Merge pull request #1672 from kubescape/bumpsyft

fix go.mod for httphandler
2026-03-03 02:00:27 +00:00 · 2024-04-30 11:16:12 +03:00 · 2024-04-30 09:57:29 +02:00 · 2024-04-30 10:28:22 +03:00 · 2024-04-30 10:27:23 +03:00 · 2024-04-30 10:23:48 +03:00
5 changed files with 15 additions and 6 deletions
--- a/.github/workflows/00-pr-scanner.yaml
+++ b/.github/workflows/00-pr-scanner.yaml
@@ -34,6 +34,7 @@ jobs:
      repository-projects: read
      security-events: read
      statuses: read
+      attestations: read
    uses: ./.github/workflows/a-pr-scanner.yaml
    with:
      RELEASE: ""
@@ -58,6 +59,7 @@ jobs:
      repository-projects: read
      security-events: read
      statuses: read
+      attestations: read
    uses: ./.github/workflows/b-binary-build-and-e2e-tests.yaml
    with:
      COMPONENT_NAME: kubescape
--- a/.github/workflows/02-release.yaml
+++ b/.github/workflows/02-release.yaml
@@ -30,6 +30,7 @@ jobs:
      repository-projects: read
      security-events: read
      statuses: read
+      attestations: write
    needs: [retag]
    uses: ./.github/workflows/b-binary-build-and-e2e-tests.yaml
    with:
@@ -55,6 +56,7 @@ jobs:
      repository-projects: read
      statuses: read
      security-events: read
+      attestations: read
    needs: [retag, binary-build]
    uses: ./.github/workflows/c-create-release.yaml
    with:
@@ -77,6 +79,7 @@ jobs:
      repository-projects: read
      security-events: read
      statuses: read
+      attestations: read
    uses: ./.github/workflows/d-publish-image.yaml
    needs: [create-release, retag]
    with:
@@ -86,3 +89,4 @@ jobs:
      support_platforms: true
      cosign: true
    secrets: inherit
+   
--- a/.github/workflows/b-binary-build-and-e2e-tests.yaml
+++ b/.github/workflows/b-binary-build-and-e2e-tests.yaml
@@ -75,7 +75,7 @@ jobs:
          SECRET_KEY: ${{ secrets.SECRET_KEY_PROD }}
          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
-        run: "echo \"is-secret-set=${{ env.CUSTOMER != '' && \n                        env.USERNAME != '' &&\n                        env.PASSWORD != '' &&\n                        env.CLIENT_ID != '' &&\n                        env.SECRET_KEY != '' &&\n                        env.REGISTRY_USERNAME != '' &&\n                        env.REGISTRY_PASSWORD != ''\n                      }}\" >> $GITHUB_OUTPUT\n"
+        run: "echo \"is-secret-set=${{ env.CUSTOMER != '' && env.USERNAME != '' && env.PASSWORD != '' && env.CLIENT_ID != '' && env.SECRET_KEY != '' && env.REGISTRY_USERNAME != '' && env.REGISTRY_PASSWORD != '' }}\" >> $GITHUB_OUTPUT\n"

      - id: export_tests_to_env
        name: set test name
@@ -290,5 +290,6 @@ jobs:
        uses: mikepenz/action-junit-report@6e9933f4a97f4d2b99acef4d7b97924466037882 # ratchet:mikepenz/action-junit-report@v3.6.1
        if: always() # always run even if the previous step fails
        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
          report_paths: '**/results_xml_format/**.xml'
          commit: ${{github.event.workflow_run.head_sha}}
--- a/httphandler/go.mod
+++ b/httphandler/go.mod
@@ -179,7 +179,7 @@ require (
 	github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
 	github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/distribution/distribution v2.8.3+incompatible // indirect
+	github.com/distribution/distribution v2.8.2+incompatible // indirect
 	github.com/distribution/reference v0.6.0 // indirect
 	github.com/docker/cli v26.1.0+incompatible // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
@@ -498,3 +498,5 @@ replace github.com/olekukonko/tablewriter => github.com/kubescape/tablewriter v0

 // TODO(anubhav06): Remove this once we have a release of copacetic with the support for patching kubescape image scan results.
 replace github.com/project-copacetic/copacetic => github.com/anubhav06/copacetic v0.0.0-20230821175613-0a7915a62e10
+
+replace github.com/docker/distribution v2.8.3+incompatible => github.com/docker/distribution v2.8.2+incompatible
--- a/httphandler/go.sum
+++ b/httphandler/go.sum
@@ -627,16 +627,16 @@ github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 h1:lxmTCgmHE1G
 github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7/go.mod h1:GvWntX9qiTlOud0WkQ6ewFm0LPy5JUR1Xo0Ngbd1w6Y=
 github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
-github.com/distribution/distribution v2.8.3+incompatible h1:RlpEXBLq/WPXYvBYMDAmBX/SnhD67qwtvW/DzKc8pAo=
-github.com/distribution/distribution v2.8.3+incompatible/go.mod h1:EgLm2NgWtdKgzF9NpMzUKgzmR7AMmb0VQi2B+ZzDRjc=
+github.com/distribution/distribution v2.8.2+incompatible h1:k9+4DKdOG+quPFZXT/mUsiQrGu9vYCp+dXpuPkuqhk8=
+github.com/distribution/distribution v2.8.2+incompatible/go.mod h1:EgLm2NgWtdKgzF9NpMzUKgzmR7AMmb0VQi2B+ZzDRjc=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
 github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
 github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
 github.com/docker/cli v26.1.0+incompatible h1:+nwRy8Ocd8cYNQ60mozDDICICD8aoFGtlPXifX/UQ3Y=
 github.com/docker/cli v26.1.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
-github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
-github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
+github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v26.1.0+incompatible h1:W1G9MPNbskA6VZWL7b3ZljTh0pXI68FpINx0GKaOdaM=
 github.com/docker/docker v26.1.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8=
Author	SHA1	Message	Date
David Wertenteil	effc57dfda	Merge pull request #1672 from kubescape/bumpsyft fix go.mod for httphandler	2024-04-30 11:16:12 +03:00
Matthias Bertschy	4b5c2dfed4	fix go.mod for httphandler Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-04-30 09:57:29 +02:00
David Wertenteil	f39d4efd62	Merge pull request #1671 from kubescape/fix/wf-permissions update permissions	2024-04-30 10:28:22 +03:00
David Wertenteil	97ce466fbd	update permissions Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 10:27:23 +03:00
David Wertenteil	a94dc85e14	Merge pull request #1670 from kubescape/fix/wf-permissions Adding attestations to the permissions	2024-04-30 10:23:48 +03:00
David Wertenteil	7811b0a4a6	adding attestations to the permissions Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-04-30 10:21:35 +03:00