diff --git a/.github/workflows/00-pr-scanner.yaml b/.github/workflows/00-pr-scanner.yaml index 0ea3a234..e48d4773 100644 --- a/.github/workflows/00-pr-scanner.yaml +++ b/.github/workflows/00-pr-scanner.yaml @@ -23,6 +23,7 @@ jobs: pr-scanner: permissions: actions: read + artifact-metadata: read attestations: read checks: read contents: write @@ -37,7 +38,6 @@ jobs: repository-projects: read security-events: read statuses: read - artifact-metadata: read uses: ./.github/workflows/a-pr-scanner.yaml with: RELEASE: "" diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 62008406..0863e7a1 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -36,7 +36,6 @@ builds: - arm64 ldflags: - -s -w - - -X "github.com/kubescape/kubescape/v3/core/cautils.BuildNumber={{.Env.RELEASE}}" - -X "github.com/kubescape/kubescape/v3/core/cautils.Client={{.Env.CLIENT}}" hooks: post: diff --git a/core/cautils/buildinfo.go b/core/cautils/buildinfo.go index 3536b2eb..7b78a296 100644 --- a/core/cautils/buildinfo.go +++ b/core/cautils/buildinfo.go @@ -2,19 +2,25 @@ package cautils import ( "os" + "runtime/debug" "github.com/kubescape/backend/pkg/versioncheck" ) -var BuildNumber string var Client string func init() { - if BuildNumber != "" { - versioncheck.BuildNumber = BuildNumber - } else { + // Try to get version from build info (Go 1.24+ automatically populates this from VCS tags) + if info, ok := debug.ReadBuildInfo(); ok && info.Main.Version != "" && info.Main.Version != "(devel)" { + versioncheck.BuildNumber = info.Main.Version + } + + // Fallback to RELEASE environment variable + if versioncheck.BuildNumber == "" { versioncheck.BuildNumber = os.Getenv("RELEASE") } + + // Client is typically set via ldflags: -X "github.com/kubescape/kubescape/v3/core/cautils.Client=..." if Client != "" { versioncheck.Client = Client }