6452bec403
chore: fix dependabot alerts ( #3595 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* ci: bump up golang to 1.25.x
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* fix: linter errors
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* fix: stacker and docker build files to use golang 1.25
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-11-26 11:21:36 +02:00
05e9b8cdf8
chore: sync golang 1.25 ( #3596 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-11-25 09:29:01 +02:00
cb520aa9e4
Fix deps ( #3343 )
...
* chore(ci): fix sync images workflow
golang image is sync'ed from dockerhub and it appears certs have expired
that is breaking 'docker trust inspect ...'
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-08-28 09:05:59 -07:00
ef1d6f37ce
ci: update golang version to be synced to gh ( #3073 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-06 01:15:29 -07:00
b6dff76107
ci: fix sync job after oras/ubuntu upgrade ( #2839 )
...
* ci: fix sync job after oras/ubuntu upgrade
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-20 01:25:48 +02:00
5465aa0d51
build: migrate to golang 1.23.x ( #2701 )
...
* build: migrate to golang 1.23.x
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* fix: golangci-lint reported errors
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-08 08:58:55 -08:00
da923ae232
chore: update go tests to use our hosted trivy-db and trivy-java-db images ( #2754 )
...
There are 2 remaining exceptions that I am aware of:
1. The tests under test/blackbox/cve.bats
2. One of the cli tests checking the server attempts download of the databases
from the default url
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-11-01 14:14:52 -07:00
8294838795
ci: fix localstack docker uri ( #2400 )
...
The image is being published on dockerhub at localstack/localstack
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-21 22:30:00 -07:00
66611cb8d3
chore: disable content trust check for localstack image ( #2398 )
...
localstack images published to dockerhub don't appear to be signed via
docker content trust.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-20 22:41:25 -07:00
7146826126
ci: upgrade localstack to v3.3.0 ( #2390 )
...
There are performance improvements in recent releases of localstack.
1) install localstack via "pip install" and requires python 3.11
2) also pull a recently pushed localstack docker image to ghcr.io
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-19 00:08:36 -07:00
375c35c5a1
chore: update to go 1.22 ( #2330 )
...
* chore: update to go 1.22
Only go toolchain version is updated.
We compile with go 1.22, but we allow others to compile using language version 1.21 if they wish to.
If we also updated the go version in go.mod everyone would be forced to update, as that is enforced as a minimum allowed version.
This comment explains the difference well enough https://news.ycombinator.com/item?id=36455759
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: fix freeBSD AMD64 build
Looks like they made some cleanup in the logic allowing buildmode pie on various platforms.
Related to https://github.com/golang/go/issues/31544
See the code at: https://cs.opensource.google/go/go/+/master:src/internal/platform/supported.go;l=222-231;drc=d7fcb5cf80953f1d63246f1ae9defa60c5ce2d76;bpv=1;bpt=0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-03-20 11:53:11 -07:00
60dc8569ec
build(go): switch to go 1.21 ( #2049 )
...
Also update to the latest swaggo version, as the previous one did not work with go 1.21
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-02-07 10:54:28 -08:00
f8002c7dd3
chore: fix dependabot alerts ( #1827 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-09-18 11:34:57 -07:00
d9e5f33e7e
chore: fix security alerts ( #1493 )
...
https://github.com/project-zot/zot/security/code-scanning/4293
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-06-01 16:53:50 -07:00
635d07ae04
chore: update golang (to 1.20.x) and golangci-linter ( #1388 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-04-27 00:09:46 -07:00
1f9f178a57
ci(golang): fix syncing build image golang 1.20 ( #1205 )
...
Since the matrix values were unquoted,
the logic reading the yaml considered them numbers
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2023-02-17 10:02:30 -08:00
672a2cd384
chore: add/sync golang 1.20.x images ( #1200 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-02-16 11:25:32 +02:00
ca1d4beb2a
ci: also allow manual workflow triggers ( #1109 )
...
* ci: also allow manual workflow triggers
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: add a github actions checker
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-01-13 00:49:42 -08:00
9f0b833293
fix(ci): use oras login before copying trivy-db
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2023-01-12 18:44:45 +00:00
787a75e218
fix(ci): fix path to trivy-db copy under project-zot ( #1108 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2023-01-12 20:01:43 +02:00
6f5b7afd39
ci(trivy): copy trivydb oci artefact to project-zot repo ( #1106 )
...
This will replace calls made directly to ghcr.io/aquasecurity/trivy-db
Which are hitting the rate limiter
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2023-01-12 09:54:53 -08:00
Ramkumar Chinchani