diff --git a/.github/workflows/build-test-dev.yml b/.github/workflows/build-test-dev.yml index bf8b94b..961d2ba 100644 --- a/.github/workflows/build-test-dev.yml +++ b/.github/workflows/build-test-dev.yml @@ -81,6 +81,31 @@ jobs: - name: Build image and push GitHub Container Registry run: make docker-push + + - name: Run Whitesource Action + uses: SolaceDev/Mend-Scan-GHA@v1.0.0 + with: + wssURL: https://saas.whitesourcesoftware.com/agent + apiKey: ${{ secrets.WSS_API_KEY }} + productName: 'pubsubplus-kubernetes-operator' + projectName: 'pubsubplus-kubernetes-operator' + configFile: 'ci/whitesource/whitesource-agent.config' + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: ghcr.io/solacedev/pubsubplus-eventbroker-operator:1.0.2-dev + format: 'sarif' + severity: 'CRITICAL,HIGH' + output: 'trivy-results.sarif' + + - name: Uploads Trivy Scan Reports + if: ${{ always() }} + uses: actions/upload-artifact@v2 + with: + path: | + trivy-results.sarif + int-minimal-non-ha: # if: ${{ false }} # disable for now needs: build diff --git a/.github/workflows/prep-release.yml b/.github/workflows/prep-release.yml index 6083856..39ee4b6 100644 --- a/.github/workflows/prep-release.yml +++ b/.github/workflows/prep-release.yml @@ -4,7 +4,7 @@ on: release_tag: description: 'Release tag' required: true - default: '1.0.1-dev' + default: '1.0.2-dev' prep_internal_release: # Need to distinguish between internal and external releases # Internal release: Will use default internal location for created images (ghcr.io) and will tag and push operator candidate there @@ -114,7 +114,7 @@ jobs: docker push `echo $CATALOG | awk '{print $1}'`:latest - name: Run Whitesource Action - uses: mercari/Whitesource-Scan-Action@v1.0.0 + uses: SolaceDev/Mend-Scan-GHA@v1.0.0 with: wssURL: https://saas.whitesourcesoftware.com/agent apiKey: ${{ secrets.WSS_API_KEY }} diff --git a/Dockerfile b/Dockerfile index 870d386..0199822 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,12 +19,14 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest + +RUN microdnf install -y curl-minimal-7.76.1-26.el9_3.2 libcurl-minimal-7.76.1-26.el9_3.2 LABEL name="solace/pubsubplus-eventbroker-operator" LABEL vendor="Solace Corporation" -LABEL version="1.0.1" -LABEL release="1.0.1" +LABEL version="1.0.2" +LABEL release="1.0.2" LABEL summary="Solace PubSub+ Event Broker Kubernetes Operator" LABEL description="The Solace PubSub+ Event Broker Kubernetes Operator deploys and manages the lifecycle of PubSub+ Event Brokers" diff --git a/Makefile b/Makefile index 4642dd3..c821560 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ # To re-generate a bundle for another specific version without changing the standard setup, you can: # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) -VERSION ?= 1.0.1-dev +VERSION ?= 1.0.2-dev # API_VERSION defines the API version for the PubSubPlusEventBroker CRD API_VERSION ?= v1beta1 diff --git a/THIRD-PARTY-LICENSES.md b/THIRD-PARTY-LICENSES.md index 7d0692c..8840000 100644 --- a/THIRD-PARTY-LICENSES.md +++ b/THIRD-PARTY-LICENSES.md @@ -5568,7 +5568,7 @@ THE SOFTWARE. * Name: golang.org/x/crypto/pkcs12 -* License: [BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.1.0:LICENSE) +* License: [BSD-3-Clause](https://cs.opensource.google/go/x/crypto/+/v0.14.0:LICENSE) LICENSE REQUIREMENTS & SPECIFICATIONS ====================================== @@ -5605,7 +5605,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Name: golang.org/x/net -* License: [BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.7.0:LICENSE) +* License: [BSD-3-Clause](https://cs.opensource.google/go/x/net/+/v0.17.0:LICENSE) LICENSE REQUIREMENTS & SPECIFICATIONS ====================================== @@ -5679,7 +5679,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Name: golang.org/x/sys/unix -* License: [BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.5.0:LICENSE) +* License: [BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.13.0:LICENSE) LICENSE REQUIREMENTS & SPECIFICATIONS ====================================== @@ -5716,7 +5716,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Name: golang.org/x/term -* License: [BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.5.0:LICENSE) +* License: [BSD-3-Clause](https://cs.opensource.google/go/x/term/+/v0.13.0:LICENSE) LICENSE REQUIREMENTS & SPECIFICATIONS ====================================== @@ -5753,7 +5753,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * Name: golang.org/x/text -* License: [BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.7.0:LICENSE) +* License: [BSD-3-Clause](https://cs.opensource.google/go/x/text/+/v0.13.0:LICENSE) LICENSE REQUIREMENTS & SPECIFICATIONS ====================================== diff --git a/bundle/manifests/pubsubplus-eventbroker-operator.clusterserviceversion.yaml b/bundle/manifests/pubsubplus-eventbroker-operator.clusterserviceversion.yaml index 356145d..6e7f8ae 100644 --- a/bundle/manifests/pubsubplus-eventbroker-operator.clusterserviceversion.yaml +++ b/bundle/manifests/pubsubplus-eventbroker-operator.clusterserviceversion.yaml @@ -20,8 +20,8 @@ metadata: certified: "true" com.redhat.delivery.operator.bundle: "true" com.redhat.openshift.versions: v4.10 - containerImage: docker.io/solace/pubsubplus-eventbroker-operator:1.0.1 - createdAt: "2023-09-13T10:40:30Z" + containerImage: docker.io/solace/pubsubplus-eventbroker-operator:1.0.2 + createdAt: "2023-11-14T16:30:42Z" description: The Solace PubSub+ Event Broker Operator deploys and manages the lifecycle of PubSub+ Event Brokers operators.openshift.io/valid-subscription: '[]' @@ -29,7 +29,7 @@ metadata: operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/SolaceProducts/pubsubplus-kubernetes-quickstart support: Solace Products - name: pubsubplus-eventbroker-operator.v1.0.1 + name: pubsubplus-eventbroker-operator.v1.0.2 namespace: placeholder spec: apiservicedefinitions: {} @@ -296,7 +296,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - image: docker.io/solace/pubsubplus-eventbroker-operator:1.0.1 + image: docker.io/solace/pubsubplus-eventbroker-operator:1.0.2 imagePullPolicy: Always livenessProbe: httpGet: @@ -411,4 +411,4 @@ spec: provider: name: Solace Corporation url: www.solace.com - version: 1.0.1 + version: 1.0.2 diff --git a/bundle/manifests/pubsubplus.solace.com_pubsubpluseventbrokers.yaml b/bundle/manifests/pubsubplus.solace.com_pubsubpluseventbrokers.yaml index a7b5141..a85e821 100644 --- a/bundle/manifests/pubsubplus.solace.com_pubsubpluseventbrokers.yaml +++ b/bundle/manifests/pubsubplus.solace.com_pubsubpluseventbrokers.yaml @@ -4,7 +4,7 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 labels: - app.kubernetes.io/version: v1.0.1 + app.kubernetes.io/version: v1.0.2 name: pubsubpluseventbrokers.pubsubplus.solace.com spec: group: pubsubplus.solace.com diff --git a/ci/whitesource/whitesource-agent.config b/ci/whitesource/whitesource-agent.config index 1a776b4..0c7d8d2 100644 --- a/ci/whitesource/whitesource-agent.config +++ b/ci/whitesource/whitesource-agent.config @@ -45,7 +45,7 @@ projectVersion= projectToken= productName=pubsubplus-kubernetes-operator -productVersion=v1.0.1 +productVersion=v1.0.2 productToken= updateType=OVERRIDE #requesterEmail=user@provider.com diff --git a/deploy/deploy.yaml b/deploy/deploy.yaml index 806c2e4..5f696c2 100644 --- a/deploy/deploy.yaml +++ b/deploy/deploy.yaml @@ -1881,7 +1881,7 @@ spec: env: - name: WATCH_NAMESPACE value: "" - image: docker.io/solace/pubsubplus-eventbroker-operator:1.0.1 + image: docker.io/solace/pubsubplus-eventbroker-operator:1.0.2 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/go.mod b/go.mod index e57da17..bc91a62 100644 --- a/go.mod +++ b/go.mod @@ -59,14 +59,14 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.19.1 - golang.org/x/crypto v0.1.0 // indirect - golang.org/x/net v0.7.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/term v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect - golang.org/x/tools v0.1.12 // indirect + golang.org/x/tools v0.6.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.27.1 // indirect diff --git a/go.sum b/go.sum index 5c5c500..266abbf 100644 --- a/go.sum +++ b/go.sum @@ -526,8 +526,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -613,8 +613,8 @@ golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -706,12 +706,12 @@ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -721,8 +721,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -788,8 +788,8 @@ golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= -golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/version.go b/version.go index fec03ba..d23d365 100644 --- a/version.go +++ b/version.go @@ -15,4 +15,4 @@ // limitations under the License. package main -const version = "1.0.1" +const version = "1.0.2"