From e73bdc7fbd88dfa2a7baea656faee1446e3c4e14 Mon Sep 17 00:00:00 2001 From: cpanato Date: Wed, 9 Oct 2024 19:06:21 +0200 Subject: [PATCH] update go to 1.22.8 Signed-off-by: cpanato --- .github/workflows/golangci-lint.yml | 4 ++-- .github/workflows/validate-release.yml | 32 +++++++++++--------------- .golangci.yml | 3 +++ go.mod | 2 +- release/cloudbuild.yaml | 8 +++---- 5 files changed, 23 insertions(+), 26 deletions(-) diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 71ad28e110d0..b06769086d49 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -39,7 +39,7 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 with: - version: v1.60 + version: v1.61 args: --timeout=5m golangci-test-e2e: @@ -58,5 +58,5 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 with: - version: v1.60 + version: v1.61 args: --timeout=5m --build-tags e2e ./test diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5facf2f14214..29ea0eb41a13 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -26,14 +26,14 @@ jobs: check-signature: runs-on: ubuntu-latest container: - image: ghcr.io/sigstore/cosign/cosign:v2.4.0-dev@sha256:a97b592b9f73390edcd6ceb5799a62513a906cbdffcdc63f53585910c71b0708 + image: ghcr.io/sigstore/cosign/cosign:v2.4.1-dev@sha256:a1bb112f1758703aa1d222bf30b9655d04cf196c0b7feaf3479d1222c2283590 steps: - name: Check Signature run: | - cosign verify ghcr.io/gythialy/golang-cross:v1.22.7-0@sha256:cb23bfe5773191f1ccc9d60fb73392d5ffc87257e2e019ffe81edb8b352a5284 \ + cosign verify ghcr.io/gythialy/golang-cross:v1.22.8-0@sha256:569ecf9d1edc0bc8eeb7914946d08e83ec8c50c8d8cfe25bc0cac93775157abd \ --certificate-oidc-issuer https://token.actions.githubusercontent.com \ - --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.22.7-0" + --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.22.8-0" env: TUF_ROOT: /tmp @@ -43,7 +43,7 @@ jobs: - check-signature container: - image: ghcr.io/gythialy/golang-cross:v1.22.7-0@sha256:cb23bfe5773191f1ccc9d60fb73392d5ffc87257e2e019ffe81edb8b352a5284 + image: ghcr.io/gythialy/golang-cross:v1.22.8-0@sha256:569ecf9d1edc0bc8eeb7914946d08e83ec8c50c8d8cfe25bc0cac93775157abd volumes: - /usr:/host_usr - /opt:/host_opt @@ -67,22 +67,16 @@ jobs: # Related to https://github.com/sigstore/cosign/issues/3149 # note this runs from within the golang-cross container, so if we want to free up space # on the host, we have to reach through the bind mounts to clean up unused content on the runners - - name: free up disk space for the release + - name: Free up runner disk space run: | - rm -rf /host_usr/share/dotnet || true - rm -rf /host_usr/share/swift || true - rm -rf /host_usr/local/lib/android || true - rm -rf /host_usr/local/.ghcup || true - rm -rf /host_usr/local/graalvm/ || true - rm -rf /host_usr/local/share/powershell || true - rm -rf /host_usr/local/share/chromium || true - rm -rf /host_usr/local/lib/node_modules || true - rm -rf /host_usr/lib/google-cloud-sdk || true - rm -rf /host_usr/local/share/boost || true - rm -rf /host_opt/hostedtoolcache/ || true - rm -rf /host_opt/ghc || true - - name: check disk space - run: df -h + set -x + printf "==> Available space before cleanup\n" + df -h + rm -rf /usr/share/dotnet + rm -rf "$AGENT_TOOLSDIRECTORY" + + printf "==> Available space after cleanup\n" + df -h - name: goreleaser snapshot run: make snapshot diff --git a/.golangci.yml b/.golangci.yml index 0c11ef40e403..9e3e267bede4 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -42,6 +42,9 @@ linters-settings: - 'os\.Getenv.*' - 'os\.LookupEnv.*' exclude-godoc-examples: false + gosec: + excludes: + - G115 # integer overflow conversion int64 -> uint64 output: uniq-by-line: false issues: diff --git a/go.mod b/go.mod index 87ec4ed115be..0257a546a4bc 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/sigstore/cosign/v2 -go 1.22.7 +go 1.22.8 require ( cuelang.org/go v0.9.2 diff --git a/release/cloudbuild.yaml b/release/cloudbuild.yaml index 6570cde08093..6875d91e62df 100644 --- a/release/cloudbuild.yaml +++ b/release/cloudbuild.yaml @@ -32,20 +32,20 @@ steps: echo "Checking out ${_GIT_TAG}" git checkout ${_GIT_TAG} - - name: 'ghcr.io/sigstore/cosign/cosign:v2.4.0-dev@sha256:a97b592b9f73390edcd6ceb5799a62513a906cbdffcdc63f53585910c71b0708' + - name: 'ghcr.io/sigstore/cosign/cosign:v2.4.1-dev@sha256:a1bb112f1758703aa1d222bf30b9655d04cf196c0b7feaf3479d1222c2283590' dir: "go/src/sigstore/cosign" env: - TUF_ROOT=/tmp args: - 'verify' - - 'ghcr.io/gythialy/golang-cross:v1.22.7-0@sha256:cb23bfe5773191f1ccc9d60fb73392d5ffc87257e2e019ffe81edb8b352a5284' + - 'ghcr.io/gythialy/golang-cross:v1.22.8-0@sha256:569ecf9d1edc0bc8eeb7914946d08e83ec8c50c8d8cfe25bc0cac93775157abd' - '--certificate-oidc-issuer' - "https://token.actions.githubusercontent.com" - '--certificate-identity' - "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.22.7-0" # maybe we can build our own image and use that to be more in a safe side - - name: ghcr.io/gythialy/golang-cross:v1.22.7-0@sha256:cb23bfe5773191f1ccc9d60fb73392d5ffc87257e2e019ffe81edb8b352a5284 + - name: ghcr.io/gythialy/golang-cross:v1.22.8-0@sha256:569ecf9d1edc0bc8eeb7914946d08e83ec8c50c8d8cfe25bc0cac93775157abd entrypoint: /bin/sh dir: "go/src/sigstore/cosign" env: @@ -68,7 +68,7 @@ steps: gcloud auth configure-docker \ && make release - - name: ghcr.io/gythialy/golang-cross:v1.22.7-0@sha256:cb23bfe5773191f1ccc9d60fb73392d5ffc87257e2e019ffe81edb8b352a5284 + - name: ghcr.io/gythialy/golang-cross:v1.22.8-0@sha256:569ecf9d1edc0bc8eeb7914946d08e83ec8c50c8d8cfe25bc0cac93775157abd entrypoint: 'bash' dir: "go/src/sigstore/cosign" env: