From 129c5f04ee79ac52d08799479c55268e2f791bf3 Mon Sep 17 00:00:00 2001 From: Rui Chen Date: Sun, 15 Dec 2024 15:26:33 -0500 Subject: [PATCH 1/2] chore(deps): update alpine to 3.21.0, ca-certificates to 20241010, go/golangci-lint to latest (#5166) Signed-off-by: Rui Chen --- .github/workflows/lint.yml | 2 +- Dockerfile | 8 ++++---- e2e/go.mod | 2 +- go.mod | 2 +- server/events/vcs/github_client.go | 4 ++-- testing/Dockerfile | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 0cb8b5af64..bcfb8bc3c0 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -58,7 +58,7 @@ jobs: uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6 with: # renovate: datasource=github-releases depName=golangci/golangci-lint - version: v1.60.1 + version: v1.62.2 skip-lint: needs: [changes] diff --git a/Dockerfile b/Dockerfile index 44f6fe941e..8520679c1a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ # syntax=docker/dockerfile:1@sha256:db1ff77fb637a5955317c7a3a62540196396d565f3dd5742e76dddbb6d75c4c5 # what distro is the image being built for -ARG ALPINE_TAG=3.20.3@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a +ARG ALPINE_TAG=3.21.0@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45 ARG DEBIAN_TAG=12.8-slim@sha256:1537a6a1cbc4b4fd401da800ee9480207e7dc1f23560c21259f681db56768f63 -ARG GOLANG_TAG=1.23.3-alpine@sha256:c694a4d291a13a9f9d94933395673494fc2cc9d4777b85df3a7e70b3492d3574 +ARG GOLANG_TAG=1.23.4-alpine@sha256:6c5c9590f169f77c8046e45c611d3b28fe477789acd8d3762d23d4744de69812 # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp ARG DEFAULT_TERRAFORM_VERSION=1.10.1 @@ -154,8 +154,8 @@ COPY --from=deps /usr/local/bin/conftest /usr/local/bin/conftest COPY --from=deps /usr/bin/git-lfs /usr/bin/git-lfs COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh -# renovate: datasource=repology depName=alpine_3_20/ca-certificates versioning=loose -ENV CA_CERTIFICATES_VERSION="20240705-r0" +# renovate: datasource=repology depName=alpine_3_21/ca-certificates versioning=loose +ENV CA_CERTIFICATES_VERSION="20241010" # Install packages needed to run Atlantis. # We place this last as it will bust less docker layer caches when packages update diff --git a/e2e/go.mod b/e2e/go.mod index 554b6ed9d8..4c586436c3 100644 --- a/e2e/go.mod +++ b/e2e/go.mod @@ -1,6 +1,6 @@ module github.com/runatlantis/atlantis/e2e -go 1.23.3 +go 1.23.4 require ( github.com/google/go-github/v66 v66.0.0 diff --git a/go.mod b/go.mod index 1fea08c637..8b1dd3e957 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/runatlantis/atlantis -go 1.23.3 +go 1.23.4 require ( code.gitea.io/sdk/gitea v0.19.0 diff --git a/server/events/vcs/github_client.go b/server/events/vcs/github_client.go index da728e5da8..1000f73e07 100644 --- a/server/events/vcs/github_client.go +++ b/server/events/vcs/github_client.go @@ -354,7 +354,7 @@ func (g *GithubClient) getPRReviews(repo models.Repo, pull models.PullRequest) ( variables := map[string]interface{}{ "owner": githubv4.String(repo.Owner), "name": githubv4.String(repo.Name), - "number": githubv4.Int(pull.Num), + "number": githubv4.Int(pull.Num), // #nosec G115: integer overflow conversion int -> int32 "entries": githubv4.Int(10), "reviewState": []githubv4.PullRequestReviewState{githubv4.PullRequestReviewStateApproved}, "reviewCursor": (*githubv4.String)(nil), // initialize the reviewCursor with null @@ -630,7 +630,7 @@ func (g *GithubClient) GetPullRequestMergeabilityInfo( variables := map[string]interface{}{ "owner": githubv4.String(repo.Owner), "name": githubv4.String(repo.Name), - "number": githubv4.Int(*pull.Number), + "number": githubv4.Int(*pull.Number), // #nosec G115: integer overflow conversion int -> int32 "ruleCursor": (*githubv4.String)(nil), "contextCursor": (*githubv4.String)(nil), } diff --git a/testing/Dockerfile b/testing/Dockerfile index 2504772784..72720e3be3 100644 --- a/testing/Dockerfile +++ b/testing/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23.3@sha256:73f06be4578c9987ce560087e2e2ea6485fb605e3910542cadd8fa09fc5f3e31 +FROM golang:1.23.4@sha256:70031844b8c225351d0bb63e2c383f80db85d92ba894e3da7e13bcf80efa9a37 RUN apt-get update && apt-get --no-install-recommends -y install unzip \ && apt-get clean \ From 52f8e05034b71ce1ec008a324bc0ffd13f113800 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 00:36:24 +0000 Subject: [PATCH 2/2] chore(deps): update ghcr.io/runatlantis/testing-env:latest docker digest to 1d8d06b in .github/workflows/test.yml (main) (#5169) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 741abab29e..8229b24197 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,7 +48,7 @@ jobs: if: needs.changes.outputs.should-run-tests == 'true' name: Tests runs-on: ubuntu-24.04 - container: ghcr.io/runatlantis/testing-env:latest@sha256:6d0fdf5eae0076b9fc656504eaed84a4118ad9a468d86fd384126f4dba5ccaeb + container: ghcr.io/runatlantis/testing-env:latest@sha256:1d8d06be575ee7cfbc709491fd06a1fc90a48527b0a047543f4bb3da4b53451f steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4