dependabot[bot]
d94087afad
build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.4.3 to 4.6.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...65c4c4a1ddsupport@github.com >
2025-01-09 22:09:58 +00:00
Jean-Philippe Evrard
de77a0f44c
Merge pull request #1045 from dholbach/update
...
Update k8s and x/net dependencies
2025-01-09 23:08:01 +01:00
Jean-Philippe Evrard
628a8ae590
Fix CVE-2024-45338 and bump k8s.
...
Without this, we'll stay in k8s 0.29, and a vulnerable golang/net.
This contains other bumps, like bumps to golang.org/x/text, which is
flagged by FOSSA as CC licensed.
As these CC-licensed code snippets are used in other CNCF projects
(like kubernetes), this is fine to bump and will be excluded
in our license scans in the future.
Closes : #1049
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2025-01-09 22:53:16 +01:00
Daniel Holbach
dd5a303113
update test infra as well
...
Signed-off-by: Daniel Holbach <daniel.holbach@gmail.com >
2025-01-09 22:20:18 +01:00
dholbach
72e39575c2
Merge pull request #1036 from kubereboot/dependabot/github_actions/github/codeql-action-3.27.6
...
build(deps): bump github/codeql-action from 3.27.5 to 3.27.6
2024-12-03 19:50:35 +01:00
dependabot[bot]
ab1673a72a
build(deps): bump github/codeql-action from 3.27.5 to 3.27.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.5 to 3.27.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f09c1c0a94...aa57810251support@github.com >
2024-12-03 17:33:54 +00:00
dholbach
c2fbb8f849
Merge pull request #1034 from kubereboot/dependabot/go_modules/github.com/stretchr/testify-1.10.0
...
build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0
2024-11-27 10:23:18 +01:00
dholbach
473beb873c
Merge pull request #1035 from kubereboot/dependabot/github_actions/docker/build-push-action-6.10.0
...
build(deps): bump docker/build-push-action from 6.9.0 to 6.10.0
2024-11-27 10:23:00 +01:00
dependabot[bot]
b8bdb5e00a
build(deps): bump docker/build-push-action from 6.9.0 to 6.10.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 6.9.0 to 6.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](4f58ea7922...48aba3b46dsupport@github.com >
2024-11-26 17:19:33 +00:00
dependabot[bot]
a9676db6c3
build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.9.0...v1.10.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-11-25 17:17:31 +00:00
Jean-Philippe Evrard
9848deb283
Merge pull request #1029 from kubereboot/dependabot/github_actions/docker/metadata-action-5.6.1
...
build(deps): bump docker/metadata-action from 5.5.1 to 5.6.1
2024-11-22 12:00:26 +01:00
Jean-Philippe Evrard
15b451ee04
Merge pull request #1030 from kubereboot/dependabot/github_actions/step-security/harden-runner-2.10.2
...
build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2
2024-11-22 11:59:53 +01:00
Jean-Philippe Evrard
8b14073176
Merge pull request #1033 from kubereboot/dependabot/github_actions/actions/dependency-review-action-4.5.0
...
build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0
2024-11-22 11:59:20 +01:00
dependabot[bot]
1b5d01ee8c
build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](4081bf99e2...3b139cfc5fsupport@github.com >
2024-11-21 17:53:46 +00:00
Jean-Philippe Evrard
b37bf39a74
Merge pull request #1031 from kubereboot/dependabot/github_actions/aquasecurity/trivy-action-0.29.0
...
build(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0
2024-11-21 14:08:52 +01:00
Jean-Philippe Evrard
c768c7c8d5
Merge pull request #1032 from kubereboot/dependabot/github_actions/github/codeql-action-3.27.5
...
build(deps): bump github/codeql-action from 3.27.4 to 3.27.5
2024-11-21 14:08:09 +01:00
dependabot[bot]
5530ab0db1
build(deps): bump github/codeql-action from 3.27.4 to 3.27.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.4 to 3.27.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...f09c1c0a94support@github.com >
2024-11-20 17:56:27 +00:00
dependabot[bot]
8f9af5c1dd
build(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.28.0 to 0.29.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](915b19bbe7...18f2510ee3support@github.com >
2024-11-20 17:56:21 +00:00
dependabot[bot]
31551a2c23
build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.10.1 to 2.10.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](91182cccc0...0080882f6csupport@github.com >
2024-11-19 17:44:39 +00:00
dependabot[bot]
91ef335394
build(deps): bump docker/metadata-action from 5.5.1 to 5.6.1
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 5.5.1 to 5.6.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](8e5442c4ef...369eb591f4support@github.com >
2024-11-19 17:44:35 +00:00
dholbach
e5f01ce172
Merge pull request #1028 from kubereboot/dependabot/github_actions/github/codeql-action-3.27.4
...
build(deps): bump github/codeql-action from 3.27.3 to 3.27.4
2024-11-14 21:24:19 +01:00
dependabot[bot]
9a24d9ddab
build(deps): bump github/codeql-action from 3.27.3 to 3.27.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.3 to 3.27.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](396bb3e453...ea9e4e3799support@github.com >
2024-11-14 17:55:42 +00:00
dholbach
56f2b97045
Merge pull request #1027 from kubereboot/dependabot/github_actions/github/codeql-action-3.27.3
...
build(deps): bump github/codeql-action from 3.27.1 to 3.27.3
2024-11-14 06:41:55 +01:00
dependabot[bot]
cbb1d5702b
build(deps): bump github/codeql-action from 3.27.1 to 3.27.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.1 to 3.27.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4f3212b617...396bb3e453support@github.com >
2024-11-13 17:36:00 +00:00
dholbach
888964c17a
Merge pull request #1022 from kubereboot/dependabot/github_actions/github/codeql-action-3.27.1
...
build(deps): bump github/codeql-action from 3.27.0 to 3.27.1
2024-11-09 17:44:09 +01:00
dholbach
83eca94075
Merge pull request #1023 from kubereboot/dependabot/github_actions/actions/checkout-4.2.2
...
build(deps): bump actions/checkout from 4.1.1 to 4.2.2
2024-11-09 17:39:39 +01:00
dependabot[bot]
390fe1e742
build(deps): bump actions/checkout from 4.1.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...11bd71901bbe5b1630ceea73d27597364c9af683 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-11-08 17:27:48 +00:00
dependabot[bot]
785a8efdf4
build(deps): bump github/codeql-action from 3.27.0 to 3.27.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617support@github.com >
2024-11-08 17:27:44 +00:00
Jean-Philippe Evrard
5275bbd5a9
Merge pull request #1020 from step-security-bot/stepsecurity_remediation_1731015518
...
[StepSecurity] Apply security best practices
2024-11-07 23:36:08 +01:00
StepSecurity Bot
95e6055522
[StepSecurity] Apply security best practices
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io >
2024-11-07 21:38:39 +00:00
Jean-Philippe Evrard
a5b3faaa05
Merge pull request #1019 from evrardjp/release_1.16.2
...
chore: update release
2024-11-07 22:03:43 +01:00
Jean-Philippe Evrard
3da7d5b8f4
chore: update release
...
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-11-07 19:06:12 +01:00
Jean-Philippe Evrard
ec0ba4f1bd
Merge pull request #1018 from kubereboot/dependabot/github_actions/lycheeverse/lychee-action-2.1.0
...
build(deps): bump lycheeverse/lychee-action from 2.0.2 to 2.1.0
2024-11-07 18:51:15 +01:00
Jean-Philippe Evrard
3adeb5a384
Merge pull request #1016 from evrardjp/fix_small_memleak
2024-11-07 18:40:40 +01:00
dependabot[bot]
9b13117fd4
build(deps): bump lycheeverse/lychee-action from 2.0.2 to 2.1.0
...
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/lycheeverse/lychee-action/releases )
- [Commits](7cd0af4c74...f81112d0d2support@github.com >
2024-11-07 17:20:13 +00:00
Jean-Philippe Evrard
e370b0bd4a
Remove reassignment in rebootasrequired loop
...
There is no need to continuously reallocate the check blockers.
They only need to be defined once.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-11-06 18:57:09 +01:00
Jean-Philippe Evrard
659e9fd5bf
Merge pull request #1015 from evrardjp/fix_goroutine_leak
...
Fix goroutine leak
2024-11-06 18:54:15 +01:00
Jean-Philippe Evrard
94e73465ad
Add stdout and stderr to log info
...
Without this, we are loosing features based on previous logrus
implementation. Now, we will log the stdout and stderr for
each call.
Next to this, we ensure the call of the log. methods will be
ready for the switch to get rid of logrus in the future.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-11-06 08:41:19 +01:00
Jean-Philippe Evrard
f81a302fa5
Merge pull request #1014 from evrardjp/improve_makefile
...
bootstrap-tools are required for kured bin
2024-11-05 23:18:59 +01:00
Jean-Philippe Evrard
f20a1ddd05
Fix goroutine leak
...
Without this patch, we use WriterLevel, which spawns
go routines. As we do it at every call of the util commands,
we spawn goroutines at every check.
This is a problem as it leads to memory management issues.
This fixes it by using a buffer for stdout and stderr, then
logging the results after the command was executed.
To make sure the logging happened at the same place, I inlined
the code from utils. This results in duplicated the code.
However, this is not a big problem as:
- It makes the code more readable
- The implementation between checkers and rebooters _ARE_
different -- One definitely NEEDS privileges, while the other
does not... Which could lead to later improvements.
Removing a "utils" package is not really a big deal (it
is kinda a win in itself, as it is an anti-pattern), as the
test coverage was kept.
Partial-Fix: #1004
Fixes : #1013
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-11-05 22:11:13 +01:00
Jean-Philippe Evrard
7c3184239a
bootstrap-tools are required for kured bin
...
kured linking needs the goreleaser command line, yet it does
not ensure it is present.
This fixes it by ensuring the bootstrap-tools are always
fetched first and used for all the make targets requiring them.
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-11-05 17:24:42 +01:00
dependabot[bot]
9fbd0a2cc8
build(deps): bump actions/upload-artifact from 3.2.1.pre.node20 to 4.4.3 ( #1012 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.2.1.pre.node20 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](c24449f33c...b4b15b8c7csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 10:55:20 -07:00
dependabot[bot]
738564296a
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.0 ( #1011 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...62b2cac7edsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-31 11:28:40 -07:00
dependabot[bot]
b47d43f268
build(deps): bump actions/upload-artifact ( #1010 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 97a0fba1372883ab732affbe8f94b823f91727db to c24449f33cd45d4826c6702db7e49f7cdb9b551d.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](97a0fba137...c24449f33csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-31 11:28:07 -07:00
Jean-Philippe Evrard
9ac37661d2
Merge pull request #1007 from kubereboot/Add-OpenSSF-Scorecard
...
Create scorecard.yml
2024-10-30 23:03:58 +01:00
Jean-Philippe Evrard
fc8d979da4
Merge pull request #1006 from evrardjp/update_go_mod
...
Be explicit about toolchain version
2024-10-30 23:03:31 +01:00
Jean-Philippe Evrard
030ff4525e
Merge pull request #1005 from evrardjp/remove_security_exception
...
Remove security exception
2024-10-30 23:03:03 +01:00
Jean-Philippe Evrard
c62e67b27a
Merge pull request #1009 from kubereboot/update-email
...
Update email address for Hidde Beydals
2024-10-28 21:23:33 +01:00
Hidde Beydals
2a2ee20b32
Update email address for Hidde Beydals
...
Signed-off-by: Hidde Beydals <hiddeco@users.noreply.github.com >
2024-10-28 21:22:30 +01:00
Jean-Philippe Evrard
e6c06078ff
Create scorecard.yml
...
Signed-off-by: Jean-Philippe Evrard <open-source@a.spamming.party >
2024-10-27 22:30:34 +01:00
