From 5a9df7d30a725924760335432ea546cf17dedcd2 Mon Sep 17 00:00:00 2001 From: cpanato Date: Tue, 15 Aug 2023 15:29:42 +0200 Subject: [PATCH 1/3] upgrade to go1.21 Signed-off-by: cpanato --- .github/workflows/build.yaml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cross.yaml | 2 +- .github/workflows/e2e-tests.yml | 4 ++-- .github/workflows/e2e-with-binary.yml | 2 +- .github/workflows/github-oidc.yaml | 2 +- .github/workflows/kind-e2e-insecure-registry.yaml | 2 +- .github/workflows/kind-verify-attestation.yaml | 2 +- .github/workflows/tests.yaml | 4 ++-- .github/workflows/validate-release.yml | 4 ++-- .github/workflows/verify-docgen.yaml | 2 +- go.mod | 2 +- release/cloudbuild.yaml | 6 +++--- 13 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 601a652084e..1d7ea3d290c 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -47,7 +47,7 @@ jobs: - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true # will use the latest release available for ko diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a908c200ff9..8d263b8ad6b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -62,7 +62,7 @@ jobs: - name: Set correct version of Golang to use during CodeQL run uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true # Initializes the CodeQL tools for scanning. diff --git a/.github/workflows/cross.yaml b/.github/workflows/cross.yaml index e71e7ad0832..14d668abdcb 100644 --- a/.github/workflows/cross.yaml +++ b/.github/workflows/cross.yaml @@ -36,7 +36,7 @@ jobs: - name: Install Go uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - name: Checkout code uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index c5bb18bc8f4..ebaf23458ff 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c # v0.3 @@ -61,7 +61,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c # v0.3 diff --git a/.github/workflows/e2e-with-binary.yml b/.github/workflows/e2e-with-binary.yml index cb151f53dbe..4bb6e425956 100644 --- a/.github/workflows/e2e-with-binary.yml +++ b/.github/workflows/e2e-with-binary.yml @@ -48,7 +48,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - name: build cosign and check sign-blob and verify-blob shell: bash diff --git a/.github/workflows/github-oidc.yaml b/.github/workflows/github-oidc.yaml index f100a562a87..722eea65a7a 100644 --- a/.github/workflows/github-oidc.yaml +++ b/.github/workflows/github-oidc.yaml @@ -45,7 +45,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true cache: true diff --git a/.github/workflows/kind-e2e-insecure-registry.yaml b/.github/workflows/kind-e2e-insecure-registry.yaml index a970cf049fe..175d00f225f 100644 --- a/.github/workflows/kind-e2e-insecure-registry.yaml +++ b/.github/workflows/kind-e2e-insecure-registry.yaml @@ -47,7 +47,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - uses: imjasonh/setup-ko@ace48d793556083a76f1e3e6068850c1f4a369aa # v0.6 diff --git a/.github/workflows/kind-verify-attestation.yaml b/.github/workflows/kind-verify-attestation.yaml index f774cffde52..287dde9d55b 100644 --- a/.github/workflows/kind-verify-attestation.yaml +++ b/.github/workflows/kind-verify-attestation.yaml @@ -50,7 +50,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true # will use the latest release available for ko diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 5c68c0473bb..0869f3598a0 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -31,7 +31,7 @@ on: permissions: read-all env: - GO_VERSION: '1.20.x' + GO_VERSION: '1.21' jobs: unit-tests: @@ -172,7 +172,7 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: 1.20.x + go-version: '1.21' check-latest: true - name: golangci-lint uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0 diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 9b5b05869fd..a3bbd92feaa 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Check Signature run: | - cosign verify ghcr.io/gythialy/golang-cross:v1.20.6-0@sha256:e0289471f770f238e4fb608e0d804aaf45504ab50b11527cfd00fa42e64344fc \ + cosign verify ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26 \ --certificate-oidc-issuer https://token.actions.githubusercontent.com \ --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.20.6-0" env: @@ -43,7 +43,7 @@ jobs: - check-signature container: - image: ghcr.io/gythialy/golang-cross:v1.20.6-0@sha256:e0289471f770f238e4fb608e0d804aaf45504ab50b11527cfd00fa42e64344fc + image: ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26 permissions: {} diff --git a/.github/workflows/verify-docgen.yaml b/.github/workflows/verify-docgen.yaml index 74a52cab22c..cf7d1139ee5 100644 --- a/.github/workflows/verify-docgen.yaml +++ b/.github/workflows/verify-docgen.yaml @@ -34,6 +34,6 @@ jobs: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: - go-version: '1.20.x' + go-version: '1.21' check-latest: true - run: ./cmd/help/verify.sh diff --git a/go.mod b/go.mod index 4cc3b43352f..2206f4dada8 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/sigstore/cosign/v2 -go 1.19 +go 1.20 require ( cuelang.org/go v0.6.0 diff --git a/release/cloudbuild.yaml b/release/cloudbuild.yaml index 534327407ed..d6e4a23dfc2 100644 --- a/release/cloudbuild.yaml +++ b/release/cloudbuild.yaml @@ -38,14 +38,14 @@ steps: - TUF_ROOT=/tmp args: - 'verify' - - 'ghcr.io/gythialy/golang-cross:v1.20.6-0@sha256:e0289471f770f238e4fb608e0d804aaf45504ab50b11527cfd00fa42e64344fc' + - 'ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26' - '--certificate-oidc-issuer' - "https://token.actions.githubusercontent.com" - '--certificate-identity' - "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.20.6-0" # maybe we can build our own image and use that to be more in a safe side - - name: ghcr.io/gythialy/golang-cross:v1.20.6-0@sha256:e0289471f770f238e4fb608e0d804aaf45504ab50b11527cfd00fa42e64344fc + - name: ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26 entrypoint: /bin/sh dir: "go/src/sigstore/cosign" env: @@ -68,7 +68,7 @@ steps: gcloud auth configure-docker \ && make release - - name: ghcr.io/gythialy/golang-cross:v1.20.6-0@sha256:e0289471f770f238e4fb608e0d804aaf45504ab50b11527cfd00fa42e64344fc + - name: ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26 entrypoint: 'bash' dir: "go/src/sigstore/cosign" env: From fbe6e6f7411ac622d2bfdfda031b552daab7b515 Mon Sep 17 00:00:00 2001 From: cpanato Date: Tue, 15 Aug 2023 15:33:36 +0200 Subject: [PATCH 2/3] bump golangci-lint Signed-off-by: cpanato --- .github/workflows/tests.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 0869f3598a0..ab452c6ee7d 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -178,5 +178,5 @@ jobs: uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0 with: # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. - version: v1.53 + version: v1.54 args: --timeout=5m From 68d0f78e55337981eedd1a98ded0232c9970c5e4 Mon Sep 17 00:00:00 2001 From: cpanato Date: Tue, 15 Aug 2023 15:36:31 +0200 Subject: [PATCH 3/3] update cosign check for the build image Signed-off-by: cpanato --- .github/workflows/validate-release.yml | 2 +- release/cloudbuild.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index a3bbd92feaa..8b4acbc1407 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -33,7 +33,7 @@ jobs: run: | cosign verify ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26 \ --certificate-oidc-issuer https://token.actions.githubusercontent.com \ - --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.20.6-0" + --certificate-identity "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.21.0-0" env: TUF_ROOT: /tmp diff --git a/release/cloudbuild.yaml b/release/cloudbuild.yaml index d6e4a23dfc2..f6c417dee78 100644 --- a/release/cloudbuild.yaml +++ b/release/cloudbuild.yaml @@ -42,7 +42,7 @@ steps: - '--certificate-oidc-issuer' - "https://token.actions.githubusercontent.com" - '--certificate-identity' - - "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.20.6-0" + - "https://github.com/gythialy/golang-cross/.github/workflows/release-golang-cross.yml@refs/tags/v1.21.0-0" # maybe we can build our own image and use that to be more in a safe side - name: ghcr.io/gythialy/golang-cross:v1.21.0-0@sha256:383b0f45ed1d469a904230d75e2bf74dd3af7b9675872379d7748703c2cc7f26