentelemetry.io/otel v1.29.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect @@ -194,18 +193,18 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect - golang.org/x/crypto v0.29.0 // indirect + golang.org/x/crypto v0.30.0 // indirect golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/net v0.32.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect - golang.org/x/sync v0.9.0 // indirect + golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.20.0 // indirect + golang.org/x/text v0.21.0 // indirect golang.org/x/time v0.8.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583 // indirect google.golang.org/grpc v1.67.1 // indirect google.golang.org/protobuf v1.35.2 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect @@ -252,7 +251,7 @@ require ( github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 - google.golang.org/api v0.210.0 + google.golang.org/api v0.211.0 k8s.io/kubectl v0.31.4 ) diff --git a/go.sum b/go.sum index 51e159c23..d22747bb0 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,5 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go/auth v0.11.0 h1:Ic5SZz2lsvbYcWT5dfjNWgw6tTlGi2Wc8hyQSC9BstA= -cloud.google.com/go/auth v0.11.0/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI= +cloud.google.com/go/auth v0.12.1 h1:n2Bj25BUMM0nvE9D2XLTiImanwZhO3DkfWSYS/SAJP4= +cloud.google.com/go/auth v0.12.1/go.mod h1:BFMu+TNpF3DmvfBO9ClqTR/SiqVIm7LukKF9mbendF4= cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU= cloud.google.com/go/auth/oauth2adapt v0.2.6/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8= cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= @@ -13,7 +12,6 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9 github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs= github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= @@ -64,7 +62,6 @@ github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuP github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= @@ -80,8 +77,6 @@ github.com/chzyer/test v1.0.0 h1:p3BQDXSxOhOG0P9z6/hGnII4LGiEPOYBhs8asl/fC04= github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8= github.com/clarketm/json v1.17.1 h1:U1IxjqJkJ7bRK4L6dyphmoO840P6bdhPdbbLySourqI= github.com/clarketm/json v1.17.1/go.mod h1:ynr2LRfb0fQU34l07csRNBTcivjySLLiY1YzQqKVfdo= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM= github.com/containerd/cgroups/v3 v3.0.3 h1:S5ByHZ/h9PMe5IOQoN7E+nMc2UcLEM/V48DGDJ9kip0= github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0= @@ -175,10 +170,6 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= @@ -236,21 +227,11 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-migrate/migrate/v4 v4.17.1 h1:4zQ6iqL6t6AiItphxJctQb3cFqWiSpMnX7wLTPnnYO4= github.com/golang-migrate/migrate/v4 v4.17.1/go.mod h1:m8hinFyWBn0SA4QKHuKh175Pm9wjmxj3S2Mia7dbXzM= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= @@ -259,12 +240,7 @@ github.com/google/cel-go v0.21.0 h1:cl6uW/gxN+Hy50tNYvI691+sXxioCnstFzLp2WO4GCI= github.com/google/cel-go v0.21.0/go.mod h1:rHUlWCcBKgyEk+eV03RPdZUekPp6YcJwV0FxuUksYxc= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -281,7 +257,6 @@ github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw= @@ -482,7 +457,6 @@ github.com/prometheus/client_golang v1.20.4 h1:Tgh3Yr67PaOv/uTqloMsCEdeuFTatm5zI github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= @@ -654,49 +628,37 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ= -golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY= +golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa h1:ELnwvuAXPNtPk1TJRuGkI9fDTwym6AYBu0qzT8AcHdI= golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190228165749-92fc7df08ae7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI= +golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ= -golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -726,15 +688,11 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug= -golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg= golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -749,35 +707,16 @@ golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSm golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.210.0 h1:HMNffZ57OoZCRYSbdWVRoqOa8V8NIHLL0CzdBPLztWk= -google.golang.org/api v0.210.0/go.mod h1:B9XDZGnx2NtyjzVkOVTGrFSAVZgPcbedzKg/gTLwqBs= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 h1:ToEetK57OidYuqD4Q5w+vfEnPvPpuTwedCNVohYJfNk= -google.golang.org/genproto v0.0.0-20241118233622-e639e219e697/go.mod h1:JJrvXBWRZaFMxBufik1a4RpFw4HhgVtBBWQeQgUj2cc= -google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f h1:M65LEviCfuZTfrfzwwEoxVtgvfkFkBUbFnRbxCXuXhU= -google.golang.org/genproto/googleapis/api v0.0.0-20241113202542-65e8d215514f/go.mod h1:Yo94eF2nj7igQt+TiJ49KxjIH8ndLYPZMIRSiRcEbg0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 h1:LWZqQOEjDyONlF1H6afSWpAL/znlREo2tHfLoe+8LMA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/api v0.211.0 h1:IUpLjq09jxBSV1lACO33CGY3jsRcbctfGzhj+ZSE/Bg= +google.golang.org/api v0.211.0/go.mod h1:XOloB4MXFH4UTlQSGuNUxw0UT74qdENK8d6JNsXKLi0= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= +google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 h1:pgr/4QbFyktUv9CtQ/Fq4gzEE6/Xs7iCXbktaGzLHbQ= +google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697/go.mod h1:+D9ySVjN8nY8YCVjc5O7PZDIdZporIDY3KaGfJunh88= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583 h1:IfdSdTcLFy4lqUQrQJLkLt1PB+AsqVz6lwkWPzWEz10= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= @@ -808,8 +747,6 @@ gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= k8s.io/apiextensions-apiserver v0.31.4 h1:FxbqzSvy92Ca9DIs5jqot883G0Ln/PGXfm/07t39LS0= From c32b4d20cba1d5f020924ff49f5044ce633b427f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 11:47:51 -0600 Subject: [PATCH 29/63] Bump k8s.io/apiextensions-apiserver from 0.31.4 to 0.32.0 (#2632) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.31.4 to 0.32.0. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.31.4...v0.32.0) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 29 +++++++++++------------- go.sum | 70 ++++++++++++++++++++++++++++++---------------------------- 2 files changed, 49 insertions(+), 50 deletions(-) diff --git a/go.mod b/go.mod index 015e14c24..37042ad52 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 ) -require k8s.io/client-go v0.31.4 +require k8s.io/client-go v0.32.0 require ( github.com/mittwald/go-helm-client v0.12.15 @@ -22,12 +22,13 @@ require ( github.com/operator-framework/operator-lifecycle-manager v0.30.0 github.com/pkg/errors v0.9.1 // indirect helm.sh/helm/v3 v3.16.3 - k8s.io/api v0.31.4 - k8s.io/apimachinery v0.31.4 + k8s.io/api v0.32.0 + k8s.io/apimachinery v0.32.0 k8s.io/klog/v2 v2.130.1 // indirect ) require ( + cel.dev/expr v0.18.0 // indirect cloud.google.com/go/auth v0.12.1 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect cloud.google.com/go/compute/metadata v0.5.2 // indirect @@ -91,10 +92,9 @@ require ( github.com/go-openapi/swag v0.23.0 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/btree v1.1.2 // indirect - github.com/google/cel-go v0.21.0 // indirect + github.com/google/cel-go v0.22.0 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/go-containerregistry v0.20.2 // indirect @@ -143,7 +143,7 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect - github.com/onsi/gomega v1.34.2 // indirect + github.com/onsi/gomega v1.35.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect github.com/openshift/library-go v0.0.0-20231020125025-211b32f1a1f2 // indirect @@ -179,8 +179,6 @@ require ( github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xlab/treeprint v1.2.0 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.15 // indirect - go.etcd.io/etcd/client/v3 v3.5.15 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect go.opentelemetry.io/otel v1.29.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect @@ -191,7 +189,6 @@ require ( go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.0 // indirect go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect golang.org/x/crypto v0.30.0 // indirect golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect @@ -211,30 +208,29 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - k8s.io/apiserver v0.31.4 // indirect + k8s.io/apiserver v0.32.0 // indirect k8s.io/cli-runtime v0.31.4 // indirect - k8s.io/component-base v0.31.4 // indirect + k8s.io/component-base v0.32.0 // indirect k8s.io/kube-aggregator v0.31.1 // indirect - k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094 // indirect - k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 // indirect + k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect modernc.org/libc v1.37.6 // indirect modernc.org/mathutil v1.6.0 // indirect modernc.org/memory v1.7.2 // indirect modernc.org/sqlite v1.28.0 // indirect oras.land/oras-go v1.2.5 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 // indirect sigs.k8s.io/controller-runtime v0.19.0 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 // indirect sigs.k8s.io/kustomize/api v0.17.2 // indirect sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) require ( github.com/hashicorp/go-version v1.7.0 - k8s.io/apiextensions-apiserver v0.31.4 + k8s.io/apiextensions-apiserver v0.32.0 ) require ( @@ -253,6 +249,7 @@ require ( golang.org/x/term v0.27.0 google.golang.org/api v0.211.0 k8s.io/kubectl v0.31.4 + k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) replace github.com/redhat-openshift-ecosystem/openshift-preflight => github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 diff --git a/go.sum b/go.sum index d22747bb0..f5681e4b5 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +cel.dev/expr v0.18.0 h1:CJ6drgk+Hf96lkLikr4rFf19WrU0BOWEihyZnI2TAzo= +cel.dev/expr v0.18.0/go.mod h1:MrpN08Q+lEBs+bGYdLxxHkZoUSsCp0nSKTs0nTymJgw= cloud.google.com/go/auth v0.12.1 h1:n2Bj25BUMM0nvE9D2XLTiImanwZhO3DkfWSYS/SAJP4= cloud.google.com/go/auth v0.12.1/go.mod h1:BFMu+TNpF3DmvfBO9ClqTR/SiqVIm7LukKF9mbendF4= cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU= @@ -236,8 +238,8 @@ github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/cel-go v0.21.0 h1:cl6uW/gxN+Hy50tNYvI691+sXxioCnstFzLp2WO4GCI= -github.com/google/cel-go v0.21.0/go.mod h1:rHUlWCcBKgyEk+eV03RPdZUekPp6YcJwV0FxuUksYxc= +github.com/google/cel-go v0.22.0 h1:b3FJZxpiv1vTMo2/5RDUqAHPxkT8mmMfJIrq1llbf7g= +github.com/google/cel-go v0.22.0/go.mod h1:BuznPXXfQDpXKWQ9sPW3TzlAJN5zzFe+i9tIs0yC4s8= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -249,8 +251,8 @@ github.com/google/go-containerregistry v0.20.2/go.mod h1:z38EKdKh4h7IP2gSfUUqEva github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= -github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM= github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA= @@ -407,10 +409,10 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= -github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= -github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= -github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= @@ -571,12 +573,12 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0= go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= -go.etcd.io/etcd/api/v3 v3.5.15 h1:3KpLJir1ZEBrYuV2v+Twaa/e2MdDCEZ/70H+lzEiwsk= -go.etcd.io/etcd/api/v3 v3.5.15/go.mod h1:N9EhGzXq58WuMllgH9ZvnEr7SI9pS0k0+DHZezGp7jM= -go.etcd.io/etcd/client/pkg/v3 v3.5.15 h1:fo0HpWz/KlHGMCC+YejpiCmyWDEuIpnTDzpJLB5fWlA= -go.etcd.io/etcd/client/pkg/v3 v3.5.15/go.mod h1:mXDI4NAOwEiszrHCb0aqfAYNCrZP4e9hRca3d1YK8EU= -go.etcd.io/etcd/client/v3 v3.5.15 h1:23M0eY4Fd/inNv1ZfU3AxrbbOdW79r9V9Rl62Nm6ip4= -go.etcd.io/etcd/client/v3 v3.5.15/go.mod h1:CLSJxrYjvLtHsrPKsy7LmZEE+DK2ktfd2bN4RhBMwlU= +go.etcd.io/etcd/api/v3 v3.5.16 h1:WvmyJVbjWqK4R1E+B12RRHz3bRGy9XVfh++MgbN+6n0= +go.etcd.io/etcd/api/v3 v3.5.16/go.mod h1:1P4SlIP/VwkDmGo3OlOD7faPeP8KDIFhqvciH5EfN28= +go.etcd.io/etcd/client/pkg/v3 v3.5.16 h1:ZgY48uH6UvB+/7R9Yf4x574uCO3jIx0TRDyetSfId3Q= +go.etcd.io/etcd/client/pkg/v3 v3.5.16/go.mod h1:V8acl8pcEK0Y2g19YlOV9m9ssUe6MgiDSobSoaBAM0E= +go.etcd.io/etcd/client/v3 v3.5.16 h1:sSmVYOAHeC9doqi0gv7v86oY/BTld0SEFGaxsU9eRhE= +go.etcd.io/etcd/client/v3 v3.5.16/go.mod h1:X+rExSGkyqxvu276cr2OwPLBaeqFu1cIl4vmRjAD/50= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/exporters/autoexport v0.46.1 h1:ysCfPZB9AjUlMa1UHYup3c9dAOCMQX/6sxSfPBUoxHw= @@ -747,30 +749,30 @@ gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= -k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= -k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= -k8s.io/apiextensions-apiserver v0.31.4 h1:FxbqzSvy92Ca9DIs5jqot883G0Ln/PGXfm/07t39LS0= -k8s.io/apiextensions-apiserver v0.31.4/go.mod h1:hIW9YU8UsqZqIWGG99/gsdIU0Ar45Qd3A12QOe/rvpg= -k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= -k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/apiserver v0.31.4 h1:JbtnTaXVYEAYIHJil6Wd74Wif9sd8jVcBw84kwEmp7o= -k8s.io/apiserver v0.31.4/go.mod h1:JJjoTjZ9PTMLdIFq7mmcJy2B9xLN3HeAUebW6xZyIP0= +k8s.io/api v0.32.0 h1:OL9JpbvAU5ny9ga2fb24X8H6xQlVp+aJMFlgtQjR9CE= +k8s.io/api v0.32.0/go.mod h1:4LEwHZEf6Q/cG96F3dqR965sYOfmPM7rq81BLgsE0p0= +k8s.io/apiextensions-apiserver v0.32.0 h1:S0Xlqt51qzzqjKPxfgX1xh4HBZE+p8KKBq+k2SWNOE0= +k8s.io/apiextensions-apiserver v0.32.0/go.mod h1:86hblMvN5yxMvZrZFX2OhIHAuFIMJIZ19bTvzkP+Fmw= +k8s.io/apimachinery v0.32.0 h1:cFSE7N3rmEEtv4ei5X6DaJPHHX0C+upp+v5lVPiEwpg= +k8s.io/apimachinery v0.32.0/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/apiserver v0.32.0 h1:VJ89ZvQZ8p1sLeiWdRJpRD6oLozNZD2+qVSLi+ft5Qs= +k8s.io/apiserver v0.32.0/go.mod h1:HFh+dM1/BE/Hm4bS4nTXHVfN6Z6tFIZPi649n83b4Ag= k8s.io/cli-runtime v0.31.4 h1:iczCWiyXaotW+hyF5cWP8RnEYBCzZfJUF6otJ2m9mw0= k8s.io/cli-runtime v0.31.4/go.mod h1:0/pRzAH7qc0hWx40ut1R4jLqiy2w/KnbqdaAI2eFG8U= -k8s.io/client-go v0.31.4 h1:t4QEXt4jgHIkKKlx06+W3+1JOwAFU/2OPiOo7H92eRQ= -k8s.io/client-go v0.31.4/go.mod h1:kvuMro4sFYIa8sulL5Gi5GFqUPvfH2O/dXuKstbaaeg= -k8s.io/component-base v0.31.4 h1:wCquJh4ul9O8nNBSB8N/o8+gbfu3BVQkVw9jAUY/Qtw= -k8s.io/component-base v0.31.4/go.mod h1:G4dgtf5BccwiDT9DdejK0qM6zTK0jwDGEKnCmb9+u/s= +k8s.io/client-go v0.32.0 h1:DimtMcnN/JIKZcrSrstiwvvZvLjG0aSxy8PxN8IChp8= +k8s.io/client-go v0.32.0/go.mod h1:boDWvdM1Drk4NJj/VddSLnx59X3OPgwrOo0vGbtq9+8= +k8s.io/component-base v0.32.0 h1:d6cWHZkCiiep41ObYQS6IcgzOUQUNpywm39KVYaUqzU= +k8s.io/component-base v0.32.0/go.mod h1:JLG2W5TUxUu5uDyKiH2R/7NnxJo1HlPoRIIbVLkK5eM= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-aggregator v0.31.1 h1:vrYBTTs3xMrpiEsmBjsLETZE9uuX67oQ8B3i1BFfMPw= k8s.io/kube-aggregator v0.31.1/go.mod h1:+aW4NX50uneozN+BtoCxI4g7ND922p8Wy3tWKFDiWVk= -k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094 h1:MErs8YA0abvOqJ8gIupA1Tz6PKXYUw34XsGlA7uSL1k= -k8s.io/kube-openapi v0.0.0-20241009091222-67ed5848f094/go.mod h1:7ioBJr1A6igWjsR2fxq2EZ0mlMwYLejazSIc2bzMp2U= +k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= +k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= k8s.io/kubectl v0.31.4 h1:c8Af8xd1VjyoKyWMW0xHv2+tYxEjne8s6OOziMmaD10= k8s.io/kubectl v0.31.4/go.mod h1:0E0rpXg40Q57wRE6LB9su+4tmwx1IzZrmIEvhQPk0i4= -k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 h1:MDF6h2H/h4tbzmtIKTuctcwZmY0tY9mD9fNT47QO6HI= -k8s.io/utils v0.0.0-20240921022957-49e7df575cb6/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw= modernc.org/libc v1.37.6/go.mod h1:YAXkAZ8ktnkCKaN9sw/UDeUVkGYJ/YquGO4FTi5nmHE= modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4= @@ -781,8 +783,8 @@ modernc.org/sqlite v1.28.0 h1:Zx+LyDDmXczNnEQdvPuEfcFVA2ZPyaD7UCZDjef3BHQ= modernc.org/sqlite v1.28.0/go.mod h1:Qxpazz0zH8Z1xCFyi5GSL3FzbtZ3fvbjmywNogldEW0= oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 h1:2770sDpzrjjsAtVhSeUFseziht227YAWYHLGNM8QPwY= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 h1:CPT0ExVicCzcpeN4baWEV2ko2Z/AsiZgEdwgcfwLgMo= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.19.0 h1:nWVM7aq+Il2ABxwiCizrVDSlmDcshi9llbaFbC0ji/Q= sigs.k8s.io/controller-runtime v0.19.0/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= @@ -793,7 +795,7 @@ sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0= sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ= sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA= +sigs.k8s.io/structured-merge-diff/v4 v4.4.2/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= From 89cc39564d0aceecc849823ad2652056559e1c36 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 12:06:55 -0600 Subject: [PATCH 30/63] Bump github.com/redhat-best-practices-for-k8s/oct from 0.0.28 to 0.0.29 (#2637) Bumps [github.com/redhat-best-practices-for-k8s/oct](https://github.com/redhat-best-practices-for-k8s/oct) from 0.0.28 to 0.0.29. - [Release notes](https://github.com/redhat-best-practices-for-k8s/oct/releases) - [Commits](https://github.com/redhat-best-practices-for-k8s/oct/compare/v0.0.28...v0.0.29) --- updated-dependencies: - dependency-name: github.com/redhat-best-practices-for-k8s/oct dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 37042ad52..a0900d2c6 100644 --- a/go.mod +++ b/go.mod @@ -242,7 +242,7 @@ require ( github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.7.5 github.com/k8snetworkplumbingwg/sriov-network-operator v1.4.0 github.com/manifoldco/promptui v0.9.0 - github.com/redhat-best-practices-for-k8s/oct v0.0.28 + github.com/redhat-best-practices-for-k8s/oct v0.0.29 github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 diff --git a/go.sum b/go.sum index f5681e4b5..5994a0364 100644 --- a/go.sum +++ b/go.sum @@ -472,8 +472,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51 h1:ZcEEA0+7YHcRzrEf/LnhxHVerPHaW0f33J6PTZer2fA= github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51/go.mod h1:qIlDWD1vOMo/aZx5i+I0FrKUAp3iXV7waFBVET0q6Yo= -github.com/redhat-best-practices-for-k8s/oct v0.0.28 h1:jsVQ8zNY4HP0a+N5LpW445Y3phklZ4PGtlU1pZQ0Wic= -github.com/redhat-best-practices-for-k8s/oct v0.0.28/go.mod h1:TnyopIPwdsaI7gikOi7WmT9/lgzd1Lp6DZaN6nMJhBA= +github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NVJo7gD0AFEp9y19cJ8WU= +github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41 h1:YhbuZB3pnWvtJwxyC4sFGBBbpISHmk9xp5BUgQkaWcs= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41/go.mod h1:cDM3SyYFuMPlzJhQ4FRWLL0bQ/MnEFKPyY7AX+Y+k8U= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 h1:qPsNS6SIDigSwcUMUrEdDovIAdbVCNOGvhir8p6wVNc= From 9a7540eb2471740ab2958bb029f5715782a7a8c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 12:16:39 -0600 Subject: [PATCH 31/63] Bump golang.org/x/crypto from 0.29.0 to 0.31.0 (#2636) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.29.0 to 0.31.0. - [Commits](https://github.com/golang/crypto/compare/v0.29.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index a0900d2c6..5f24c7be2 100644 --- a/go.mod +++ b/go.mod @@ -190,7 +190,7 @@ require ( go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect go.uber.org/multierr v1.11.0 // indirect go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect - golang.org/x/crypto v0.30.0 // indirect + golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect golang.org/x/net v0.32.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect diff --git a/go.sum b/go.sum index 5994a0364..5b12b91ed 100644 --- a/go.sum +++ b/go.sum @@ -630,8 +630,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY= -golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa h1:ELnwvuAXPNtPk1TJRuGkI9fDTwym6AYBu0qzT8AcHdI= golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= From abaa15f2dfede66fa1aeee4fe1ec4fca747d31bc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 12:18:04 -0600 Subject: [PATCH 32/63] Bump github.com/redhat-best-practices-for-k8s/privileged-daemonset (#2638) Bumps [github.com/redhat-best-practices-for-k8s/privileged-daemonset](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset) from 1.0.41 to 1.0.43. - [Release notes](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset/releases) - [Commits](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset/compare/v1.0.41...v1.0.43) --- updated-dependencies: - dependency-name: github.com/redhat-best-practices-for-k8s/privileged-daemonset dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5f24c7be2..332a53768 100644 --- a/go.mod +++ b/go.mod @@ -243,7 +243,7 @@ require ( github.com/k8snetworkplumbingwg/sriov-network-operator v1.4.0 github.com/manifoldco/promptui v0.9.0 github.com/redhat-best-practices-for-k8s/oct v0.0.29 - github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41 + github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 diff --git a/go.sum b/go.sum index 5b12b91ed..af6acbee3 100644 --- a/go.sum +++ b/go.sum @@ -474,8 +474,8 @@ github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51 h1:ZcEEA0+7YHcR github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51/go.mod h1:qIlDWD1vOMo/aZx5i+I0FrKUAp3iXV7waFBVET0q6Yo= github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NVJo7gD0AFEp9y19cJ8WU= github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= -github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41 h1:YhbuZB3pnWvtJwxyC4sFGBBbpISHmk9xp5BUgQkaWcs= -github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.41/go.mod h1:cDM3SyYFuMPlzJhQ4FRWLL0bQ/MnEFKPyY7AX+Y+k8U= +github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 h1:/M2L223DOvv/I4bb5ZFgqchN3vwRMnsa6fjaTd4XhUI= +github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43/go.mod h1:XVI9IK9DKYKz21XYxBcRYJMeN8Meily8meHOz1Yxcyw= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 h1:qPsNS6SIDigSwcUMUrEdDovIAdbVCNOGvhir8p6wVNc= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024/go.mod h1:WgrOUZnQYsTQetJwbMHkcNecYaOcWMmTVDmDOTTIMcQ= github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5 h1:EaDatTxkdHG+U3Bk4EUr+DZ7fOGwTfezUiUJMaIcaho= From b2c5bdbd08f3ad2734a632167e67dcf4d0146d95 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 12:18:21 -0600 Subject: [PATCH 33/63] Bump k8s.io/kubectl from 0.31.4 to 0.32.0 (#2639) Bumps [k8s.io/kubectl](https://github.com/kubernetes/kubectl) from 0.31.4 to 0.32.0. - [Commits](https://github.com/kubernetes/kubectl/compare/v0.31.4...v0.32.0) --- updated-dependencies: - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 9 ++++----- go.sum | 18 ++++++++---------- 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/go.mod b/go.mod index 332a53768..9a08c9623 100644 --- a/go.mod +++ b/go.mod @@ -187,7 +187,6 @@ require ( go.opentelemetry.io/otel/sdk v1.29.0 // indirect go.opentelemetry.io/otel/trace v1.29.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect - go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect go.uber.org/multierr v1.11.0 // indirect go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect golang.org/x/crypto v0.31.0 // indirect @@ -209,7 +208,7 @@ require ( gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/apiserver v0.32.0 // indirect - k8s.io/cli-runtime v0.31.4 // indirect + k8s.io/cli-runtime v0.32.0 // indirect k8s.io/component-base v0.32.0 // indirect k8s.io/kube-aggregator v0.31.1 // indirect k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect @@ -222,8 +221,8 @@ require ( sigs.k8s.io/controller-runtime v0.19.0 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 // indirect - sigs.k8s.io/kustomize/api v0.17.2 // indirect - sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect + sigs.k8s.io/kustomize/api v0.18.0 // indirect + sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) @@ -248,7 +247,7 @@ require ( github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 google.golang.org/api v0.211.0 - k8s.io/kubectl v0.31.4 + k8s.io/kubectl v0.32.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) diff --git a/go.sum b/go.sum index af6acbee3..7ca631fdb 100644 --- a/go.sum +++ b/go.sum @@ -615,8 +615,6 @@ go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt3 go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= -go.starlark.net v0.0.0-20231121155337-90ade8b19d09 h1:hzy3LFnSN8kuQK8h9tHl4ndF6UruMj47OqwqsS+/Ai4= -go.starlark.net v0.0.0-20231121155337-90ade8b19d09/go.mod h1:LcLNIzVOMp4oV+uusnpk+VU+SzXaJakUuBjoCSWH5dM= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -757,8 +755,8 @@ k8s.io/apimachinery v0.32.0 h1:cFSE7N3rmEEtv4ei5X6DaJPHHX0C+upp+v5lVPiEwpg= k8s.io/apimachinery v0.32.0/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= k8s.io/apiserver v0.32.0 h1:VJ89ZvQZ8p1sLeiWdRJpRD6oLozNZD2+qVSLi+ft5Qs= k8s.io/apiserver v0.32.0/go.mod h1:HFh+dM1/BE/Hm4bS4nTXHVfN6Z6tFIZPi649n83b4Ag= -k8s.io/cli-runtime v0.31.4 h1:iczCWiyXaotW+hyF5cWP8RnEYBCzZfJUF6otJ2m9mw0= -k8s.io/cli-runtime v0.31.4/go.mod h1:0/pRzAH7qc0hWx40ut1R4jLqiy2w/KnbqdaAI2eFG8U= +k8s.io/cli-runtime v0.32.0 h1:dP+OZqs7zHPpGQMCGAhectbHU2SNCuZtIimRKTv2T1c= +k8s.io/cli-runtime v0.32.0/go.mod h1:Mai8ht2+esoDRK5hr861KRy6z0zHsSTYttNVJXgP3YQ= k8s.io/client-go v0.32.0 h1:DimtMcnN/JIKZcrSrstiwvvZvLjG0aSxy8PxN8IChp8= k8s.io/client-go v0.32.0/go.mod h1:boDWvdM1Drk4NJj/VddSLnx59X3OPgwrOo0vGbtq9+8= k8s.io/component-base v0.32.0 h1:d6cWHZkCiiep41ObYQS6IcgzOUQUNpywm39KVYaUqzU= @@ -769,8 +767,8 @@ k8s.io/kube-aggregator v0.31.1 h1:vrYBTTs3xMrpiEsmBjsLETZE9uuX67oQ8B3i1BFfMPw= k8s.io/kube-aggregator v0.31.1/go.mod h1:+aW4NX50uneozN+BtoCxI4g7ND922p8Wy3tWKFDiWVk= k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= -k8s.io/kubectl v0.31.4 h1:c8Af8xd1VjyoKyWMW0xHv2+tYxEjne8s6OOziMmaD10= -k8s.io/kubectl v0.31.4/go.mod h1:0E0rpXg40Q57wRE6LB9su+4tmwx1IzZrmIEvhQPk0i4= +k8s.io/kubectl v0.32.0 h1:rpxl+ng9qeG79YA4Em9tLSfX0G8W0vfaiPVrc/WR7Xw= +k8s.io/kubectl v0.32.0/go.mod h1:qIjSX+QgPQUgdy8ps6eKsYNF+YmFOAO3WygfucIqFiE= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw= @@ -791,10 +789,10 @@ sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7np sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 h1:PFWFSkpArPNJxFX4ZKWAk9NSeRoZaXschn+ULa4xVek= sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96/go.mod h1:EOBQyBowOUsd7U4CJnMHNE0ri+zCXyouGdLwC/jZU+I= -sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g= -sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0= -sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ= -sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= +sigs.k8s.io/kustomize/api v0.18.0 h1:hTzp67k+3NEVInwz5BHyzc9rGxIauoXferXyjv5lWPo= +sigs.k8s.io/kustomize/api v0.18.0/go.mod h1:f8isXnX+8b+SGLHQ6yO4JG1rdkZlvhaCf/uZbLVMb0U= +sigs.k8s.io/kustomize/kyaml v0.18.1 h1:WvBo56Wzw3fjS+7vBjN6TeivvpbW9GmRaWZ9CIVmt4E= +sigs.k8s.io/kustomize/kyaml v0.18.1/go.mod h1:C3L2BFVU1jgcddNBE1TxuVLgS46TjObMwW5FT9FcjYo= sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA= sigs.k8s.io/structured-merge-diff/v4 v4.4.2/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= From 82b501db6a03230c83d6ed08ec2b3d5d38763381 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 13 Dec 2024 08:24:15 -0600 Subject: [PATCH 34/63] Update RHCOS to OCP version map (#2640) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index e2f90b626..e71d58e33 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -433,6 +433,7 @@ 4.16.24 / 416.94.202411201433-0 4.16.25 / 416.94.202411261619-0 4.16.26 / 416.94.202412040832-0 +4.16.27 / 416.94.202412100237-0 4.16.3 / 416.94.202407081958-0 4.16.4 / 416.94.202407171205-0 4.16.5 / 416.94.202407231922-0 From bd09f300470baad4761fbf7fa0601ec1f08e6700 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 13 Dec 2024 13:05:06 -0600 Subject: [PATCH 35/63] Bump github/codeql-action from 3.27.7 to 3.27.9 (#2641) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.7 to 3.27.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/babb554ede22fd5605947329c4d04d8e7a0b8155...df409f7d9260372bd5f19e5b04e83cb3c43714ae) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 38572f039..ae4a2f21b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: languages: ${{ matrix.language }} tools: latest @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/autobuild@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -78,4 +78,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index bfa703210..d5ee04629 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: sarif_file: results.sarif From ec003ff7c6b56d5d1b5a9e1fa6bdbdc9afc81b19 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 13 Dec 2024 13:05:22 -0600 Subject: [PATCH 36/63] Bump depends-on/depends-on-action (#2642) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from ce4047f663174688ea42a21fac1b1007d97b79bb to 279809107792022edfa46aa42ed33531f91b9727. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/ce4047f663174688ea42a21fac1b1007d97b79bb...279809107792022edfa46aa42ed33531f91b9727) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index ce5c1850f..339ce5918 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index 023c53658..8db57b5db 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@ce4047f663174688ea42a21fac1b1007d97b79bb # main + uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main with: token: ${{ secrets.GITHUB_TOKEN }} From 53fde7d5d0298ce81d2ea9b0d28bf9076d026e7a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 15 Dec 2024 00:11:44 +0200 Subject: [PATCH 37/63] Update RHCOS to OCP version map (#2643) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index e71d58e33..38d5ca638 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -342,6 +342,7 @@ 4.14.40 / 414.92.202410290222-0 4.14.41 / 414.92.202411130444-0 4.14.42 / 414.92.202411260513-0 +4.14.43 / 414.92.202412110121-0 4.14.5 / 414.92.202311281318-0 4.14.6 / 414.92.202312011602-0 4.14.7 / 414.92.202312132152-0 @@ -460,6 +461,7 @@ 4.17.6 / 417.94.202411201839-0 4.17.7 / 417.94.202411261220-0 4.17.8 / 417.94.202412040832-0 +4.17.9 / 417.94.202412120651-0 4.18.0-ec.0 / 418.94.202408212252-0 4.18.0-ec.1 / 418.94.202409131956-0 4.18.0-ec.2 / 418.94.202410071559-0 From 84a040790e0825bf1bceff5647f8936f9849df4f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 12:54:46 -0600 Subject: [PATCH 38/63] Bump docker/setup-buildx-action from 3.7.1 to 3.8.0 (#2646) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.7.1 to 3.8.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/c47758b77c9736f4b2ef4073d4d51994fabfe349...6524bf65af31da8d45b59e8c27de4bd072b392f5) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 4 ++-- .github/workflows/qe-hosted.yml | 4 ++-- .github/workflows/qe-ocp-arm-416.yaml | 4 ++-- .github/workflows/qe-ocp-pre-main.yaml | 4 ++-- .github/workflows/tnf-image.yaml | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 339ce5918..e0abf1755 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -412,7 +412,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Login to Quay.io uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 @@ -455,7 +455,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Login to Quay.io uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index 8db57b5db..b974a3efb 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -35,7 +35,7 @@ jobs: ref: ${{ github.sha }} - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 # Restart docker using /mnt/docker-storage (sdb) instead of /var/lib/docker (sda). # This step needs to be done right after the partner repo's bootstrap scripts, as they @@ -98,7 +98,7 @@ jobs: # Download the image from the artifact and load it into the docker daemon. - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 # Restart docker using /mnt/docker-storage (sdb) instead of /var/lib/docker (sda). # This step needs to be done right after the partner repo's bootstrap scripts, as they diff --git a/.github/workflows/qe-ocp-arm-416.yaml b/.github/workflows/qe-ocp-arm-416.yaml index 5b2d61091..9f0b3230e 100644 --- a/.github/workflows/qe-ocp-arm-416.yaml +++ b/.github/workflows/qe-ocp-arm-416.yaml @@ -34,7 +34,7 @@ jobs: ref: ${{ github.sha }} - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build temporary image tag for this PR uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 @@ -75,7 +75,7 @@ jobs: # Download the image from the artifact and load it into the docker daemon. - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Download image from artifact uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 diff --git a/.github/workflows/qe-ocp-pre-main.yaml b/.github/workflows/qe-ocp-pre-main.yaml index dc76771af..6a0df77b0 100644 --- a/.github/workflows/qe-ocp-pre-main.yaml +++ b/.github/workflows/qe-ocp-pre-main.yaml @@ -32,7 +32,7 @@ jobs: ref: ${{ github.sha }} - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build temporary image tag for this PR uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 @@ -71,7 +71,7 @@ jobs: # Download the image from the artifact and load it into the docker daemon. - name: Setup docker buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Download image from artifact uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 diff --git a/.github/workflows/tnf-image.yaml b/.github/workflows/tnf-image.yaml index 1b7914a10..407547f05 100644 --- a/.github/workflows/tnf-image.yaml +++ b/.github/workflows/tnf-image.yaml @@ -117,7 +117,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 # Push the new TNF image to Quay.io. - name: Authenticate against Quay.io @@ -229,7 +229,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 # Push the new TNF image to Quay.io. - name: Authenticate against Quay.io From dcc862077795918c82f45a5bbe0a12b3005a43b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 12:55:15 -0600 Subject: [PATCH 39/63] Bump ubi9/ubi from `1057dab` to `aa149a2` (#2644) Bumps ubi9/ubi from `1057dab` to `aa149a2`. --- updated-dependencies: - dependency-name: ubi9/ubi dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 946f20ce7..4600ab7d8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:1057dab827c782abcfb9bda0c3900c0966b5066e671d54976a7bcb3a2d1a5e53 AS build +FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:aa149a2e32725b0ea9c8ac97d25e65a894b1a4b2f220dd7670d890e60a733a14 AS build ENV CERTSUITE_DIR=/usr/certsuite ENV \ CERTSUITE_SRC_DIR=${CERTSUITE_DIR}/src \ From a453373dacd48bdc680fed37e97aedeb6f3a82b2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 12:55:33 -0600 Subject: [PATCH 40/63] Bump depends-on/depends-on-action (#2645) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from 279809107792022edfa46aa42ed33531f91b9727 to 747e9a585cf378ac4b07153ea362c9a3e3802e61. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/279809107792022edfa46aa42ed33531f91b9727...747e9a585cf378ac4b07153ea362c9a3e3802e61) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index e0abf1755..ff8427f5b 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index b974a3efb..677f32a0d 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@279809107792022edfa46aa42ed33531f91b9727 # main + uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main with: token: ${{ secrets.GITHUB_TOKEN }} From 2f2823be640bf291baf53101d5bfd5a91e8a3476 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 12:56:00 -0600 Subject: [PATCH 41/63] Bump google.golang.org/api from 0.211.0 to 0.212.0 (#2647) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.211.0 to 0.212.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.211.0...v0.212.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 9a08c9623..5cac7cb21 100644 --- a/go.mod +++ b/go.mod @@ -29,9 +29,9 @@ require ( require ( cel.dev/expr v0.18.0 // indirect - cloud.google.com/go/auth v0.12.1 // indirect + cloud.google.com/go/auth v0.13.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect - cloud.google.com/go/compute/metadata v0.5.2 // indirect + cloud.google.com/go/compute/metadata v0.6.0 // indirect dario.cat/mergo v1.0.1 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect @@ -246,7 +246,7 @@ require ( github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 - google.golang.org/api v0.211.0 + google.golang.org/api v0.212.0 k8s.io/kubectl v0.32.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) diff --git a/go.sum b/go.sum index 7ca631fdb..72a7bdb16 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,11 @@ cel.dev/expr v0.18.0 h1:CJ6drgk+Hf96lkLikr4rFf19WrU0BOWEihyZnI2TAzo= cel.dev/expr v0.18.0/go.mod h1:MrpN08Q+lEBs+bGYdLxxHkZoUSsCp0nSKTs0nTymJgw= -cloud.google.com/go/auth v0.12.1 h1:n2Bj25BUMM0nvE9D2XLTiImanwZhO3DkfWSYS/SAJP4= -cloud.google.com/go/auth v0.12.1/go.mod h1:BFMu+TNpF3DmvfBO9ClqTR/SiqVIm7LukKF9mbendF4= +cloud.google.com/go/auth v0.13.0 h1:8Fu8TZy167JkW8Tj3q7dIkr2v4cndv41ouecJx0PAHs= +cloud.google.com/go/auth v0.13.0/go.mod h1:COOjD9gwfKNKz+IIduatIhYJQIc0mG3H102r/EMxX6Q= cloud.google.com/go/auth/oauth2adapt v0.2.6 h1:V6a6XDu2lTwPZWOawrAa9HUK+DB2zfJyTuciBG5hFkU= cloud.google.com/go/auth/oauth2adapt v0.2.6/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8= -cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= -cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= +cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I= +cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg= dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= @@ -707,8 +707,8 @@ golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSm golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.211.0 h1:IUpLjq09jxBSV1lACO33CGY3jsRcbctfGzhj+ZSE/Bg= -google.golang.org/api v0.211.0/go.mod h1:XOloB4MXFH4UTlQSGuNUxw0UT74qdENK8d6JNsXKLi0= +google.golang.org/api v0.212.0 h1:BcRj3MJfHF3FYD29rk7u9kuu1SyfGqfHcA0hSwKqkHg= +google.golang.org/api v0.212.0/go.mod h1:gICpLlpp12/E8mycRMzgy3SQ9cFh2XnVJ6vJi/kQbvI= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 h1:pgr/4QbFyktUv9CtQ/Fq4gzEE6/Xs7iCXbktaGzLHbQ= From 0c9b3cf7c81eabc544bf10f35babdfeb3f0a59a9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 13:15:18 -0600 Subject: [PATCH 42/63] Bump depends-on/depends-on-action (#2650) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from 747e9a585cf378ac4b07153ea362c9a3e3802e61 to 89053954da4995d50120bb9dae99502395c6206c. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/747e9a585cf378ac4b07153ea362c9a3e3802e61...89053954da4995d50120bb9dae99502395c6206c) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index ff8427f5b..385d0b2a5 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index 677f32a0d..d987fadfc 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@747e9a585cf378ac4b07153ea362c9a3e3802e61 # main + uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main with: token: ${{ secrets.GITHUB_TOKEN }} From 3476d459b45264c466bae8e08a33e5a2c70745df Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 15:51:36 -0600 Subject: [PATCH 43/63] Bump helm.sh/helm/v3 from 3.16.3 to 3.16.4 (#2649) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.16.3 to 3.16.4. - [Release notes](https://github.com/helm/helm/releases) - [Commits](https://github.com/helm/helm/compare/v3.16.3...v3.16.4) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5cac7cb21..ab91f5f09 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/operator-framework/api v0.27.0 github.com/operator-framework/operator-lifecycle-manager v0.30.0 github.com/pkg/errors v0.9.1 // indirect - helm.sh/helm/v3 v3.16.3 + helm.sh/helm/v3 v3.16.4 k8s.io/api v0.32.0 k8s.io/apimachinery v0.32.0 k8s.io/klog/v2 v2.130.1 // indirect diff --git a/go.sum b/go.sum index 72a7bdb16..690053cf4 100644 --- a/go.sum +++ b/go.sum @@ -745,8 +745,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= -helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= -helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= +helm.sh/helm/v3 v3.16.4 h1:rBn/h9MACw+QlhxQTjpl8Ifx+VTWaYsw3rguGBYBzr0= +helm.sh/helm/v3 v3.16.4/go.mod h1:k8QPotUt57wWbi90w3LNmg3/MWcLPigVv+0/X4B8BzA= k8s.io/api v0.32.0 h1:OL9JpbvAU5ny9ga2fb24X8H6xQlVp+aJMFlgtQjR9CE= k8s.io/api v0.32.0/go.mod h1:4LEwHZEf6Q/cG96F3dqR965sYOfmPM7rq81BLgsE0p0= k8s.io/apiextensions-apiserver v0.32.0 h1:S0Xlqt51qzzqjKPxfgX1xh4HBZE+p8KKBq+k2SWNOE0= From c87f00f63e661265e3043b365f926b9aae1f9e8e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 15:51:51 -0600 Subject: [PATCH 44/63] Bump ubi9/python-39 in /.github/actions/documentation (#2651) Bumps ubi9/python-39 from `eb65add` to `daa95bd`. --- updated-dependencies: - dependency-name: ubi9/python-39 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/documentation/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/documentation/Dockerfile b/.github/actions/documentation/Dockerfile index bc9e6eb38..976c2fa9d 100644 --- a/.github/actions/documentation/Dockerfile +++ b/.github/actions/documentation/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:eb65add9b84a3d3ac104b7bc091f49faffe9e69aef8bafb0654547b1708c4841 +FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:daa95bd4459da0314c06a918ead906be049f74f2f19850cf259f06761ddb3979 # Pin versions in pip. # hadolint ignore=DL3013 From 2841402926968338b2189bc0cbef9291153331d6 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 18 Dec 2024 17:01:43 +0100 Subject: [PATCH 45/63] Update RHCOS to OCP version map (#2652) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index 38d5ca638..b5ea97c18 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -469,6 +469,7 @@ 4.18.0-ec.4 / 418.94.202411210552-0 4.18.0-rc.0 / 418.94.202411291453-0 4.18.0-rc.1 / 418.94.202412050001-0 +4.18.0-rc.2 / 418.94.202412120450-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From 2b417081a3edcc3117af431c613b92e7035e6a0a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:50:05 +0100 Subject: [PATCH 46/63] Bump depends-on/depends-on-action (#2655) Bumps [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) from 89053954da4995d50120bb9dae99502395c6206c to 77e67971a155b35424508ada365790c47286fd0f. - [Release notes](https://github.com/depends-on/depends-on-action/releases) - [Commits](https://github.com/depends-on/depends-on-action/compare/89053954da4995d50120bb9dae99502395c6206c...77e67971a155b35424508ada365790c47286fd0f) --- updated-dependencies: - dependency-name: depends-on/depends-on-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 10 +++++----- .github/workflows/qe-hosted.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 385d0b2a5..79b2d1e5a 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -58,7 +58,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -133,7 +133,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -203,7 +203,7 @@ jobs: uses: ./.github/actions/install-yaml-dep - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -302,7 +302,7 @@ jobs: make-command: 'install' - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -493,7 +493,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check all dependent Pull Requests are merged - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} check-unmerged-pr: true diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index d987fadfc..a241919e0 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -149,7 +149,7 @@ jobs: ref: main - name: Extract dependent Pull Requests - uses: depends-on/depends-on-action@89053954da4995d50120bb9dae99502395c6206c # main + uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main with: token: ${{ secrets.GITHUB_TOKEN }} From 9a55c900c4ee776a38efd78800e5f0a99aea2783 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:50:54 +0100 Subject: [PATCH 47/63] Bump actions/upload-artifact from 4.4.3 to 4.5.0 (#2656) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.3 to 4.5.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882...6f51ac03b9356f520e9adb1b1b7802705f340c2b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pre-main.yaml | 6 +++--- .github/workflows/qe-hosted.yml | 2 +- .github/workflows/qe-ocp-arm-416.yaml | 2 +- .github/workflows/qe-ocp-pre-main.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/pre-main.yaml b/.github/workflows/pre-main.yaml index 79b2d1e5a..2e44cf720 100644 --- a/.github/workflows/pre-main.yaml +++ b/.github/workflows/pre-main.yaml @@ -240,7 +240,7 @@ jobs: run: ./certsuite claim show failures -c certsuite-out/claim.json - name: Upload smoke test results as an artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: always() with: name: smoke-tests @@ -257,7 +257,7 @@ jobs: run: ./certsuite run --label-filter=preflight --log-level="${SMOKE_TESTS_LOG_LEVEL}" - name: Upload preflight smoke test results as an artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: always() with: name: preflight-smoke-tests @@ -363,7 +363,7 @@ jobs: --label-filter="${SMOKE_TESTS_LABELS_FILTER}" - name: Upload container test results as an artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 if: always() with: name: smoke-tests-container diff --git a/.github/workflows/qe-hosted.yml b/.github/workflows/qe-hosted.yml index a241919e0..e3539601d 100644 --- a/.github/workflows/qe-hosted.yml +++ b/.github/workflows/qe-hosted.yml @@ -67,7 +67,7 @@ jobs: outputs: type=docker,dest=/tmp/testimage.tar - name: Store image as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: testimage path: /tmp/testimage.tar diff --git a/.github/workflows/qe-ocp-arm-416.yaml b/.github/workflows/qe-ocp-arm-416.yaml index 9f0b3230e..904b71466 100644 --- a/.github/workflows/qe-ocp-arm-416.yaml +++ b/.github/workflows/qe-ocp-arm-416.yaml @@ -47,7 +47,7 @@ jobs: outputs: type=docker,dest=/tmp/testimage.tar - name: Store image as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: testimage path: /tmp/testimage.tar diff --git a/.github/workflows/qe-ocp-pre-main.yaml b/.github/workflows/qe-ocp-pre-main.yaml index 6a0df77b0..3ea9b34b1 100644 --- a/.github/workflows/qe-ocp-pre-main.yaml +++ b/.github/workflows/qe-ocp-pre-main.yaml @@ -44,7 +44,7 @@ jobs: outputs: type=docker,dest=/tmp/testimage.tar - name: Store image as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: testimage path: /tmp/testimage.tar diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index d5ee04629..c53683f82 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif From 7be0f78a0a5f5bc81da05a8dd3981ccc4a4e6e0a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:51:07 +0100 Subject: [PATCH 48/63] Bump google.golang.org/api from 0.212.0 to 0.213.0 (#2657) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.212.0 to 0.213.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.212.0...v0.213.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index ab91f5f09..6ba096812 100644 --- a/go.mod +++ b/go.mod @@ -200,7 +200,7 @@ require ( golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect google.golang.org/grpc v1.67.1 // indirect google.golang.org/protobuf v1.35.2 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect @@ -246,7 +246,7 @@ require ( github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 - google.golang.org/api v0.212.0 + google.golang.org/api v0.213.0 k8s.io/kubectl v0.32.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) diff --git a/go.sum b/go.sum index 690053cf4..0aee253c5 100644 --- a/go.sum +++ b/go.sum @@ -707,14 +707,14 @@ golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSm golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.212.0 h1:BcRj3MJfHF3FYD29rk7u9kuu1SyfGqfHcA0hSwKqkHg= -google.golang.org/api v0.212.0/go.mod h1:gICpLlpp12/E8mycRMzgy3SQ9cFh2XnVJ6vJi/kQbvI= +google.golang.org/api v0.213.0 h1:KmF6KaDyFqB417T68tMPbVmmwtIXs2VB60OJKIHB0xQ= +google.golang.org/api v0.213.0/go.mod h1:V0T5ZhNUUNpYAlL306gFZPFt5F5D/IeyLoktduYYnvQ= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 h1:pgr/4QbFyktUv9CtQ/Fq4gzEE6/Xs7iCXbktaGzLHbQ= google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697/go.mod h1:+D9ySVjN8nY8YCVjc5O7PZDIdZporIDY3KaGfJunh88= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583 h1:IfdSdTcLFy4lqUQrQJLkLt1PB+AsqVz6lwkWPzWEz10= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= From f5f39d1f72ea7621566b46b2427f94a2561cb391 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:55:35 +0100 Subject: [PATCH 49/63] Bump github.com/mittwald/go-helm-client from 0.12.15 to 0.12.16 (#2658) Bumps [github.com/mittwald/go-helm-client](https://github.com/mittwald/go-helm-client) from 0.12.15 to 0.12.16. - [Release notes](https://github.com/mittwald/go-helm-client/releases) - [Commits](https://github.com/mittwald/go-helm-client/compare/v0.12.15...v0.12.16) --- updated-dependencies: - dependency-name: github.com/mittwald/go-helm-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6ba096812..509aa72a6 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( require k8s.io/client-go v0.32.0 require ( - github.com/mittwald/go-helm-client v0.12.15 + github.com/mittwald/go-helm-client v0.12.16 github.com/openshift/api v3.9.0+incompatible github.com/openshift/client-go v0.0.0-20241001162912-da6d55e4611f github.com/operator-framework/api v0.27.0 diff --git a/go.sum b/go.sum index 0aee253c5..2edd1581e 100644 --- a/go.sum +++ b/go.sum @@ -375,8 +375,8 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/mittwald/go-helm-client v0.12.15 h1:Ks7ccT3XflaCJ0/453qJLeVKlXo+K+buFehkFG0UWOE= -github.com/mittwald/go-helm-client v0.12.15/go.mod h1:LRRoErsgdw0TUVE8fXcwb1npRKibHGUQexiPhqc/UXA= +github.com/mittwald/go-helm-client v0.12.16 h1:YTyJX6L0SI/O7HNTG0qDZI2/jyGELxJOQEjvTj4mf6k= +github.com/mittwald/go-helm-client v0.12.16/go.mod h1:PDF7Ra8bmJ2YTNzoehoMMi+gW/EJBk/4TLz7j52rehY= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= From f0e1d4b722fc4b00a09d1eed2a97f6351eb3e78c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:55:52 +0100 Subject: [PATCH 50/63] Bump ubi9/ubi from `aa149a2` to `38791b2` (#2659) Bumps ubi9/ubi from `aa149a2` to `38791b2`. --- updated-dependencies: - dependency-name: ubi9/ubi dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4600ab7d8..9337c84c5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:aa149a2e32725b0ea9c8ac97d25e65a894b1a4b2f220dd7670d890e60a733a14 AS build +FROM registry.access.redhat.com/ubi9/ubi:9.5@sha256:38791b293262ac2169eca2717e68e626a047d2b89fbd1da544db24ed0204efeb AS build ENV CERTSUITE_DIR=/usr/certsuite ENV \ CERTSUITE_SRC_DIR=${CERTSUITE_DIR}/src \ From f4bc4dc275d4f7502d96c5a3022831cfc2a04d7f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 07:56:12 +0100 Subject: [PATCH 51/63] Bump ubi9/ubi-minimal from `dee813b` to `daa61d6` (#2660) Bumps ubi9/ubi-minimal from `dee813b` to `daa61d6`. --- updated-dependencies: - dependency-name: ubi9/ubi-minimal dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9337c84c5..8a6e426c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -102,7 +102,7 @@ FROM quay.io/redhat-best-practices-for-k8s/oct:latest AS db # Copy the state into a new flattened image to reduce size. # TODO run as non-root -FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5@sha256:dee813b83663d420eb108983a1c94c614ff5d3fcb5159a7bd0324f0edbe7fca1 +FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5@sha256:daa61d6103e98bccf40d7a69a0d4f8786ec390e2204fd94f7cc49053e9949360 ENV \ CERTSUITE_DIR=/usr/certsuite \ From 87d584dedb9588b97d1fd39cb35eb1095728b4aa Mon Sep 17 00:00:00 2001 From: Brandon Palm Date: Thu, 19 Dec 2024 10:59:28 -0600 Subject: [PATCH 52/63] Update preflight to v1.11.1 (#2648) --- CATALOG.md | 28 ++++++++++++++++++++++------ go.mod | 8 ++++---- go.sum | 16 ++++++++-------- 3 files changed, 34 insertions(+), 18 deletions(-) diff --git a/CATALOG.md b/CATALOG.md index 6c80a42df..fbe1d18f8 100644 --- a/CATALOG.md +++ b/CATALOG.md @@ -7,7 +7,7 @@ Depending on the workload type, not all tests are required to pass to satisfy be ## Test cases summary -### Total test cases: 117 +### Total test cases: 118 ### Total suites: 10 @@ -22,7 +22,7 @@ Depending on the workload type, not all tests are required to pass to satisfy be |operator|11| |performance|6| |platform-alteration|13| -|preflight|17| +|preflight|18| ### Extended specific tests only: 12 @@ -36,11 +36,11 @@ Depending on the workload type, not all tests are required to pass to satisfy be |---|---| |8|1| -### Non-Telco specific tests only: 69 +### Non-Telco specific tests only: 70 |Mandatory|Optional| |---|---| -|44|25| +|44|26| ### Telco specific tests only: 27 @@ -1800,13 +1800,29 @@ Tags|common,preflight |Non-Telco|Optional| |Telco|Optional| +#### preflight-HasProhibitedContainerName + +Property|Description +---|--- +Unique ID|preflight-HasProhibitedContainerName +Description|Checking if the container-name violates Red Hat trademark. +Suggested Remediation|Update container-name ie (quay.io/repo-name/container-name) to not violate Red Hat trademark. +Best Practice Reference|No Doc Link +Exception Process|There is no documented exception process for this. +Tags|common,preflight +|**Scenario**|**Optional/Mandatory**| +|Extended|Optional| +|Far-Edge|Optional| +|Non-Telco|Optional| +|Telco|Optional| + #### preflight-HasRequiredLabel Property|Description ---|--- Unique ID|preflight-HasRequiredLabel -Description|Checking if the required labels (name, vendor, version, release, summary, description) are present in the container metadata. -Suggested Remediation|Add the following labels to your Dockerfile or Containerfile: name, vendor, version, release, summary, description +Description|Checking if the required labels (name, vendor, version, release, summary, description, maintainer) are present in the container metadata and that they do not violate Red Hat trademark. +Suggested Remediation|Add the following labels to your Dockerfile or Containerfile: name, vendor, version, release, summary, description, maintainer and validate that they do not violate Red Hat trademark. Best Practice Reference|No Doc Link Exception Process|There is no documented exception process for this. Tags|common,preflight diff --git a/go.mod b/go.mod index 509aa72a6..0f037096c 100644 --- a/go.mod +++ b/go.mod @@ -143,7 +143,7 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect - github.com/onsi/gomega v1.35.1 // indirect + github.com/onsi/gomega v1.36.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect github.com/openshift/library-go v0.0.0-20231020125025-211b32f1a1f2 // indirect @@ -218,7 +218,7 @@ require ( modernc.org/sqlite v1.28.0 // indirect oras.land/oras-go v1.2.5 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 // indirect - sigs.k8s.io/controller-runtime v0.19.0 // indirect + sigs.k8s.io/controller-runtime v0.19.3 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 // indirect sigs.k8s.io/kustomize/api v0.18.0 // indirect @@ -243,7 +243,7 @@ require ( github.com/manifoldco/promptui v0.9.0 github.com/redhat-best-practices-for-k8s/oct v0.0.29 github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 - github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 + github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 google.golang.org/api v0.213.0 @@ -251,6 +251,6 @@ require ( k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) -replace github.com/redhat-openshift-ecosystem/openshift-preflight => github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 +replace github.com/redhat-openshift-ecosystem/openshift-preflight => github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 replace github.com/openshift/api => github.com/openshift/api v0.0.0-20241024191314-684b2b1679ba diff --git a/go.sum b/go.sum index 2edd1581e..fe4a60915 100644 --- a/go.sum +++ b/go.sum @@ -409,10 +409,10 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= -github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= +github.com/onsi/ginkgo/v2 v2.22.0 h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg= +github.com/onsi/ginkgo/v2 v2.22.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.36.0 h1:Pb12RlruUtj4XUuPUqeEWc6j5DkVVVA49Uf6YLfC95Y= +github.com/onsi/gomega v1.36.0/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= @@ -476,8 +476,8 @@ github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NV github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 h1:/M2L223DOvv/I4bb5ZFgqchN3vwRMnsa6fjaTd4XhUI= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43/go.mod h1:XVI9IK9DKYKz21XYxBcRYJMeN8Meily8meHOz1Yxcyw= -github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024 h1:qPsNS6SIDigSwcUMUrEdDovIAdbVCNOGvhir8p6wVNc= -github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241021175030-e64988a27024/go.mod h1:WgrOUZnQYsTQetJwbMHkcNecYaOcWMmTVDmDOTTIMcQ= +github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 h1:zfL9KPgdJ5m0KuEUg283u2eQjJ++nm916W+dGj1cbRk= +github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7/go.mod h1:OfW8qqVJj2/rhgoC7unTiGDsLRwmKwaGAnHU5yaC3+k= github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5 h1:EaDatTxkdHG+U3Bk4EUr+DZ7fOGwTfezUiUJMaIcaho= github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5/go.mod h1:fyalQWdtzDBECAQFBJuQe5bzQ02jGd5Qcbgb97Flm7U= github.com/redis/go-redis/extra/redisotel/v9 v9.0.5 h1:EfpWLLCyXw8PSM2/XNJLjI3Pb27yVE+gIAfeqp8LUCc= @@ -783,8 +783,8 @@ oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo= oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 h1:CPT0ExVicCzcpeN4baWEV2ko2Z/AsiZgEdwgcfwLgMo= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= -sigs.k8s.io/controller-runtime v0.19.0 h1:nWVM7aq+Il2ABxwiCizrVDSlmDcshi9llbaFbC0ji/Q= -sigs.k8s.io/controller-runtime v0.19.0/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= +sigs.k8s.io/controller-runtime v0.19.3 h1:XO2GvC9OPftRst6xWCpTgBZO04S2cbp0Qqkj8bX1sPw= +sigs.k8s.io/controller-runtime v0.19.3/go.mod h1:j4j87DqtsThvwTv5/Tc5NFRyyF/RF0ip4+62tbTSIUM= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/kube-storage-version-migrator v0.0.6-0.20230721195810-5c8923c5ff96 h1:PFWFSkpArPNJxFX4ZKWAk9NSeRoZaXschn+ULa4xVek= From f6670c5cab689f6c50e2bf9d41a354fef223a73d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 12:09:06 -0600 Subject: [PATCH 53/63] Bump ubi9/python-39 in /.github/actions/documentation (#2661) Bumps ubi9/python-39 from `daa95bd` to `dde5068`. --- updated-dependencies: - dependency-name: ubi9/python-39 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/documentation/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/documentation/Dockerfile b/.github/actions/documentation/Dockerfile index 976c2fa9d..81f97209c 100644 --- a/.github/actions/documentation/Dockerfile +++ b/.github/actions/documentation/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:daa95bd4459da0314c06a918ead906be049f74f2f19850cf259f06761ddb3979 +FROM registry.access.redhat.com/ubi9/python-39:9.5@sha256:dde5068ba8fd81eef41a9128ddad2b99e2e02e5869ffe925c605b609a0ad7bbb # Pin versions in pip. # hadolint ignore=DL3013 From 9f1ebd903f3ae85adaa6c6992be3741ebc7d7203 Mon Sep 17 00:00:00 2001 From: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com> Date: Fri, 20 Dec 2024 13:39:47 +0100 Subject: [PATCH 54/63] CSVs autodiscovery fix. (#2653) PR #2479 fixed the autodiscovery of operator's pods and also added them to the pods-under-test list. The problem is that it was also adding every cluster-wide operator's controller pods to that list. With this change, the operator (controller's pod) must be running in one of the configured/test namespaces in order to consider that CSV as part of the operators under test. --- pkg/autodiscover/autodiscover_operators.go | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/pkg/autodiscover/autodiscover_operators.go b/pkg/autodiscover/autodiscover_operators.go index 07f330fe7..a55040cd8 100644 --- a/pkg/autodiscover/autodiscover_operators.go +++ b/pkg/autodiscover/autodiscover_operators.go @@ -81,6 +81,14 @@ func findOperatorsMatchingAtLeastOneLabel(olmClient clientOlm.Interface, labels } func findOperatorsByLabels(olmClient clientOlm.Interface, labels []labelObject, namespaces []configuration.Namespace) (csvs []*olmv1Alpha.ClusterServiceVersion) { + const nsAnnotation = "olm.operatorNamespace" + + // Helper namespaces map to do quick search of the operator's controller namespace. + namespacesMap := map[string]bool{} + for _, ns := range namespaces { + namespacesMap[ns.Name] = true + } + csvs = []*olmv1Alpha.ClusterServiceVersion{} var csvList *olmv1Alpha.ClusterServiceVersionList for _, ns := range namespaces { @@ -97,7 +105,18 @@ func findOperatorsByLabels(olmClient clientOlm.Interface, labels []labelObject, } } for i := range csvList.Items { - csvs = append(csvs, &csvList.Items[i]) + csv := &csvList.Items[i] + + // Filter out CSV if operator's controller pod/s is/are not running in any configured/test namespace. + controllerNamespace, found := csv.Annotations[nsAnnotation] + if !found { + log.Error("Failed to get ns annotation %q from csv %v/%v", nsAnnotation, csv.Namespace, csv.Name) + continue + } + + if namespacesMap[controllerNamespace] { + csvs = append(csvs, csv) + } } } for i := range csvs { From 5dc8da43414179bc032a36cc27171d3b555de55b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 01:08:48 +0200 Subject: [PATCH 55/63] Update RHCOS to OCP version map (#2663) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index b5ea97c18..8aa929316 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -395,6 +395,7 @@ 4.15.39 / 415.92.202411201723-0 4.15.40 / 415.92.202412022228-0 4.15.41 / 415.92.202412022228-0 +4.15.42 / 415.92.202412171121-0 4.15.5 / 415.92.202403191241-0 4.15.6 / 415.92.202403270524-0 4.15.7 / 415.92.202403270524-0 @@ -435,6 +436,7 @@ 4.16.25 / 416.94.202411261619-0 4.16.26 / 416.94.202412040832-0 4.16.27 / 416.94.202412100237-0 +4.16.28 / 416.94.202412170927-0 4.16.3 / 416.94.202407081958-0 4.16.4 / 416.94.202407171205-0 4.16.5 / 416.94.202407231922-0 @@ -454,6 +456,7 @@ 4.17.0-rc.5 / 417.94.202409120353-0 4.17.0-rc.6 / 417.94.202409121747-0 4.17.1 / 417.94.202410090854-0 +4.17.10 / 417.94.202412180008-0 4.17.2 / 417.94.202410160352-0 4.17.3 / 417.94.202410211619-0 4.17.4 / 417.94.202411050056-0 @@ -470,6 +473,7 @@ 4.18.0-rc.0 / 418.94.202411291453-0 4.18.0-rc.1 / 418.94.202412050001-0 4.18.0-rc.2 / 418.94.202412120450-0 +4.18.0-rc.3 / 418.94.202412172234-0 4.4.0 / 44.81.202004260825-0 4.4.0-rc.0 / 44.81.202003110830-0 4.4.0-rc.1 / 44.81.202003130330-0 From 8b195397dde65efbb3a80d0ff37bf5dce45aa54b Mon Sep 17 00:00:00 2001 From: Gonzalo Reyero Ferreras <87083379+greyerof@users.noreply.github.com> Date: Mon, 23 Dec 2024 16:52:21 +0100 Subject: [PATCH 56/63] Merge runAsUser and runAsNonRoot checks in a single testcase/check. (#2654) * Merge runAsUser and runAsNonRoot checks in a single testcase/check. These two test cases have been merged: access-control-security-context-run-as-non-root-user-check access-control-security-context-non-root-user-id-check As a result, both securityConstraint fields "runAsNonRoot" and "runAsUser" are checked inside the existing test case access-control-security-context-run-as-non-root-user-check To pass the test case, either: a) runAsUser must be `!= 0` at pod or container level. b) runAsNonRoot must be `true` at pod or container level. * Remove access-control-security-context-non-root-user-id-check from expected_results.yaml file. * QE branch ref set to rename_access_control_test QE PR https://github.com/redhat-best-practices-for-k8s/certsuite-qe/pull/1034 is pending to merge but the branch can be used here. * Use access-control-security-context-non-root-user-id-check. * Update expected_results.yaml file --- CATALOG.md | 28 ++++--------------- expected_results.yaml | 1 - pkg/provider/containers.go | 12 ++++---- pkg/provider/containers_test.go | 8 +++--- pkg/provider/pods.go | 48 +++++++++++--------------------- pkg/provider/pods_test.go | 4 +-- tests/accesscontrol/suite.go | 47 ++++++------------------------- tests/identifiers/identifiers.go | 19 +------------ tests/identifiers/remediation.go | 2 +- 9 files changed, 44 insertions(+), 125 deletions(-) diff --git a/CATALOG.md b/CATALOG.md index fbe1d18f8..904d8f39b 100644 --- a/CATALOG.md +++ b/CATALOG.md @@ -7,13 +7,13 @@ Depending on the workload type, not all tests are required to pass to satisfy be ## Test cases summary -### Total test cases: 118 +### Total test cases: 117 ### Total suites: 10 |Suite|Tests per suite| |---|---| -|access-control|29| +|access-control|28| |affiliated-certification|4| |lifecycle|18| |manageability|2| @@ -36,11 +36,11 @@ Depending on the workload type, not all tests are required to pass to satisfy be |---|---| |8|1| -### Non-Telco specific tests only: 70 +### Non-Telco specific tests only: 69 |Mandatory|Optional| |---|---| -|44|26| +|43|26| ### Telco specific tests only: 27 @@ -379,8 +379,8 @@ Tags|extended,access-control Property|Description ---|--- Unique ID|access-control-security-context-non-root-user-id-check -Description|Checks the security context runAsUser parameter in pods and containers to make sure it is not set to uid root(0). Pods and containers should not run as root (runAsUser is not set to uid0). -Suggested Remediation|Change the pod and containers "runAsUser" uid to something other than root(0) +Description|Checks securityContext's runAsNonRoot and runAsUser fields at pod and container level to make sure containers are not run as root. +Suggested Remediation|Set the securityContext.runAsNonRoot field to true either at pod or container level. Alternatively, set a non-zero value to securityContext.runAsUser field either at pod or container level. Best Practice Reference|https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-cnf-security Exception Process|No exceptions - will only be considered under special circumstances. Must identify which container needs access and document why with details. Tags|common,access-control @@ -422,22 +422,6 @@ Tags|common,access-control |Non-Telco|Optional| |Telco|Optional| -#### access-control-security-context-run-as-non-root-user-check - -Property|Description ----|--- -Unique ID|access-control-security-context-run-as-non-root-user-check -Description|Checks the security context runAsNonRoot parameter in pods and containers to make sure it is not set to false. Pods and containers should not be able to run as root.. -Suggested Remediation|Set the the pod and containers "runAsNonRoot" to true. -Best Practice Reference|https://redhat-best-practices-for-k8s.github.io/guide/#redhat-best-practices-for-k8s-cnf-security -Exception Process|No exceptions - will only be considered under special circumstances. Must identify which container needs access and document why with details. -Tags|common,access-control -|**Scenario**|**Optional/Mandatory**| -|Extended|Mandatory| -|Far-Edge|Mandatory| -|Non-Telco|Mandatory| -|Telco|Mandatory| - #### access-control-service-type Property|Description diff --git a/expected_results.yaml b/expected_results.yaml index a3a6c30e1..82f9c0510 100644 --- a/expected_results.yaml +++ b/expected_results.yaml @@ -22,7 +22,6 @@ testCases: - access-control-security-context-non-root-user-id-check - access-control-security-context-privilege-escalation - access-control-security-context-read-only-file-system - - access-control-security-context-run-as-non-root-user-check - access-control-security-context - access-control-service-type - access-control-ssh-daemons diff --git a/pkg/provider/containers.go b/pkg/provider/containers.go index 609923e47..241c68a07 100644 --- a/pkg/provider/containers.go +++ b/pkg/provider/containers.go @@ -197,26 +197,26 @@ func (c *Container) IsReadOnlyRootFilesystem(logger *log.Logger) bool { func (c *Container) IsContainerRunAsNonRoot(podRunAsNonRoot *bool) (isContainerRunAsNonRoot bool, reason string) { if c.SecurityContext != nil && c.SecurityContext.RunAsNonRoot != nil { - return *c.SecurityContext.RunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to %t at the container level, overriding a %v value defined at pod level.", + return *c.SecurityContext.RunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to %t at the container level, overriding a %v value defined at pod level", *c.SecurityContext.RunAsNonRoot, stringhelper.PointerToString(podRunAsNonRoot)) } if podRunAsNonRoot != nil { - return *podRunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to nil at container level and inheriting a %t value from the pod level RunAsNonRoot setting.", *podRunAsNonRoot) + return *podRunAsNonRoot, fmt.Sprintf("RunAsNonRoot is set to nil at container level and inheriting a %t value from the pod level RunAsNonRoot setting", *podRunAsNonRoot) } - return false, "RunAsNonRoot set to nil at pod and container level" + return false, "RunAsNonRoot is set to nil at pod and container level" } func (c *Container) IsContainerRunAsNonRootUserID(podRunAsNonRootUserID *int64) (isContainerRunAsNonRootUserID bool, reason string) { if c.SecurityContext != nil && c.SecurityContext.RunAsUser != nil { - return *c.SecurityContext.RunAsUser != 0, fmt.Sprintf("RunAsUser is set to %v at the container level, overriding a %s value defined at pod level.", + return *c.SecurityContext.RunAsUser != 0, fmt.Sprintf("RunAsUser is set to %v at the container level, overriding a %s value defined at pod level", *c.SecurityContext.RunAsUser, stringhelper.PointerToString(podRunAsNonRootUserID)) } if podRunAsNonRootUserID != nil { - return *podRunAsNonRootUserID != 0, fmt.Sprintf("RunAsUser is set to nil at container level and inheriting a %v value from the pod level RunAsUser setting.", *podRunAsNonRootUserID) + return *podRunAsNonRootUserID != 0, fmt.Sprintf("RunAsUser is set to nil at container level and inheriting a %v value from the pod level RunAsUser setting", *podRunAsNonRootUserID) } - return false, "RunAsUser set to nil at pod and container level" + return false, "RunAsUser is set to nil at pod and container level" } diff --git a/pkg/provider/containers_test.go b/pkg/provider/containers_test.go index 0fd26b1fd..dd66487c9 100644 --- a/pkg/provider/containers_test.go +++ b/pkg/provider/containers_test.go @@ -266,7 +266,7 @@ func TestIsContainerRunAsNonRoot(t *testing.T) { }, podDefault: &falseVal, expected: true, - expectedReason: "RunAsNonRoot is set to true at the container level, overriding a false value defined at pod level.", + expectedReason: "RunAsNonRoot is set to true at the container level, overriding a false value defined at pod level", }, { name: "Container set to not run as non-root", @@ -279,7 +279,7 @@ func TestIsContainerRunAsNonRoot(t *testing.T) { }, podDefault: &trueVal, expected: false, - expectedReason: "RunAsNonRoot is set to false at the container level, overriding a true value defined at pod level.", + expectedReason: "RunAsNonRoot is set to false at the container level, overriding a true value defined at pod level", }, { name: "Container set to not run as non-root", @@ -292,7 +292,7 @@ func TestIsContainerRunAsNonRoot(t *testing.T) { }, podDefault: &falseVal, expected: false, - expectedReason: "RunAsNonRoot is set to nil at container level and inheriting a false value from the pod level RunAsNonRoot setting.", + expectedReason: "RunAsNonRoot is set to nil at container level and inheriting a false value from the pod level RunAsNonRoot setting", }, { name: "nil at pod and true at container", @@ -305,7 +305,7 @@ func TestIsContainerRunAsNonRoot(t *testing.T) { }, podDefault: nil, expected: true, - expectedReason: "RunAsNonRoot is set to true at the container level, overriding a nil value defined at pod level.", + expectedReason: "RunAsNonRoot is set to true at the container level, overriding a nil value defined at pod level", }, } diff --git a/pkg/provider/pods.go b/pkg/provider/pods.go index 73c0c97d7..b533d4215 100644 --- a/pkg/provider/pods.go +++ b/pkg/provider/pods.go @@ -520,58 +520,42 @@ func (p *Pod) IsRunAsUserID(uid int64) bool { return *p.Pod.Spec.SecurityContext.RunAsUser == uid } -// Returns the list of containers that have the RunAsNonRoot SCC parameter set to false -// The RunAsNonRoot parameter is checked first at the pod level and acts as a default value +// Returns the list of containers that have the securityContext.runAsNonRoot set to false and securityContext.runAsUser set to zero. +// Both parameteters are checked first at the pod level and acts as a default value // for the container configuration, if it is not present. -// The RunAsNonRoot parameter is checked next at the container level. // See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -func (p *Pod) GetRunAsNonRootFalseContainers(knownContainersToSkip map[string]bool) (nonCompliantContainers []*Container, nonComplianceReason []string) { +func (p *Pod) GetRunAsNonRootFalseContainers(knownContainersToSkip map[string]bool) (nonCompliantContainers []*Container, nonComplianceReasons []string) { // Check pod-level security context this will be set by default for containers // If not already configured at the container level var podRunAsNonRoot *bool if p.Pod.Spec.SecurityContext != nil && p.Pod.Spec.SecurityContext.RunAsNonRoot != nil { podRunAsNonRoot = p.Pod.Spec.SecurityContext.RunAsNonRoot } - // Check each container for the RunAsNonRoot parameter. - // If it is not present, the pod value applies - for _, cut := range p.Containers { - if knownContainersToSkip[cut.Name] { - continue - } - if isRunAsNonRoot, reason := cut.IsContainerRunAsNonRoot(podRunAsNonRoot); !isRunAsNonRoot { - // found a container with RunAsNonRoot set to false - nonCompliantContainers = append(nonCompliantContainers, cut) - nonComplianceReason = append(nonComplianceReason, reason) - } - } - return nonCompliantContainers, nonComplianceReason -} -// Returns the list of containers that have the RunAsUser SCC parameter set to 0 (root) -// The RunAsUser parameter is checked first at the pod level and acts as a default value -// for the container configuration, if it is not present. -// The RunAsUser parameter is checked next at the container level. -// See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -func (p *Pod) GetRunAsNonRootUserIDContainers(knownContainersToSkip map[string]bool) (nonCompliantContainers []*Container, nonComplianceReason []string) { - // Check pod-level security context this will be set by default for containers - // If not already configured at the container level var podRunAsUserID *int64 if p.Pod.Spec.SecurityContext != nil && p.Pod.Spec.SecurityContext.RunAsUser != nil { podRunAsUserID = p.Pod.Spec.SecurityContext.RunAsUser } - // Check each container for the RunAsUser parameter. + + // Check each container for the RunAsNonRoot parameter. // If it is not present, the pod value applies for _, cut := range p.Containers { if knownContainersToSkip[cut.Name] { continue } - if isRunAsNonRootUserID, reason := cut.IsContainerRunAsNonRootUserID(podRunAsUserID); !isRunAsNonRootUserID { - // found a container with RunAsNonRoot set to false - nonCompliantContainers = append(nonCompliantContainers, cut) - nonComplianceReason = append(nonComplianceReason, reason) + + isRunAsNonRoot, isRunAsNonRootReason := cut.IsContainerRunAsNonRoot(podRunAsNonRoot) + isRunAsNonRootUserID, isRunAsNonRootUserIDReason := cut.IsContainerRunAsNonRootUserID(podRunAsUserID) + + if isRunAsNonRoot || isRunAsNonRootUserID { + continue } + + nonCompliantContainers = append(nonCompliantContainers, cut) + nonComplianceReasons = append(nonComplianceReasons, isRunAsNonRootReason+", "+isRunAsNonRootUserIDReason) } - return nonCompliantContainers, nonComplianceReason + + return nonCompliantContainers, nonComplianceReasons } // Get the list of top owners of pods diff --git a/pkg/provider/pods_test.go b/pkg/provider/pods_test.go index 660c65ee8..51adc0724 100644 --- a/pkg/provider/pods_test.go +++ b/pkg/provider/pods_test.go @@ -719,7 +719,7 @@ func TestIsRunAsNonRoot(t *testing.T) { }, }, wantNonComplianceReason: []string{ - "RunAsNonRoot is set to false at the container level, overriding a true value defined at pod level.", + "RunAsNonRoot is set to false at the container level, overriding a true value defined at pod level, RunAsUser is set to nil at pod and container level", }, }, { @@ -771,7 +771,7 @@ func TestIsRunAsNonRoot(t *testing.T) { }, }, wantNonComplianceReason: []string{ - "RunAsNonRoot is set to false at the container level, overriding a nil value defined at pod level.", + "RunAsNonRoot is set to false at the container level, overriding a nil value defined at pod level, RunAsUser is set to nil at pod and container level", }, }, { diff --git a/tests/accesscontrol/suite.go b/tests/accesscontrol/suite.go index c60840f80..08415839c 100644 --- a/tests/accesscontrol/suite.go +++ b/tests/accesscontrol/suite.go @@ -119,13 +119,6 @@ func LoadChecks() { })) checksGroup.Add(checksdb.NewCheck(identifiers.GetTestIDAndLabels(identifiers.TestSecConNonRootUserIDIdentifier)). - WithSkipCheckFn(testhelper.GetNoContainersUnderTestSkipFn(&env)). - WithCheckFn(func(c *checksdb.Check) error { - testSecConRootUserID(c, &env) - return nil - })) - - checksGroup.Add(checksdb.NewCheck(identifiers.GetTestIDAndLabels(identifiers.TestSecConRunAsNonRootIdentifier)). WithSkipCheckFn(testhelper.GetNoContainersUnderTestSkipFn(&env)). WithCheckFn(func(c *checksdb.Check) error { testSecConRunAsNonRoot(c, &env) @@ -351,51 +344,27 @@ func testBpfCapability(check *checksdb.Check, env *provider.TestEnvironment) { check.SetResult(compliantObjects, nonCompliantObjects) } -// testSecConRootUserID verifies that the container is not running as root -func testSecConRootUserID(check *checksdb.Check, env *provider.TestEnvironment) { - var compliantObjects []*testhelper.ReportObject - var nonCompliantObjects []*testhelper.ReportObject - - for _, put := range env.Pods { - check.LogInfo("Testing Pod %q in namespace %q", put.Name, put.Namespace) - nonCompliantContainers, nonComplianceReason := put.GetRunAsNonRootUserIDContainers(knownContainersToSkip) - if len(nonCompliantContainers) == 0 { - check.LogInfo("Pod %q is configured with RunAsUser SCC parameter different than 0 for all of its containers", put.Name) - compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsUser SCC parameter different than 0 for all of its containers", true)) - } else { - check.LogError("Pod %q is configured with RunAsUser SCC parameter equal to 0 for some of its containers", put.Name) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsNonRoot SCC parameter set to false for some of its containers", false)) - for index := range nonCompliantContainers { - check.LogError("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, - nonCompliantContainers[index].Name, fmt.Sprintf("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]), false)) - } - } - } - check.SetResult(compliantObjects, nonCompliantObjects) -} - // testSecConRunAsNonRoot verifies that containers are not allowed to run as root. func testSecConRunAsNonRoot(check *checksdb.Check, env *provider.TestEnvironment) { var compliantObjects []*testhelper.ReportObject var nonCompliantObjects []*testhelper.ReportObject for _, put := range env.Pods { - check.LogInfo("Testing Pod %q in namespace %q", put.Name, put.Namespace) + check.LogInfo("Testing pod %s/%s", put.Namespace, put.Name) nonCompliantContainers, nonComplianceReason := put.GetRunAsNonRootFalseContainers(knownContainersToSkip) if len(nonCompliantContainers) == 0 { - check.LogInfo("Pod %q is configured with RunAsNonRoot SCC parameter set to true for all of its containers", put.Name) - compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsNonRoot SCC parameter set to true for all of its containers", true)) + compliantObjects = append(compliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsNonRoot=true or RunAsUser!=0 at pod or container level.", true)) } else { - check.LogError("Pod %q is configured with RunAsNonRoot SCC parameter set to false for some of its containers", put.Name) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "Pod is configured with RunAsNonRoot SCC parameter set to false for some of its containers", false)) + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewPodReportObject(put.Namespace, put.Name, "One or more containers of the pod are running with root user", false)) for index := range nonCompliantContainers { - check.LogError("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]) - nonCompliantObjects = append(nonCompliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, - nonCompliantContainers[index].Name, fmt.Sprintf("In Container %q of Pod %q, %s", nonCompliantContainers[index].Name, put.Name, nonComplianceReason[index]), false)) + check.LogError("Pod %s/%s, container %q is not compliant: %s", put.Namespace, put.Name, nonCompliantContainers[index].Name, nonComplianceReason[index]) + + nonCompliantObjects = append(nonCompliantObjects, testhelper.NewContainerReportObject(put.Namespace, put.Name, nonCompliantContainers[index].Name, + nonComplianceReason[index], false)) } } } + check.SetResult(compliantObjects, nonCompliantObjects) } diff --git a/tests/identifiers/identifiers.go b/tests/identifiers/identifiers.go index c19eb0e58..e73196830 100644 --- a/tests/identifiers/identifiers.go +++ b/tests/identifiers/identifiers.go @@ -102,7 +102,6 @@ var ( TestRtAppNoExecProbes claim.Identifier TestRestartOnRebootLabelOnPodsUsingSRIOV claim.Identifier TestSecConNonRootUserIDIdentifier claim.Identifier - TestSecConRunAsNonRootIdentifier claim.Identifier TestNetworkAttachmentDefinitionSRIOVUsingMTU claim.Identifier TestSecContextIdentifier claim.Identifier TestSecConPrivilegeEscalation claim.Identifier @@ -603,23 +602,7 @@ func InitCatalog() map[claim.Identifier]claim.TestCaseDescription { TestSecConNonRootUserIDIdentifier = AddCatalogEntry( "security-context-non-root-user-id-check", common.AccessControlTestKey, - `Checks the security context runAsUser parameter in pods and containers to make sure it is not set to uid root(0). Pods and containers should not run as root (runAsUser is not set to uid0).`, - SecConNonRootUserRemediation, - SecConNonRootUserExceptionProcess, - TestSecConNonRootUserIdentifierDocLink, - true, - map[string]string{ - FarEdge: Mandatory, - Telco: Mandatory, - NonTelco: Mandatory, - Extended: Mandatory, - }, - TagCommon) - - TestSecConRunAsNonRootIdentifier = AddCatalogEntry( - "security-context-run-as-non-root-user-check", - common.AccessControlTestKey, - `Checks the security context runAsNonRoot parameter in pods and containers to make sure it is not set to false. Pods and containers should not be able to run as root..`, + `Checks securityContext's runAsNonRoot and runAsUser fields at pod and container level to make sure containers are not run as root.`, SecConRunAsNonRootUserRemediation, SecConNonRootUserExceptionProcess, TestSecConNonRootUserIdentifierDocLink, diff --git a/tests/identifiers/remediation.go b/tests/identifiers/remediation.go index 34294186d..53efab0db 100644 --- a/tests/identifiers/remediation.go +++ b/tests/identifiers/remediation.go @@ -26,7 +26,7 @@ const ( SecConNonRootUserRemediation = `Change the pod and containers "runAsUser" uid to something other than root(0)` - SecConRunAsNonRootUserRemediation = `Set the the pod and containers "runAsNonRoot" to true.` + SecConRunAsNonRootUserRemediation = `Set the securityContext.runAsNonRoot field to true either at pod or container level. Alternatively, set a non-zero value to securityContext.runAsUser field either at pod or container level.` SecConRemediation = `Exception possible if a workload uses mlock(), mlockall(), shmctl(), mmap(); exception will be considered for DPDK applications. Must identify which container requires the capability and detail why.` From 4dedd752e72da21fb77327475adcf3ccdd4754c2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 08:17:50 -0600 Subject: [PATCH 57/63] Bump google.golang.org/api from 0.213.0 to 0.214.0 (#2662) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.213.0 to 0.214.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.213.0...v0.214.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 0f037096c..bbcb799d6 100644 --- a/go.mod +++ b/go.mod @@ -191,7 +191,7 @@ require ( go4.org v0.0.0-20200104003542-c7e774b10ea0 // indirect golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20240808152545-0cdaa3abc0fa // indirect - golang.org/x/net v0.32.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/sys v0.28.0 // indirect @@ -246,7 +246,7 @@ require ( github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 - google.golang.org/api v0.213.0 + google.golang.org/api v0.214.0 k8s.io/kubectl v0.32.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 ) diff --git a/go.sum b/go.sum index fe4a60915..b7607583c 100644 --- a/go.sum +++ b/go.sum @@ -647,8 +647,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI= -golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -707,8 +707,8 @@ golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSm golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.213.0 h1:KmF6KaDyFqB417T68tMPbVmmwtIXs2VB60OJKIHB0xQ= -google.golang.org/api v0.213.0/go.mod h1:V0T5ZhNUUNpYAlL306gFZPFt5F5D/IeyLoktduYYnvQ= +google.golang.org/api v0.214.0 h1:h2Gkq07OYi6kusGOaT/9rnNljuXmqPnaig7WGPmKbwA= +google.golang.org/api v0.214.0/go.mod h1:bYPpLG8AyeMWwDU6NXoB00xC0DFkikVvd5MfwoxjLqE= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 h1:pgr/4QbFyktUv9CtQ/Fq4gzEE6/Xs7iCXbktaGzLHbQ= From 7a7b4a21ca72032224995c8b2c16920c20759a4e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 14:22:05 -0600 Subject: [PATCH 58/63] Bump github.com/redhat-best-practices-for-k8s/certsuite-claim (#2664) Bumps [github.com/redhat-best-practices-for-k8s/certsuite-claim](https://github.com/redhat-best-practices-for-k8s/certsuite-claim) from 1.0.51 to 1.0.52. - [Release notes](https://github.com/redhat-best-practices-for-k8s/certsuite-claim/releases) - [Commits](https://github.com/redhat-best-practices-for-k8s/certsuite-claim/compare/v1.0.51...v1.0.52) --- updated-dependencies: - dependency-name: github.com/redhat-best-practices-for-k8s/certsuite-claim dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index bbcb799d6..324a831d0 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.23.4 require ( github.com/Masterminds/semver/v3 v3.3.1 - github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51 + github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52 github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/cobra v1.8.1 github.com/stretchr/testify v1.10.0 diff --git a/go.sum b/go.sum index b7607583c..191731feb 100644 --- a/go.sum +++ b/go.sum @@ -470,8 +470,8 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= -github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51 h1:ZcEEA0+7YHcRzrEf/LnhxHVerPHaW0f33J6PTZer2fA= -github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.51/go.mod h1:qIlDWD1vOMo/aZx5i+I0FrKUAp3iXV7waFBVET0q6Yo= +github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52 h1:lYegIlsbTrSJcKl5ArvB4A9H7MKJutjDhRlJWhPp+vs= +github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52/go.mod h1:0ffZ5t3Kk/6mJu0DhUrl3LSGzPXdFbZATiKcbOEhNHs= github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NVJo7gD0AFEp9y19cJ8WU= github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 h1:/M2L223DOvv/I4bb5ZFgqchN3vwRMnsa6fjaTd4XhUI= From a54f4db195ce62091808ec5d06b05310dfaaa773 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 14:22:14 -0600 Subject: [PATCH 59/63] Bump github.com/redhat-best-practices-for-k8s/privileged-daemonset (#2665) Bumps [github.com/redhat-best-practices-for-k8s/privileged-daemonset](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset) from 1.0.43 to 1.0.44. - [Release notes](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset/releases) - [Commits](https://github.com/redhat-best-practices-for-k8s/privileged-daemonset/compare/v1.0.43...v1.0.44) --- updated-dependencies: - dependency-name: github.com/redhat-best-practices-for-k8s/privileged-daemonset dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 324a831d0..fe7ba62f8 100644 --- a/go.mod +++ b/go.mod @@ -242,7 +242,7 @@ require ( github.com/k8snetworkplumbingwg/sriov-network-operator v1.4.0 github.com/manifoldco/promptui v0.9.0 github.com/redhat-best-practices-for-k8s/oct v0.0.29 - github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 + github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 github.com/robert-nix/ansihtml v1.0.1 golang.org/x/term v0.27.0 diff --git a/go.sum b/go.sum index 191731feb..2f7136ea4 100644 --- a/go.sum +++ b/go.sum @@ -474,8 +474,8 @@ github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52 h1:lYegIlsbTrSJ github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52/go.mod h1:0ffZ5t3Kk/6mJu0DhUrl3LSGzPXdFbZATiKcbOEhNHs= github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NVJo7gD0AFEp9y19cJ8WU= github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= -github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43 h1:/M2L223DOvv/I4bb5ZFgqchN3vwRMnsa6fjaTd4XhUI= -github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.43/go.mod h1:XVI9IK9DKYKz21XYxBcRYJMeN8Meily8meHOz1Yxcyw= +github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44 h1:mgD7WRZpC2xbS/5nqzRxsXeyaF04Y10OrQdFdVjf9Ek= +github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44/go.mod h1:XVI9IK9DKYKz21XYxBcRYJMeN8Meily8meHOz1Yxcyw= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 h1:zfL9KPgdJ5m0KuEUg283u2eQjJ++nm916W+dGj1cbRk= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7/go.mod h1:OfW8qqVJj2/rhgoC7unTiGDsLRwmKwaGAnHU5yaC3+k= github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5 h1:EaDatTxkdHG+U3Bk4EUr+DZ7fOGwTfezUiUJMaIcaho= From 154de22fe7920ca767c977e72175508e2c50d106 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:40:32 -0600 Subject: [PATCH 60/63] Bump github.com/redhat-best-practices-for-k8s/oct from 0.0.29 to 0.0.30 (#2666) Bumps [github.com/redhat-best-practices-for-k8s/oct](https://github.com/redhat-best-practices-for-k8s/oct) from 0.0.29 to 0.0.30. - [Release notes](https://github.com/redhat-best-practices-for-k8s/oct/releases) - [Commits](https://github.com/redhat-best-practices-for-k8s/oct/compare/v0.0.29...v0.0.30) --- updated-dependencies: - dependency-name: github.com/redhat-best-practices-for-k8s/oct dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index fe7ba62f8..628270442 100644 --- a/go.mod +++ b/go.mod @@ -241,7 +241,7 @@ require ( github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.7.5 github.com/k8snetworkplumbingwg/sriov-network-operator v1.4.0 github.com/manifoldco/promptui v0.9.0 - github.com/redhat-best-practices-for-k8s/oct v0.0.29 + github.com/redhat-best-practices-for-k8s/oct v0.0.30 github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 github.com/robert-nix/ansihtml v1.0.1 diff --git a/go.sum b/go.sum index 2f7136ea4..8f59a3455 100644 --- a/go.sum +++ b/go.sum @@ -472,8 +472,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52 h1:lYegIlsbTrSJcKl5ArvB4A9H7MKJutjDhRlJWhPp+vs= github.com/redhat-best-practices-for-k8s/certsuite-claim v1.0.52/go.mod h1:0ffZ5t3Kk/6mJu0DhUrl3LSGzPXdFbZATiKcbOEhNHs= -github.com/redhat-best-practices-for-k8s/oct v0.0.29 h1:NpS7W+jTflncjnMTXYKzt/NVJo7gD0AFEp9y19cJ8WU= -github.com/redhat-best-practices-for-k8s/oct v0.0.29/go.mod h1:jAVJkKvP2URy4oPwxARzYoUn8Zn7qYfWUD5+P4rywgw= +github.com/redhat-best-practices-for-k8s/oct v0.0.30 h1:XPCi2DiQXuGDB0CiBbcDWiSMcY73rlNsjZ0oJiHjqns= +github.com/redhat-best-practices-for-k8s/oct v0.0.30/go.mod h1:3/XMjlvc6uiGs5ShI4JWveN1+D3UxAgCiyH5Ib/ZZsE= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44 h1:mgD7WRZpC2xbS/5nqzRxsXeyaF04Y10OrQdFdVjf9Ek= github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44/go.mod h1:XVI9IK9DKYKz21XYxBcRYJMeN8Meily8meHOz1Yxcyw= github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 h1:zfL9KPgdJ5m0KuEUg283u2eQjJ++nm916W+dGj1cbRk= From 6d5397ddeb29af2f679f95d0254ea935cf020025 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 5 Jan 2025 20:27:21 +0200 Subject: [PATCH 61/63] Update RHCOS to OCP version map (#2668) Co-authored-by: sebrandon1 <4563082+sebrandon1@users.noreply.github.com> --- tests/platform/operatingsystem/files/rhcos_version_map | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/platform/operatingsystem/files/rhcos_version_map b/tests/platform/operatingsystem/files/rhcos_version_map index 8aa929316..0ea201d78 100644 --- a/tests/platform/operatingsystem/files/rhcos_version_map +++ b/tests/platform/operatingsystem/files/rhcos_version_map @@ -224,6 +224,7 @@ 4.12.69 / 412.86.202411061519-0 4.12.7 / 412.86.202303011010-0 4.12.70 / 412.86.202411270001-0 +4.12.71 / 412.86.202412201644-0 4.12.8 / 412.86.202303141242-0 4.12.9 / 412.86.202303211731-0 4.13.0 / 413.92.202305041429-0 @@ -343,6 +344,7 @@ 4.14.41 / 414.92.202411130444-0 4.14.42 / 414.92.202411260513-0 4.14.43 / 414.92.202412110121-0 +4.14.44 / 414.92.202412202114-0 4.14.5 / 414.92.202311281318-0 4.14.6 / 414.92.202312011602-0 4.14.7 / 414.92.202312132152-0 @@ -437,6 +439,7 @@ 4.16.26 / 416.94.202412040832-0 4.16.27 / 416.94.202412100237-0 4.16.28 / 416.94.202412170927-0 +4.16.29 / 416.94.202412301627-0 4.16.3 / 416.94.202407081958-0 4.16.4 / 416.94.202407171205-0 4.16.5 / 416.94.202407231922-0 @@ -457,6 +460,7 @@ 4.17.0-rc.6 / 417.94.202409121747-0 4.17.1 / 417.94.202410090854-0 4.17.10 / 417.94.202412180008-0 +4.17.11 / 417.94.202412250812-0 4.17.2 / 417.94.202410160352-0 4.17.3 / 417.94.202410211619-0 4.17.4 / 417.94.202411050056-0 From 3a8959f2aa49c85d0ebd80df148fb148ba79df5c Mon Sep 17 00:00:00 2001 From: David Rabkin Date: Mon, 6 Jan 2025 16:08:50 +0200 Subject: [PATCH 62/63] Update copyright years (#2669) --- cmd/certsuite/check/image_cert_status/image_cert_status.go | 2 +- cmd/certsuite/generate/feedback/feedback.go | 2 +- internal/results/doc.go | 2 +- internal/results/doc_test.go | 2 +- pkg/autodiscover/autodiscover_operators_test.go | 2 +- pkg/autodiscover/autodiscover_pdbs_test.go | 2 +- pkg/autodiscover/autodiscover_resources_test.go | 2 +- pkg/autodiscover/autodiscover_services.go | 2 +- pkg/autodiscover/autodiscover_services_test.go | 2 +- pkg/autodiscover/autodiscover_test.go | 2 +- pkg/autodiscover/constants.go | 2 +- pkg/compatibility/compatibility.go | 2 +- pkg/compatibility/compatibility_test.go | 2 +- pkg/diagnostics/diagnostics.go | 2 +- pkg/diagnostics/diagnostics_test.go | 2 +- pkg/postmortem/postmortem.go | 2 +- pkg/provider/containers_test.go | 2 +- pkg/provider/deployments.go | 2 +- pkg/provider/deployments_test.go | 2 +- pkg/provider/filters_test.go | 2 +- pkg/provider/isolation.go | 2 +- pkg/provider/statefulsets.go | 2 +- pkg/stringhelper/stringhelper.go | 2 +- pkg/stringhelper/stringhelper_test.go | 2 +- tests/accesscontrol/doc.go | 2 +- tests/accesscontrol/doc_test.go | 2 +- tests/accesscontrol/pidshelper_test.go | 2 +- tests/accesscontrol/suite_test.go | 2 +- tests/certification/doc.go | 2 +- tests/certification/doc_test.go | 2 +- tests/certification/suite_test.go | 2 +- tests/common/constant_test.go | 2 +- tests/common/doc.go | 2 +- tests/common/doc_test.go | 2 +- tests/common/env.go | 2 +- tests/common/env_test.go | 2 +- tests/common/rbac/roles_test.go | 2 +- tests/identifiers/doc.go | 2 +- tests/identifiers/doc_test.go | 2 +- tests/identifiers/exceptions.go | 2 +- tests/identifiers/exceptions_test.go | 2 +- tests/identifiers/remediation_test.go | 2 +- tests/lifecycle/doc.go | 2 +- tests/lifecycle/doc_test.go | 2 +- tests/lifecycle/podrecreation/podrecreation.go | 2 +- tests/lifecycle/podrecreation/podrecreation_test.go | 2 +- tests/lifecycle/podsets/podsets_test.go | 2 +- tests/lifecycle/scaling/crd_scaling_test.go | 2 +- tests/lifecycle/scaling/statefulset_scaling_test.go | 2 +- tests/lifecycle/suite_test.go | 2 +- tests/lifecycle/tolerations/tolerations.go | 2 +- tests/lifecycle/tolerations/tolerations_test.go | 2 +- tests/lifecycle/volumes/volumes.go | 2 +- tests/lifecycle/volumes/volumes_test.go | 2 +- tests/manageability/suite_test.go | 2 +- tests/networking/doc.go | 2 +- tests/networking/doc_test.go | 2 +- tests/networking/netcommons/netcommons_test.go | 2 +- tests/networking/netutil/netutil_test.go | 2 +- tests/networking/services/services.go | 2 +- tests/networking/services/services_test.go | 2 +- tests/networking/suite_test.go | 2 +- tests/observability/doc.go | 2 +- tests/observability/doc_test.go | 2 +- tests/observability/suite_test.go | 2 +- tests/operator/phasecheck/phasecheck.go | 2 +- tests/operator/phasecheck/phasecheck_test.go | 2 +- tests/operator/suite_test.go | 2 +- tests/performance/suite_test.go | 2 +- tests/platform/bootparams/bootparams.go | 2 +- tests/platform/bootparams/bootparams_test.go | 2 +- tests/platform/doc.go | 2 +- tests/platform/doc_test.go | 2 +- tests/platform/isredhat/isredhat.go | 2 +- tests/platform/isredhat/isredhat_test.go | 2 +- tests/platform/nodetainted/nodetainted.go | 2 +- tests/platform/nodetainted/nodetainted_test.go | 2 +- tests/platform/operatingsystem/operatingsystem.go | 2 +- tests/platform/operatingsystem/operatingsystem_test.go | 2 +- tests/platform/suite_test.go | 2 +- tests/platform/sysctlconfig/sysctlconfig.go | 2 +- tests/platform/sysctlconfig/sysctlconfig_test.go | 2 +- tests/preflight/suite_test.go | 2 +- 83 files changed, 83 insertions(+), 83 deletions(-) diff --git a/cmd/certsuite/check/image_cert_status/image_cert_status.go b/cmd/certsuite/check/image_cert_status/image_cert_status.go index db939b4e1..7b8a51e08 100644 --- a/cmd/certsuite/check/image_cert_status/image_cert_status.go +++ b/cmd/certsuite/check/image_cert_status/image_cert_status.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/cmd/certsuite/generate/feedback/feedback.go b/cmd/certsuite/generate/feedback/feedback.go index 1b17c58a2..e8c080afa 100644 --- a/cmd/certsuite/generate/feedback/feedback.go +++ b/cmd/certsuite/generate/feedback/feedback.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/internal/results/doc.go b/internal/results/doc.go index 67461c9da..9b1c08ff2 100644 --- a/internal/results/doc.go +++ b/internal/results/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2022 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/internal/results/doc_test.go b/internal/results/doc_test.go index 67461c9da..9b1c08ff2 100644 --- a/internal/results/doc_test.go +++ b/internal/results/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2022 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/autodiscover_operators_test.go b/pkg/autodiscover/autodiscover_operators_test.go index 8c5af87b3..2c6969e10 100644 --- a/pkg/autodiscover/autodiscover_operators_test.go +++ b/pkg/autodiscover/autodiscover_operators_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2023 Red Hat, Inc. +// Copyright (C) 2023-2024 Red Hat, Inc. package autodiscover diff --git a/pkg/autodiscover/autodiscover_pdbs_test.go b/pkg/autodiscover/autodiscover_pdbs_test.go index 7f0ef86d9..d6e424927 100644 --- a/pkg/autodiscover/autodiscover_pdbs_test.go +++ b/pkg/autodiscover/autodiscover_pdbs_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/autodiscover_resources_test.go b/pkg/autodiscover/autodiscover_resources_test.go index 7eefcb552..60a4d43fa 100644 --- a/pkg/autodiscover/autodiscover_resources_test.go +++ b/pkg/autodiscover/autodiscover_resources_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/autodiscover_services.go b/pkg/autodiscover/autodiscover_services.go index a50b3d556..d7370e875 100644 --- a/pkg/autodiscover/autodiscover_services.go +++ b/pkg/autodiscover/autodiscover_services.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/autodiscover_services_test.go b/pkg/autodiscover/autodiscover_services_test.go index 80dfa0ecd..bd9242c90 100644 --- a/pkg/autodiscover/autodiscover_services_test.go +++ b/pkg/autodiscover/autodiscover_services_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/autodiscover_test.go b/pkg/autodiscover/autodiscover_test.go index 3eba44d13..de9753d88 100644 --- a/pkg/autodiscover/autodiscover_test.go +++ b/pkg/autodiscover/autodiscover_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/autodiscover/constants.go b/pkg/autodiscover/constants.go index 641f34698..4823ea716 100644 --- a/pkg/autodiscover/constants.go +++ b/pkg/autodiscover/constants.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/compatibility/compatibility.go b/pkg/compatibility/compatibility.go index 47fe698bf..db16bbbac 100644 --- a/pkg/compatibility/compatibility.go +++ b/pkg/compatibility/compatibility.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/compatibility/compatibility_test.go b/pkg/compatibility/compatibility_test.go index d717ed14e..a475936ef 100644 --- a/pkg/compatibility/compatibility_test.go +++ b/pkg/compatibility/compatibility_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/diagnostics/diagnostics.go b/pkg/diagnostics/diagnostics.go index 507e3d249..2741a3fde 100644 --- a/pkg/diagnostics/diagnostics.go +++ b/pkg/diagnostics/diagnostics.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2023 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/diagnostics/diagnostics_test.go b/pkg/diagnostics/diagnostics_test.go index aba92734a..63a04cc4e 100644 --- a/pkg/diagnostics/diagnostics_test.go +++ b/pkg/diagnostics/diagnostics_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2023 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/postmortem/postmortem.go b/pkg/postmortem/postmortem.go index 874b45960..c957ee488 100644 --- a/pkg/postmortem/postmortem.go +++ b/pkg/postmortem/postmortem.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/containers_test.go b/pkg/provider/containers_test.go index dd66487c9..4b9b95794 100644 --- a/pkg/provider/containers_test.go +++ b/pkg/provider/containers_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/deployments.go b/pkg/provider/deployments.go index 6c7859630..68377ac34 100644 --- a/pkg/provider/deployments.go +++ b/pkg/provider/deployments.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/deployments_test.go b/pkg/provider/deployments_test.go index 0af1eb69a..7e03ad1ec 100644 --- a/pkg/provider/deployments_test.go +++ b/pkg/provider/deployments_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/filters_test.go b/pkg/provider/filters_test.go index 0efa0a2f2..a4ddc740f 100644 --- a/pkg/provider/filters_test.go +++ b/pkg/provider/filters_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/isolation.go b/pkg/provider/isolation.go index 0febd960d..5e9524375 100644 --- a/pkg/provider/isolation.go +++ b/pkg/provider/isolation.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/provider/statefulsets.go b/pkg/provider/statefulsets.go index 1c78631c0..74da595e8 100644 --- a/pkg/provider/statefulsets.go +++ b/pkg/provider/statefulsets.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/stringhelper/stringhelper.go b/pkg/stringhelper/stringhelper.go index 9fb64f857..c809ebf72 100644 --- a/pkg/stringhelper/stringhelper.go +++ b/pkg/stringhelper/stringhelper.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/pkg/stringhelper/stringhelper_test.go b/pkg/stringhelper/stringhelper_test.go index 05bd18ef8..7647fe735 100644 --- a/pkg/stringhelper/stringhelper_test.go +++ b/pkg/stringhelper/stringhelper_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/accesscontrol/doc.go b/tests/accesscontrol/doc.go index 55ef913f1..aa5b0801b 100644 --- a/tests/accesscontrol/doc.go +++ b/tests/accesscontrol/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/accesscontrol/doc_test.go b/tests/accesscontrol/doc_test.go index 55ef913f1..aa5b0801b 100644 --- a/tests/accesscontrol/doc_test.go +++ b/tests/accesscontrol/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/accesscontrol/pidshelper_test.go b/tests/accesscontrol/pidshelper_test.go index 3146f95ec..11197056d 100644 --- a/tests/accesscontrol/pidshelper_test.go +++ b/tests/accesscontrol/pidshelper_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/accesscontrol/suite_test.go b/tests/accesscontrol/suite_test.go index 6b54ada21..95f684a64 100644 --- a/tests/accesscontrol/suite_test.go +++ b/tests/accesscontrol/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/certification/doc.go b/tests/certification/doc.go index 1225d7094..9fabea16f 100644 --- a/tests/certification/doc.go +++ b/tests/certification/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/certification/doc_test.go b/tests/certification/doc_test.go index 1225d7094..9fabea16f 100644 --- a/tests/certification/doc_test.go +++ b/tests/certification/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/certification/suite_test.go b/tests/certification/suite_test.go index a099bc3f6..8d100296b 100644 --- a/tests/certification/suite_test.go +++ b/tests/certification/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/constant_test.go b/tests/common/constant_test.go index 30631e7eb..a63809b48 100644 --- a/tests/common/constant_test.go +++ b/tests/common/constant_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/doc.go b/tests/common/doc.go index c306011ef..9983be2c7 100644 --- a/tests/common/doc.go +++ b/tests/common/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/doc_test.go b/tests/common/doc_test.go index c306011ef..9983be2c7 100644 --- a/tests/common/doc_test.go +++ b/tests/common/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/env.go b/tests/common/env.go index 18b0c9beb..57cadf57a 100644 --- a/tests/common/env.go +++ b/tests/common/env.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/env_test.go b/tests/common/env_test.go index 30631e7eb..a63809b48 100644 --- a/tests/common/env_test.go +++ b/tests/common/env_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/common/rbac/roles_test.go b/tests/common/rbac/roles_test.go index d281c8bff..066b03317 100644 --- a/tests/common/rbac/roles_test.go +++ b/tests/common/rbac/roles_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/identifiers/doc.go b/tests/identifiers/doc.go index 03d7d692b..2cfad6da1 100644 --- a/tests/identifiers/doc.go +++ b/tests/identifiers/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2022 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/identifiers/doc_test.go b/tests/identifiers/doc_test.go index 03d7d692b..2cfad6da1 100644 --- a/tests/identifiers/doc_test.go +++ b/tests/identifiers/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2022 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/identifiers/exceptions.go b/tests/identifiers/exceptions.go index cdfebead6..639e81298 100644 --- a/tests/identifiers/exceptions.go +++ b/tests/identifiers/exceptions.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/identifiers/exceptions_test.go b/tests/identifiers/exceptions_test.go index e7536bddc..52a3de65f 100644 --- a/tests/identifiers/exceptions_test.go +++ b/tests/identifiers/exceptions_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/identifiers/remediation_test.go b/tests/identifiers/remediation_test.go index e7536bddc..52a3de65f 100644 --- a/tests/identifiers/remediation_test.go +++ b/tests/identifiers/remediation_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/doc.go b/tests/lifecycle/doc.go index 1d197a6b8..aa031ba08 100644 --- a/tests/lifecycle/doc.go +++ b/tests/lifecycle/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/doc_test.go b/tests/lifecycle/doc_test.go index 1d197a6b8..aa031ba08 100644 --- a/tests/lifecycle/doc_test.go +++ b/tests/lifecycle/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/podrecreation/podrecreation.go b/tests/lifecycle/podrecreation/podrecreation.go index 3fea9cc87..52abacb25 100644 --- a/tests/lifecycle/podrecreation/podrecreation.go +++ b/tests/lifecycle/podrecreation/podrecreation.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/podrecreation/podrecreation_test.go b/tests/lifecycle/podrecreation/podrecreation_test.go index e863789b3..61493b790 100644 --- a/tests/lifecycle/podrecreation/podrecreation_test.go +++ b/tests/lifecycle/podrecreation/podrecreation_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/podsets/podsets_test.go b/tests/lifecycle/podsets/podsets_test.go index 9b0c0505a..aea80adfd 100644 --- a/tests/lifecycle/podsets/podsets_test.go +++ b/tests/lifecycle/podsets/podsets_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/scaling/crd_scaling_test.go b/tests/lifecycle/scaling/crd_scaling_test.go index 73ff6de77..35af5da69 100644 --- a/tests/lifecycle/scaling/crd_scaling_test.go +++ b/tests/lifecycle/scaling/crd_scaling_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/scaling/statefulset_scaling_test.go b/tests/lifecycle/scaling/statefulset_scaling_test.go index ff3618eb7..5ce5e5894 100644 --- a/tests/lifecycle/scaling/statefulset_scaling_test.go +++ b/tests/lifecycle/scaling/statefulset_scaling_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/suite_test.go b/tests/lifecycle/suite_test.go index 1f8d9f269..fb58a608c 100644 --- a/tests/lifecycle/suite_test.go +++ b/tests/lifecycle/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/tolerations/tolerations.go b/tests/lifecycle/tolerations/tolerations.go index c0a21c7a5..f44cd845e 100644 --- a/tests/lifecycle/tolerations/tolerations.go +++ b/tests/lifecycle/tolerations/tolerations.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/tolerations/tolerations_test.go b/tests/lifecycle/tolerations/tolerations_test.go index 687716281..8298af00e 100644 --- a/tests/lifecycle/tolerations/tolerations_test.go +++ b/tests/lifecycle/tolerations/tolerations_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/volumes/volumes.go b/tests/lifecycle/volumes/volumes.go index 080184c90..1026b7a22 100644 --- a/tests/lifecycle/volumes/volumes.go +++ b/tests/lifecycle/volumes/volumes.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/lifecycle/volumes/volumes_test.go b/tests/lifecycle/volumes/volumes_test.go index 8f874b238..30c039150 100644 --- a/tests/lifecycle/volumes/volumes_test.go +++ b/tests/lifecycle/volumes/volumes_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/manageability/suite_test.go b/tests/manageability/suite_test.go index 38131c4a2..6287cde35 100644 --- a/tests/manageability/suite_test.go +++ b/tests/manageability/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/doc.go b/tests/networking/doc.go index daab51ff8..f4204d769 100644 --- a/tests/networking/doc.go +++ b/tests/networking/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/doc_test.go b/tests/networking/doc_test.go index daab51ff8..f4204d769 100644 --- a/tests/networking/doc_test.go +++ b/tests/networking/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/netcommons/netcommons_test.go b/tests/networking/netcommons/netcommons_test.go index b6b92fcdd..83d2e06b0 100644 --- a/tests/networking/netcommons/netcommons_test.go +++ b/tests/networking/netcommons/netcommons_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/netutil/netutil_test.go b/tests/networking/netutil/netutil_test.go index f7635b526..ad3e608c7 100644 --- a/tests/networking/netutil/netutil_test.go +++ b/tests/networking/netutil/netutil_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/services/services.go b/tests/networking/services/services.go index 159c0374c..c261a5430 100644 --- a/tests/networking/services/services.go +++ b/tests/networking/services/services.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/services/services_test.go b/tests/networking/services/services_test.go index a02dac987..7f4da1c9a 100644 --- a/tests/networking/services/services_test.go +++ b/tests/networking/services/services_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/networking/suite_test.go b/tests/networking/suite_test.go index d16dda924..82dbb3664 100644 --- a/tests/networking/suite_test.go +++ b/tests/networking/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/observability/doc.go b/tests/observability/doc.go index eeea9e484..283db6d84 100644 --- a/tests/observability/doc.go +++ b/tests/observability/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/observability/doc_test.go b/tests/observability/doc_test.go index eeea9e484..283db6d84 100644 --- a/tests/observability/doc_test.go +++ b/tests/observability/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/observability/suite_test.go b/tests/observability/suite_test.go index 6b92790fb..883e45e96 100644 --- a/tests/observability/suite_test.go +++ b/tests/observability/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2025 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/operator/phasecheck/phasecheck.go b/tests/operator/phasecheck/phasecheck.go index fe25f9840..640424bcf 100644 --- a/tests/operator/phasecheck/phasecheck.go +++ b/tests/operator/phasecheck/phasecheck.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/operator/phasecheck/phasecheck_test.go b/tests/operator/phasecheck/phasecheck_test.go index 1b4a0de43..0260dbf40 100644 --- a/tests/operator/phasecheck/phasecheck_test.go +++ b/tests/operator/phasecheck/phasecheck_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/operator/suite_test.go b/tests/operator/suite_test.go index c56a13b8b..1c688eaba 100644 --- a/tests/operator/suite_test.go +++ b/tests/operator/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/performance/suite_test.go b/tests/performance/suite_test.go index 7a4f8e98f..fe9b24e6d 100644 --- a/tests/performance/suite_test.go +++ b/tests/performance/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/bootparams/bootparams.go b/tests/platform/bootparams/bootparams.go index 46644d886..7063d71c5 100644 --- a/tests/platform/bootparams/bootparams.go +++ b/tests/platform/bootparams/bootparams.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/bootparams/bootparams_test.go b/tests/platform/bootparams/bootparams_test.go index 46c78270c..29fbcd3a4 100644 --- a/tests/platform/bootparams/bootparams_test.go +++ b/tests/platform/bootparams/bootparams_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/doc.go b/tests/platform/doc.go index 9b2d9e2fa..22732d637 100644 --- a/tests/platform/doc.go +++ b/tests/platform/doc.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/doc_test.go b/tests/platform/doc_test.go index 9b2d9e2fa..22732d637 100644 --- a/tests/platform/doc_test.go +++ b/tests/platform/doc_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/isredhat/isredhat.go b/tests/platform/isredhat/isredhat.go index 8adf2d364..2f70fa4d5 100644 --- a/tests/platform/isredhat/isredhat.go +++ b/tests/platform/isredhat/isredhat.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2023 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/isredhat/isredhat_test.go b/tests/platform/isredhat/isredhat_test.go index a8eaddb06..ac9b6cc7a 100644 --- a/tests/platform/isredhat/isredhat_test.go +++ b/tests/platform/isredhat/isredhat_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/nodetainted/nodetainted.go b/tests/platform/nodetainted/nodetainted.go index fdb06bae2..be2a95082 100644 --- a/tests/platform/nodetainted/nodetainted.go +++ b/tests/platform/nodetainted/nodetainted.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2023 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/nodetainted/nodetainted_test.go b/tests/platform/nodetainted/nodetainted_test.go index 57b094e60..c2d1f54f0 100644 --- a/tests/platform/nodetainted/nodetainted_test.go +++ b/tests/platform/nodetainted/nodetainted_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021-2023 Red Hat, Inc. +// Copyright (C) 2021-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/operatingsystem/operatingsystem.go b/tests/platform/operatingsystem/operatingsystem.go index 96eaa84f4..d005f089e 100644 --- a/tests/platform/operatingsystem/operatingsystem.go +++ b/tests/platform/operatingsystem/operatingsystem.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/operatingsystem/operatingsystem_test.go b/tests/platform/operatingsystem/operatingsystem_test.go index 266375383..027eb6a9f 100644 --- a/tests/platform/operatingsystem/operatingsystem_test.go +++ b/tests/platform/operatingsystem/operatingsystem_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/suite_test.go b/tests/platform/suite_test.go index ea1515b0b..f19850eba 100644 --- a/tests/platform/suite_test.go +++ b/tests/platform/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/sysctlconfig/sysctlconfig.go b/tests/platform/sysctlconfig/sysctlconfig.go index ed122530f..f135692e1 100644 --- a/tests/platform/sysctlconfig/sysctlconfig.go +++ b/tests/platform/sysctlconfig/sysctlconfig.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/platform/sysctlconfig/sysctlconfig_test.go b/tests/platform/sysctlconfig/sysctlconfig_test.go index cecc3febe..dfb525714 100644 --- a/tests/platform/sysctlconfig/sysctlconfig_test.go +++ b/tests/platform/sysctlconfig/sysctlconfig_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2020-2022 Red Hat, Inc. +// Copyright (C) 2020-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by diff --git a/tests/preflight/suite_test.go b/tests/preflight/suite_test.go index 3d972c8d1..a80da65ad 100644 --- a/tests/preflight/suite_test.go +++ b/tests/preflight/suite_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2022-2023 Red Hat, Inc. +// Copyright (C) 2022-2024 Red Hat, Inc. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by From 40c417435356c292265777d4a0a2b6374dd1154a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Jan 2025 00:12:17 +0200 Subject: [PATCH 63/63] Bump golang.org/x/term from 0.27.0 to 0.28.0 (#2670) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.27.0 to 0.28.0. - [Commits](https://github.com/golang/term/compare/v0.27.0...v0.28.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 628270442..fa6c1a0d1 100644 --- a/go.mod +++ b/go.mod @@ -194,7 +194,7 @@ require ( golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sync v0.10.0 // indirect - golang.org/x/sys v0.28.0 // indirect + golang.org/x/sys v0.29.0 // indirect golang.org/x/text v0.21.0 // indirect golang.org/x/time v0.8.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect @@ -245,7 +245,7 @@ require ( github.com/redhat-best-practices-for-k8s/privileged-daemonset v1.0.44 github.com/redhat-openshift-ecosystem/openshift-preflight v0.0.0-20241211152839-f787b66d23c7 github.com/robert-nix/ansihtml v1.0.1 - golang.org/x/term v0.27.0 + golang.org/x/term v0.28.0 google.golang.org/api v0.214.0 k8s.io/kubectl v0.32.0 k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 diff --git a/go.sum b/go.sum index 8f59a3455..8fae69b48 100644 --- a/go.sum +++ b/go.sum @@ -677,13 +677,13 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= -golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= +golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=