Skip to content

chore: update base images and Golang dependencies #1846

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
hardcoretime wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

chore: update base images and Golang dependencies #1846

hardcoretime wants to merge 3 commits into from

Conversation

@hardcoretime
Copy link
Contributor

@hardcoretime hardcoretime commented Dec 22, 2025
edited
Loading

Description

  • Used the builder/golang-alt image instead of builder/alt and package installation.
  • Updated base image to Golang 1.24.11 to resolve CVE-2025-61729.
  • Updated golang.org/x/crypto to version 0.45.0 to resolve CVE-2025-47914.

Why do we need it, and what problem does it solve?

This is required to resolve CVE-2025-61729 and CVE-2025-47914.

What is the expected result?

The security check should pass.

Checklist

  • The code is covered by unit tests.
  • e2e tests passed.
  • Documentation updated according to the changes.
  • Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: core
type: chore
summary: "Fix CVEs."
impact_level: low

@hardcoretime hardcoretime added this to the v1.4.0 milestone Dec 22, 2025
@hardcoretime hardcoretime force-pushed the chore/update-base-images-and-go-deps branch from 0284794 to c3c3d7a Compare December 23, 2025 14:30
@hardcoretime hardcoretime added the e2e/run Run e2e test on cluster of PR author label Dec 23, 2025
@deckhouse-BOaTswain
Copy link
Contributor

deckhouse-BOaTswain commented Dec 23, 2025
edited
Loading

Workflow has started.
Follow the progress here: Workflow Run

The target step completed with status: failure.

@deckhouse-BOaTswain deckhouse-BOaTswain removed the e2e/run Run e2e test on cluster of PR author label Dec 23, 2025
@deckhouse-BOaTswain
Copy link
Contributor

deckhouse-BOaTswain commented Dec 23, 2025
edited
Loading

Workflow has started.
Follow the progress here: Workflow Run

The target step completed with status: failure.

@hardcoretime hardcoretime added the e2e/run Run e2e test on cluster of PR author label Dec 23, 2025
@deckhouse-BOaTswain
Copy link
Contributor

deckhouse-BOaTswain commented Dec 23, 2025
edited
Loading

Workflow has started.
Follow the progress here: Workflow Run

The target step completed with status: failure.

@deckhouse-BOaTswain deckhouse-BOaTswain removed the e2e/run Run e2e test on cluster of PR author label Dec 24, 2025
@hardcoretime hardcoretime added the e2e/run Run e2e test on cluster of PR author label Dec 25, 2025
@deckhouse-BOaTswain
Copy link
Contributor

deckhouse-BOaTswain commented Dec 25, 2025
edited
Loading

Workflow has started.
Follow the progress here: Workflow Run

The target step completed with status: failure.

@deckhouse-BOaTswain deckhouse-BOaTswain removed the e2e/run Run e2e test on cluster of PR author label Dec 25, 2025
Roman Sysoev added 3 commits December 30, 2025 13:15
chore: update base images and Golang dependencies
2ac8e46 
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
chore: update Cilium version and use fixed CDI
aa54c58 
Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
chore: do not install additional packages
ce350d7 
- git
- binutils
- make
- gcc

Signed-off-by: Roman Sysoev <roman.sysoev@flant.com>
@hardcoretime hardcoretime force-pushed the chore/update-base-images-and-go-deps branch from c3c3d7a to ce350d7 Compare December 30, 2025 10:18
@hardcoretime hardcoretime added the e2e/run Run e2e test on cluster of PR author label Dec 30, 2025
@deckhouse-BOaTswain
Copy link
Contributor

deckhouse-BOaTswain commented Dec 30, 2025
edited
Loading

Workflow has started.
Follow the progress here: Workflow Run

The target step completed with status: failure.

@deckhouse-BOaTswain deckhouse-BOaTswain removed the e2e/run Run e2e test on cluster of PR author label Dec 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@universal-itengineer universal-itengineer Awaiting requested review from universal-itengineer universal-itengineer will be requested when the pull request is marked ready for review universal-itengineer is a code owner

@nevermarine nevermarine Awaiting requested review from nevermarine nevermarine will be requested when the pull request is marked ready for review nevermarine is a code owner

@yaroslavborbat yaroslavborbat Awaiting requested review from yaroslavborbat yaroslavborbat will be requested when the pull request is marked ready for review yaroslavborbat is a code owner

@diafour diafour Awaiting requested review from diafour diafour will be requested when the pull request is marked ready for review diafour is a code owner

@fl64 fl64 Awaiting requested review from fl64 fl64 will be requested when the pull request is marked ready for review fl64 is a code owner

@Isteb4k Isteb4k Awaiting requested review from Isteb4k Isteb4k will be requested when the pull request is marked ready for review Isteb4k is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@hardcoretime hardcoretime

Labels

None yet

Projects

None yet

Milestone

v1.4.0

Development

Successfully merging this pull request may close these issues.

3 participants

@hardcoretime @deckhouse-BOaTswain