dependabot[bot]
941968c257
build(deps): bump alpine from 3.18.2 to 3.18.3 ( #1487 )
...
Bumps alpine from 3.18.2 to 3.18.3.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-20 15:12:48 +02:00
Jonas-Taha El Sesiy
20ad80577c
Bump docker base images ( #1465 )
...
During a recent CVE scan we found kube-bench to use `alpine:3.18` as the final image which has a known high CVE.
```
grype aquasec/kube-bench:v0.6.15
✔ Vulnerability DB [no update available]
✔ Loaded image
✔ Parsed image
✔ Cataloged packages [73 packages]
✔ Scanning image... [4 vulnerabilities]
├── 0 critical, 4 high, 0 medium, 0 low, 0 negligible
└── 4 fixed
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
libcrypto3 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
libssl3 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
openssl 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
```
The CVE in question was addressed in the latest [alpine release](https://www.alpinelinux.org/posts/Alpine-3.15.9-3.16.6-3.17.4-3.18.2-released.html ), hence updating the dockerfiles accordingly
2023-07-26 18:22:19 +03:00
dependabot[bot]
a727d73e8a
build(deps): bump golang from 1.19.4 to 1.20.4 ( #1436 )
...
Bumps golang from 1.19.4 to 1.20.4.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-10 18:07:26 +03:00
dependabot[bot]
84f80b59b8
build(deps): bump alpine from 3.17 to 3.18 ( #1443 )
...
Bumps alpine from 3.17 to 3.18.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-26 13:41:30 +03:00
Devendra Turkar
96c6b385ef
chore: publish ubi based image ( #1412 )
...
* chore: publish ubi based image
- added publish step to publish ubi image
- updated base image for alpine based dockerfile
* chore: update pipeline image to ubuntu-latest
2023-04-05 13:02:36 +03:00
dependabot[bot]
465c16fe4b
build(deps): bump golang from 1.19.3 to 1.19.4 ( #1345 )
...
Bumps golang from 1.19.3 to 1.19.4.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 16:10:46 +02:00
dependabot[bot]
e096229a5a
build(deps): bump alpine from 3.16.2 to 3.17.0 ( #1332 )
...
Bumps alpine from 3.16.2 to 3.17.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 19:06:02 +02:00
dependabot[bot]
d5039002af
build(deps): bump golang from 1.19.2 to 1.19.3 ( #1318 )
...
Bumps golang from 1.19.2 to 1.19.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 14:35:26 +02:00
dependabot[bot]
bb3c8e9685
build(deps): bump golang from 1.19.0 to 1.19.2 ( #1299 )
...
Bumps golang from 1.19.0 to 1.19.2.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-17 20:24:30 +03:00
chenk
e05dabe0a9
chore: replace gclib alpine pkg ( #1280 )
...
* chore: replace gclib alpine pkg
Signed-off-by: chenk <hen.keinan@gmail.com>
* chore: replace gclib alpine pkg
Signed-off-by: chenk <hen.keinan@gmail.com>
Signed-off-by: chenk <hen.keinan@gmail.com>
2022-09-14 16:59:58 +03:00
dependabot[bot]
7146b65da4
build(deps): bump golang from 1.18.3 to 1.19.0 ( #1237 )
...
Bumps golang from 1.18.3 to 1.19.0.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-10 14:17:46 -03:00
dependabot[bot]
1c46d386a8
build(deps): bump alpine from 3.16.0 to 3.16.2 ( #1240 )
...
Bumps alpine from 3.16.0 to 3.16.2.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-10 14:00:09 -03:00
dependabot[bot]
b6bc27db17
Bump golang from 1.18.2 to 1.18.3 ( #1199 )
...
Bumps golang from 1.18.2 to 1.18.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 22:37:41 +03:00
dependabot[bot]
3f85968c3c
Bump alpine from 3.15.4 to 3.16.0 ( #1193 )
...
Bumps alpine from 3.15.4 to 3.16.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-03 18:19:44 +03:00
dependabot[bot]
e0704da7d0
Bump golang from 1.18.1 to 1.18.2 ( #1181 )
...
Bumps golang from 1.18.1 to 1.18.2.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-01 15:40:20 +03:00
dependabot[bot]
aea61c93c7
Bump golang from 1.18.0 to 1.18.1 ( #1155 )
...
Bumps golang from 1.18.0 to 1.18.1.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-19 08:03:43 +03:00
dependabot[bot]
48b80f8f01
Bump alpine from 3.15.2 to 3.15.4 ( #1146 )
...
Bumps alpine from 3.15.2 to 3.15.4.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-12 15:12:21 +03:00
dependabot[bot]
b3902d2d14
Bump alpine from 3.15.1 to 3.15.2 ( #1130 )
...
Bumps alpine from 3.15.1 to 3.15.2.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-29 09:32:10 +03:00
dependabot[bot]
55c5b981cf
Bump alpine from 3.15.0 to 3.15.1 ( #1119 )
...
Bumps alpine from 3.15.0 to 3.15.1.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2022-03-23 09:38:08 +02:00
dependabot[bot]
021bb13b05
Bump golang from 1.17.8 to 1.18.0 ( #1118 )
...
Bumps golang from 1.17.8 to 1.18.0.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 17:23:08 +02:00
dependabot[bot]
675515a9b0
Bump golang from 1.17.7 to 1.17.8 ( #1110 )
...
Bumps golang from 1.17.7 to 1.17.8.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2022-03-08 11:08:52 +02:00
dependabot[bot]
e2599b1e06
Bump golang from 1.17.6 to 1.17.7 ( #1095 )
...
Bumps golang from 1.17.6 to 1.17.7.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Huang Huang <mozillazg101@gmail.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2022-03-03 16:46:34 +02:00
dependabot[bot]
d3cbc64476
Bump golang from 1.17.5 to 1.17.6 ( #1079 )
...
Bumps golang from 1.17.5 to 1.17.6.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-12 14:16:56 +02:00
dependabot[bot]
1fbf2ca403
Bump golang from 1.17.4 to 1.17.5 ( #1071 )
...
Bumps golang from 1.17.4 to 1.17.5.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-29 17:33:30 +02:00
dependabot[bot]
26b07a8a4c
Bump golang from 1.17.3 to 1.17.4 ( #1062 )
...
Bumps golang from 1.17.3 to 1.17.4.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-09 11:50:30 +02:00
dependabot[bot]
0ce8a92226
Bump alpine from 3.14.3 to 3.15.0 ( #1056 )
...
Bumps alpine from 3.14.3 to 3.15.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-01 11:53:40 +02:00
dependabot[bot]
29c403edbe
Bump alpine from 3.14.2 to 3.14.3 ( #1046 )
...
Bumps alpine from 3.14.2 to 3.14.3.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-11-18 16:52:34 +02:00
dependabot[bot]
00be5e3912
Bump golang from 1.17.2 to 1.17.3 ( #1043 )
...
Bumps golang from 1.17.2 to 1.17.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-11 13:43:16 +02:00
Huang Huang
beaad3bab2
Support arm64 architecture ( #1036 )
...
* Support arm64 architecture
* remove .github/workflows/test_docker.yml
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-11-08 14:06:44 +02:00
dependabot[bot]
cc619e5aef
Bump golang from 1.17.1 to 1.17.2 ( #1019 )
...
Bumps golang from 1.17.1 to 1.17.2.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-10-28 13:54:29 +03:00
dependabot[bot]
2662c07e2b
Bump golang from 1.17.0 to 1.17.1 ( #988 )
...
Bumps golang from 1.17.0 to 1.17.1.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-19 15:26:10 +03:00
Dave Hay
6d758d2011
Update/upgrade Alpine before installing openssl ( #981 )
...
Mitigating CVE-2021-3711 and CVE-2021-3712
Signed-off-by: Dave Hay <david_hay@uk.ibm.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-09-05 17:48:33 +03:00
dependabot[bot]
2b6d21a652
Bump alpine from 3.14.1 to 3.14.2 ( #977 )
...
Bumps alpine from 3.14.1 to 3.14.2.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 10:00:35 +03:00
dependabot[bot]
89a7e7a82d
Bump golang from 1.16 to 1.17.0 ( #973 )
...
Bumps golang from 1.16 to 1.17.0.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-30 11:47:18 +03:00
dependabot[bot]
ee1fd825a7
Bump alpine from 3.14.0 to 3.14.1 ( #956 )
...
Bumps alpine from 3.14.0 to 3.14.1.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-10 12:04:15 +03:00
Matthieu MOREL
8ac8ebfc2a
Update Dependencies ( #941 )
...
* Create dependabot.yml
* Bump crazy-max/ghaction-docker-meta from 1 to 3.4.0 (#1 )
Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta ) from 1 to 3.4.0.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v1...v3.4.0 )
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update .yamllint.yaml
* Update .yamllint.yaml
* Update dependabot.yml
* Update dependabot.yml
* Bump github.com/onsi/ginkgo from 1.10.1 to 1.16.4 (#2 )
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.10.1 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.16.4 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/stretchr/testify from 1.4.0 to 1.7.0 (#4 )
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.4.0 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/fatih/color from 1.5.0 to 1.12.0 (#6 )
Bumps [github.com/fatih/color](https://github.com/fatih/color ) from 1.5.0 to 1.12.0.
- [Release notes](https://github.com/fatih/color/releases )
- [Commits](https://github.com/fatih/color/compare/v1.5.0...v1.12.0 )
---
updated-dependencies:
- dependency-name: github.com/fatih/color
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/magiconair/properties from 1.8.0 to 1.8.5 (#3 )
Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties ) from 1.8.0 to 1.8.5.
- [Release notes](https://github.com/magiconair/properties/releases )
- [Changelog](https://github.com/magiconair/properties/blob/main/CHANGELOG.md )
- [Commits](https://github.com/magiconair/properties/compare/v1.8.0...v1.8.5 )
---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/aws/aws-sdk-go from 1.35.28 to 1.39.6 (#7 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.35.28 to 1.39.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.35.28...v1.39.6 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 (#8 )
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml ) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-yaml/yaml/releases )
- [Commits](https://github.com/go-yaml/yaml/compare/v2.3.0...v2.4.0 )
---
updated-dependencies:
- dependency-name: gopkg.in/yaml.v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/spf13/viper from 1.4.0 to 1.8.1 (#9 )
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.4.0 to 1.8.1.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.4.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/spf13/cobra from 0.0.3 to 0.0.7 (#10 )
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 0.0.3 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v0.0.3...0.0.7 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/aws/aws-sdk-go from 1.39.6 to 1.40.0 (#11 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.39.6 to 1.40.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.39.6...v1.40.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump crazy-max/ghaction-docker-meta from 3.4.0 to 3.4.1 (#12 )
Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta ) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases )
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v3.4.0...v3.4.1 )
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/aws/aws-sdk-go from 1.40.0 to 1.40.1 (#13 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.40.0 to 1.40.1.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.0...v1.40.1 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/aws/aws-sdk-go from 1.40.1 to 1.40.7 (#21 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.40.1 to 1.40.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.1...v1.40.7 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump codecov/codecov-action from 1 to 2.0.2 (#20 )
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1 to 2.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v2.0.2 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update build.yml
* Update mkdocs-deploy.yaml
* Update publish.yml
* Update mkdocs-deploy.yaml
* Bump github.com/aws/aws-sdk-go from 1.40.7 to 1.40.9 (#23 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.40.7 to 1.40.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.7...v1.40.9 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update .github/workflows/publish.yml
* Update .github/workflows/build.yml
* Update mkdocs-deploy.yaml
* Update build.yml
* Update dependabot.yml
* Update dependabot.yml
* Bump alpine from 3.13 to 3.14.0 (#27 )
Bumps alpine from 3.13 to 3.14.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/aws/aws-sdk-go from 1.40.9 to 1.40.13 (#28 )
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.40.9 to 1.40.13.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.9...v1.40.13 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-04 11:38:18 +03:00
Dave Hay
222e696934
Upgrading apk-tools ( #944 )
...
Upgrading apk-tools to remediate CVE-2021-36159
( https://snyk.io/vuln/SNYK-ALPINE314-APKTOOLS-1533752 )
Fixes #943
Signed-off-by: Dave Hay <david_hay@uk.ibm.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-03 17:21:24 +03:00
Yoav Rotem
75fe5d0048
Fix ocp job issues ( #893 )
...
* Fix openshift missing glibc
Fixing issues #891 #890
* Update goreleaser
Change release to build, no need to release while building (when pushed to main) but only when publishing (release new version)
* Update goreleaser version to 0.169.0
* Change from release to build
* Try day run on release
It used to be released to docker hub each push, the issue was that docker hub had a automation for it, now test if its not releasing every git push.
2021-06-09 15:34:39 +03:00
Neha Viswanathan
9030532263
upgrade base image versions in Dockerfile ( #831 )
2021-03-21 22:53:39 +02:00
Brian Terry
c3f94dd89f
Aws asff ( #770 )
...
* add aasf
* add AASF format
* credentials provider
* add finding publisher
* add finding publisher
* add write AASF path
* add testing
* read config from file
* update docker file
* refactor
* remove sample
* add comments
* Add comment in EKS config.yaml
* Fix comment typo
* Fix spelling of ASFF
* Fix typo and other small code review suggestions
* Limit length of Actual result field
Avoids this message seen in testing:
Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters.
* Add comment for ASFF schema
* Add Security Hub documentation
* go mod tidy
* remove dupe lines in docs
* support integration in any region
* fix README link
* fix README links
Co-authored-by: Liz Rice <liz@lizrice.com>
2020-11-23 19:43:53 +00:00
Neha Viswanathan
90b7ae6628
upgrade to go 1.15 ( #706 )
2020-10-03 11:30:01 +01:00
Yoav Rotem
deecf6265f
Test Travis build condition ( #713 )
...
* Add condition to make docker
Build and push Docker image only when pushing to master.
* Update to Golang 1.15
As https://github.com/aquasecurity/kube-bench/pull/706 did, just doing it in my fork to test Travis changes about the build
2020-10-01 16:37:38 +01:00
Liz Rice
d6de4f7c3c
Multi-arch build ( #690 )
...
* multi-arch build and other makefile tidies
* docker login in travis
2020-09-14 09:26:29 +03:00
Manuel Rüger
50a9dca720
Dockerfile: Update to alpine-3.12 ( #645 )
...
https://alpinelinux.org/posts/Alpine-3.12.0-released.html
2020-07-21 12:09:41 +03:00
Daniel Sutton
71bc8f544c
bumped to gloang 1.14.0 ( #594 )
...
Signed-off-by: Daniel Sutton <daniel@ducksecops.uk>
Co-authored-by: Liz Rice <liz@lizrice.com>
2020-03-16 13:18:27 +00:00
Huang Huang
17cd104788
Fixes issue #574 : change the PATH in container ( #577 )
...
* Fixes issue #574 : change the PATH in container
And change to use `/usr/local/mount-from-host/bin` as mount path.
Fixes #574
* Fix integration tests
2020-02-12 12:18:44 -05:00
Manuel Rüger
27d326614f
Dockerfile: Use go 1.13 and alpine 3.11 bases ( #560 )
...
Co-authored-by: Liz Rice <liz@lizrice.com>
2020-01-14 14:55:11 +00:00
Roberto Rojas
13193d75b0
Fixes Issue #535 ( #537 )
...
* isEtcd should not run on openshift 3.10/3.11
* adds openssl
* fixed tests
* fixes bugs
* adds isEtcd tests
2019-12-13 10:09:30 -05:00
gy741
230d286708
Use COPY instead of ADD in Dockerfile ( #502 )
2019-11-27 11:25:19 -05:00
Roberto Rojas
91dfeb7577
passes KUBEBENCH_VERSION down to Dockerfile ( #428 )
2019-10-12 18:53:17 -04:00