Skip to content

Parse go version from release-tools #1350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 27, 2025
Merged

Parse go version from release-tools #1350

merged 4 commits into from
Nov 27, 2025
+2,719 −1,150

Conversation

@jsafrane
Copy link
Contributor

@jsafrane jsafrane commented Nov 25, 2025
edited
Loading

trivy.yaml should use the same go version as release tools, so it checks for CVEs with the same go as we use to build images.

Add a step that parses the go version from prow.sh and stores it in .goversion file. Use the file in subsequent setup-go step.

In addition:

  • bump release-tools to get go 1.24.9 and silence some CVEs.
  • bump golang.org/x/crypto to silence another CVE.

What type of PR is this?
/kind cleanup

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

NONE

@jsafrane
Parse go version from release-tools
95bb5ea 
trivy.yaml should use the same go version as release tools, so it checks
for CVEs with the same go as we use to build images.

Add a step that parses the go version from prow.sh and stores it in
.goversion file. Use the file in subsequent setup-go step.
@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. labels Nov 25, 2025
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Nov 25, 2025
@jsafrane
Copy link
Contributor Author

jsafrane commented Nov 25, 2025
edited
Loading

trivy logs:

Run GO_VERSION=$(cat release-tools/prow.sh  | grep "configvar CSI_PROW_GO_VERSION_BUILD" | awk '{print $3}' | sed 's/"//g')
Using go from release-tools: 1.24.9

And it continues with 1.24.9

@jsafrane
Squashed 'release-tools/' changes from 74502e544..8d1258cce
392c180 
8d1258cce Merge pull request kubernetes-csi#286 from kubernetes-csi/dependabot/github_actions/actions/checkout-6
91e35981a Bump actions/checkout from 5 to 6
294138155 Merge pull request kubernetes-csi#285 from andyzhangx/patch-6
fa8b339e9 fix: upgrade to go1.24.9 to fix CVEs

git-subtree-dir: release-tools
git-subtree-split: 8d1258cce8062a7ff5de7e10b10f01bed3e9c677
@jsafrane
Merge commit '392c180d823c0f134109e1d67e325c14b9d8cdab' into trivy-pa…
5ea38fb 
…rse-go2
@k8s-ci-robot k8s-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Nov 25, 2025
@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Nov 25, 2025
andyzhangx
andyzhangx approved these changes Nov 27, 2025
View reviewed changes
Copy link
Member

@andyzhangx andyzhangx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 27, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Nov 27, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andyzhangx, jsafrane

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 2c37c1c into kubernetes-csi:master Nov 27, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mauriciopoppe mauriciopoppe Awaiting requested review from mauriciopoppe

@RaunakShah RaunakShah Awaiting requested review from RaunakShah

1 more reviewer

@andyzhangx andyzhangx andyzhangx approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@andyzhangx andyzhangx

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jsafrane @k8s-ci-robot @andyzhangx