diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 622578c..361e4a3 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -22,13 +22,13 @@ jobs: - name: Checkout uses: actions/checkout@v5 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{ matrix.language }}" diff --git a/Dockerfile b/Dockerfile index 4fff66a..ba169fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,7 +34,7 @@ COPY . /workspace # Build with make to apply all build logic defined in Makefile RUN make build -FROM nvcr.io/nvidia/distroless/go:v3.1.13 +FROM nvcr.io/nvidia/distroless/go:v3.2.0 WORKDIR / COPY --from=builder /workspace/build/network-operator-init-container . diff --git a/Makefile b/Makefile index a41c57f..27fe41f 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,8 @@ DOCKER_CMD ?= docker # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.31.0 +SETUP_ENVTEST_VERSION ?= release-0.21 + # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) GOBIN=$(shell go env GOPATH)/bin @@ -114,7 +116,7 @@ GOLANGCILINT_VERSION ?= v1.64.8 .PHONY: envtest envtest: $(ENVTEST) ## Download envtest-setup locally if necessary. $(ENVTEST): | $(LOCALBIN) - GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest + GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@$(SETUP_ENVTEST_VERSION) .PHONY: golangci-lint golangci-lint: $(GOLANGCILINT) ## Download golangci-lint locally if necessary.