From 4a3cbf69cb62f40f8798648afc45f94cb8f49708 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Mon, 16 Mar 2026 21:25:24 +0000 Subject: [PATCH 01/13] add arm64 testing infra --- .github/workflows/go-ci.yml | 2 +- .github/workflows/go-e2e-debian.yaml | 40 +++++++++++++++++----------- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/.github/workflows/go-ci.yml b/.github/workflows/go-ci.yml index e9029c36282..459f8b7dde7 100644 --- a/.github/workflows/go-ci.yml +++ b/.github/workflows/go-ci.yml @@ -40,7 +40,7 @@ jobs: strategy: matrix: go-version: [1.25.x] - os: [ubuntu-latest, windows-2022, macos-latest] + os: [ubuntu-latest, ubuntu-24.04-arm, windows-2022, macos-latest] runs-on: ${{ matrix.os }} steps: - name: Set up Go diff --git a/.github/workflows/go-e2e-debian.yaml b/.github/workflows/go-e2e-debian.yaml index beb10b18c45..51ac0f1129a 100644 --- a/.github/workflows/go-e2e-debian.yaml +++ b/.github/workflows/go-e2e-debian.yaml @@ -5,14 +5,26 @@ on: branches: [master] jobs: - e2e-debian-tests: - name: e2e-debian-tests + e2e-tests: + name: e2e-tests-${{ matrix.config.tag_suffix }} strategy: fail-fast: false matrix: go-version: [1.25.x] - os: [ubuntu-latest] - runs-on: ${{ matrix.os }} + config: + - os: ubuntu-latest + platform: linux/amd64 + dockerfile: docker/Dockerfile.debian + tag_suffix: debian-amd64 + - os: ubuntu-latest + platform: linux/amd64 + dockerfile: Dockerfile + tag_suffix: default-amd64 + - os: ubuntu-24.04-arm + platform: linux/arm64 + dockerfile: Dockerfile + tag_suffix: default-arm64 + runs-on: ${{ matrix.config.os }} steps: - name: Cancel Previous Runs uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1 @@ -47,10 +59,11 @@ jobs: uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.ref }} + key: ${{ runner.os }}-buildx-${{ matrix.config.tag_suffix }}-${{ github.ref }} restore-keys: | - ${{ runner.os }}-buildx-${{ github.ref }} + ${{ runner.os }}-buildx-${{ matrix.config.tag_suffix }}-${{ github.ref }} - name: Append Entrypoint in dockerfile + if: matrix.config.dockerfile == 'docker/Dockerfile.debian' run: | echo "ENTRYPOINT [\"/app/bin/kics\"]" >> docker/Dockerfile.debian - name: Get short SHA @@ -61,10 +74,11 @@ jobs: with: load: true context: ./ - file: ./docker/Dockerfile.debian + file: ./${{ matrix.config.dockerfile }} builder: ${{ steps.buildx.outputs.name }} push: false - tags: kics:e2e-debian-tests-${{ github.sha }} + tags: kics:e2e-${{ matrix.config.tag_suffix }}-${{ github.sha }} + platforms: ${{ matrix.config.platform }} build-args: | VERSION=development COMMIT=${{ github.sha }} @@ -81,27 +95,23 @@ jobs: sudo chmod -R 777 ./e2e - name: Run E2E Tests env: - E2E_KICS_DOCKER: kics:e2e-debian-tests-${{ github.sha }} + E2E_KICS_DOCKER: kics:e2e-${{ matrix.config.tag_suffix }}-${{ github.sha }} E2E_KICS_QUERIES_PATH: ${{ steps.getbin.outputs.queries }} run: | go test -tags dev "github.com/Checkmarx/kics/v2/e2e" -timeout 1500s -json > results.json - name: Generate E2E Report if: always() env: - E2E_KICS_DOCKERFILE: docker/Dockerfile.debian + E2E_KICS_DOCKERFILE: ${{ matrix.config.dockerfile }} run: | CWD=$(pwd) cd .github/scripts/report go mod tidy go build ./e2e-report -test-path ${CWD} -test-name results.json -report-path ${CWD} -report-name e2e-report.html - - name: Get docker name - run: | - DOCKER_NAME=$(echo docker/Dockerfile.debian | sed 's/\//-/') - name: Archive test report if: always() uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: - name: e2e-tests-report-dockerfile-$DOCKER_NAME + name: e2e-tests-report-${{ matrix.config.tag_suffix }} path: e2e-report.html - # dummy From 7cd86d7e40a53cda4da85b42b02201738ad740af Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:23:40 +0000 Subject: [PATCH 02/13] add arm64 testing infra --- .github/workflows/go-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/go-ci.yml b/.github/workflows/go-ci.yml index 459f8b7dde7..10441389326 100644 --- a/.github/workflows/go-ci.yml +++ b/.github/workflows/go-ci.yml @@ -88,7 +88,7 @@ jobs: if: always() uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: - name: unit-test-${{ runner.os }}-${{ github.event.pull_request.head.sha }}.log + name: unit-test-${{ matrix.os }}-${{ github.event.pull_request.head.sha }}.log path: unit-test.log security-scan: name: security-scan From cb0e7aef805e64aa580991bc3817be78589b6033 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Mon, 16 Mar 2026 22:36:28 +0000 Subject: [PATCH 03/13] bump images --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index a9ce17650fe..6b9c0685fd6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM checkmarx/go:1.26.0-r0@sha256:bbc945863cdee21f4bab2e80b4bd481cfee5c13ece8e576136bc478a5f6ad34d AS build_env +FROM checkmarx/go:1.26.1-r1@sha256:3984b97600a32d5a9ff14cc4b8029572a762082d98fb9788bbc4050d4f45d9d2 AS build_env # Copy the source from the current directory to the Working Directory inside the container WORKDIR /app @@ -29,7 +29,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build \ # Runtime image # Ignore no User Cmd since KICS container is stopped afer scan # kics-scan ignore-line -FROM checkmarx/git:2.53.0-r0@sha256:f46c18d1ae724ca35faa4884289e8203294e52cafb17717e3875ab2c636a0a7e +FROM checkmarx/git:2.53.0-r0@sha256:6f398e9772fc0271cbdd77b065a09c9244004fbda17c1c58ba01b412a4292bde ENV TERM xterm-256color @@ -50,4 +50,4 @@ USER root ENV PATH $PATH:/app/bin # Command to run the executable -ENTRYPOINT ["/app/bin/kics"] \ No newline at end of file +ENTRYPOINT ["/app/bin/kics"] From fd68776f8c3ad1ac578bbd40441a8d6b2dd40b82 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Tue, 17 Mar 2026 11:03:52 +0000 Subject: [PATCH 04/13] ci From ba91af7dbfd071c2bebe1c0e96e25fa861cb2289 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Tue, 17 Mar 2026 12:24:53 +0000 Subject: [PATCH 05/13] update e2e infra --- .github/workflows/go-e2e-debian.yaml | 8 ++--- .github/workflows/go-e2e.yaml | 51 +++++++++++++++++++--------- 2 files changed, 37 insertions(+), 22 deletions(-) diff --git a/.github/workflows/go-e2e-debian.yaml b/.github/workflows/go-e2e-debian.yaml index 51ac0f1129a..4458f6e498a 100644 --- a/.github/workflows/go-e2e-debian.yaml +++ b/.github/workflows/go-e2e-debian.yaml @@ -16,14 +16,10 @@ jobs: platform: linux/amd64 dockerfile: docker/Dockerfile.debian tag_suffix: debian-amd64 - - os: ubuntu-latest - platform: linux/amd64 - dockerfile: Dockerfile - tag_suffix: default-amd64 - os: ubuntu-24.04-arm platform: linux/arm64 - dockerfile: Dockerfile - tag_suffix: default-arm64 + dockerfile: docker/Dockerfile.debian + tag_suffix: debian-arm64 runs-on: ${{ matrix.config.os }} steps: - name: Cancel Previous Runs diff --git a/.github/workflows/go-e2e.yaml b/.github/workflows/go-e2e.yaml index 9f9813ae8e2..96e976865ca 100644 --- a/.github/workflows/go-e2e.yaml +++ b/.github/workflows/go-e2e.yaml @@ -6,14 +6,37 @@ on: jobs: e2e-tests: - name: e2e-tests + name: e2e-tests-${{ matrix.config.tag_suffix }} strategy: fail-fast: false matrix: go-version: [1.25.x] - os: [ubuntu-latest] - kics-docker: ["Dockerfile", "docker/Dockerfile.ubi8", "docker/Dockerfile.alpine"] - runs-on: ${{ matrix.os }} + config: + - os: ubuntu-latest + platform: linux/amd64 + dockerfile: Dockerfile + tag_suffix: default-amd64 + - os: ubuntu-latest + platform: linux/amd64 + dockerfile: docker/Dockerfile.ubi8 + tag_suffix: ubi8-amd64 + - os: ubuntu-latest + platform: linux/amd64 + dockerfile: docker/Dockerfile.alpine + tag_suffix: alpine-amd64 + - os: ubuntu-24.04-arm + platform: linux/arm64 + dockerfile: Dockerfile + tag_suffix: default-arm64 + - os: ubuntu-24.04-arm + platform: linux/arm64 + dockerfile: docker/Dockerfile.ubi8 + tag_suffix: ubi8-arm64 + - os: ubuntu-24.04-arm + platform: linux/arm64 + dockerfile: docker/Dockerfile.alpine + tag_suffix: alpine-arm64 + runs-on: ${{ matrix.config.os }} steps: - name: Cancel Previous Runs uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1 @@ -48,9 +71,9 @@ jobs: uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.ref }} + key: ${{ runner.os }}-buildx-${{ matrix.config.tag_suffix }}-${{ github.ref }} restore-keys: | - ${{ runner.os }}-buildx-${{ github.ref }} + ${{ runner.os }}-buildx-${{ matrix.config.tag_suffix }}-${{ github.ref }} - name: Get short SHA run: echo "GITHUB_SHA_SHORT=$(echo $GITHUB_SHA | cut -c 1-8)" >> $GITHUB_ENV - name: Build @@ -59,10 +82,11 @@ jobs: with: load: true context: ./ - file: ./${{ matrix.kics-docker }} + file: ./${{ matrix.config.dockerfile }} builder: ${{ steps.buildx.outputs.name }} push: false - tags: kics:e2e-tests-${{ github.sha }} + tags: kics:e2e-${{ matrix.config.tag_suffix }}-${{ github.sha }} + platforms: ${{ matrix.config.platform }} build-args: | VERSION=development COMMIT=${{ github.sha }} @@ -79,28 +103,23 @@ jobs: sudo chmod -R 777 ./e2e - name: Run E2E Tests env: - E2E_KICS_DOCKER: kics:e2e-tests-${{ github.sha }} + E2E_KICS_DOCKER: kics:e2e-${{ matrix.config.tag_suffix }}-${{ github.sha }} E2E_KICS_QUERIES_PATH: ${{ steps.getbin.outputs.queries }} run: | go test -tags dev "github.com/Checkmarx/kics/v2/e2e" -timeout 1500s -json > results.json - name: Generate E2E Report if: always() env: - E2E_KICS_DOCKERFILE: ${{ matrix.kics-docker }} + E2E_KICS_DOCKERFILE: ${{ matrix.config.dockerfile }} run: | CWD=$(pwd) cd .github/scripts/report go mod tidy go build ./e2e-report -test-path ${CWD} -test-name results.json -report-path ${CWD} -report-name e2e-report.html - - name: Get docker name - if: always() - run: | - DOCKER_NAME=$(echo ${{ matrix.kics-docker }} | sed 's/\//-/') - echo "DOCKER_NAME=$DOCKER_NAME" >> $GITHUB_ENV - name: Archive test report if: always() uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: - name: e2e-tests-report-${{ env.DOCKER_NAME }} + name: e2e-tests-report-${{ matrix.config.tag_suffix }} path: e2e-report.html From f32dac672cbe3f951eb55c8029634aca37919b24 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Tue, 17 Mar 2026 12:35:12 +0000 Subject: [PATCH 06/13] update e2e infra --- .github/workflows/go-e2e-debian.yaml | 1 + .github/workflows/go-e2e.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/go-e2e-debian.yaml b/.github/workflows/go-e2e-debian.yaml index 4458f6e498a..2da12ca07b6 100644 --- a/.github/workflows/go-e2e-debian.yaml +++ b/.github/workflows/go-e2e-debian.yaml @@ -78,6 +78,7 @@ jobs: build-args: | VERSION=development COMMIT=${{ github.sha }} + BUILDPLATFORM=${{ matrix.config.platform }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest diff --git a/.github/workflows/go-e2e.yaml b/.github/workflows/go-e2e.yaml index 96e976865ca..d6b6a2ab246 100644 --- a/.github/workflows/go-e2e.yaml +++ b/.github/workflows/go-e2e.yaml @@ -90,6 +90,7 @@ jobs: build-args: | VERSION=development COMMIT=${{ github.sha }} + BUILDPLATFORM=${{ matrix.config.platform }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest From e9a76c048c8a5779bd96a7824d694ebfec0bd152 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Tue, 17 Mar 2026 14:33:47 +0000 Subject: [PATCH 07/13] improve docker ubi 8 to support arm --- .github/workflows/go-e2e.yaml | 7 +++++++ .github/workflows/release-dkr-image.yml | 2 +- docker/Dockerfile.ubi8 | 11 +++++++---- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/.github/workflows/go-e2e.yaml b/.github/workflows/go-e2e.yaml index d6b6a2ab246..61345181bc6 100644 --- a/.github/workflows/go-e2e.yaml +++ b/.github/workflows/go-e2e.yaml @@ -14,26 +14,32 @@ jobs: config: - os: ubuntu-latest platform: linux/amd64 + build-arch: amd64 dockerfile: Dockerfile tag_suffix: default-amd64 - os: ubuntu-latest platform: linux/amd64 + build-arch: amd64 dockerfile: docker/Dockerfile.ubi8 tag_suffix: ubi8-amd64 - os: ubuntu-latest platform: linux/amd64 + build-arch: amd64 dockerfile: docker/Dockerfile.alpine tag_suffix: alpine-amd64 - os: ubuntu-24.04-arm platform: linux/arm64 + build-arch: arm64 dockerfile: Dockerfile tag_suffix: default-arm64 - os: ubuntu-24.04-arm platform: linux/arm64 + build-arch: arm64 dockerfile: docker/Dockerfile.ubi8 tag_suffix: ubi8-arm64 - os: ubuntu-24.04-arm platform: linux/arm64 + build-arch: arm64 dockerfile: docker/Dockerfile.alpine tag_suffix: alpine-arm64 runs-on: ${{ matrix.config.os }} @@ -91,6 +97,7 @@ jobs: VERSION=development COMMIT=${{ github.sha }} BUILDPLATFORM=${{ matrix.config.platform }} + BUILDARCH=${{ matrix.config.build-arch }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest diff --git a/.github/workflows/release-dkr-image.yml b/.github/workflows/release-dkr-image.yml index 892b0ed28fb..f56b1c0ab61 100644 --- a/.github/workflows/release-dkr-image.yml +++ b/.github/workflows/release-dkr-image.yml @@ -118,7 +118,7 @@ jobs: file: ./docker/Dockerfile.ubi8 push: true tags: checkmarx/kics:ubi8,checkmarx/kics:${{ steps.get-version.outputs.version }}-ubi8 - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64 build-args: | VERSION=${{ steps.get-version.outputs.version }} COMMIT=${{ github.sha }} diff --git a/docker/Dockerfile.ubi8 b/docker/Dockerfile.ubi8 index e9caa31353f..91f78f697de 100644 --- a/docker/Dockerfile.ubi8 +++ b/docker/Dockerfile.ubi8 @@ -4,10 +4,13 @@ WORKDIR /build ENV PATH=$PATH:/usr/local/go/bin -ADD https://golang.org/dl/go1.25.7.linux-amd64.tar.gz . -RUN yum install git gcc -y \ - && rm -rf /usr/local/go && tar -C /usr/local -xzf go1.25.7.linux-amd64.tar.gz \ - && rm -f go1.25.7.linux-amd64.tar.gz +ARG BUILDPLATFORM=linux/amd64 +RUN ARCH=$(echo ${BUILDPLATFORM} | cut -d'/' -f2) \ + && yum install git gcc wget -y \ + && rm -rf /usr/local/go \ + && wget -q https://golang.org/dl/go1.25.7.linux-${ARCH}.tar.gz \ + && tar -C /usr/local -xzf go1.25.7.linux-${ARCH}.tar.gz \ + && rm -f go1.25.7.linux-${ARCH}.tar.gz ENV GOPRIVATE=github.com/Checkmarx/* ARG VERSION="development" From a10e85920f8aeb11caf9b414dfae5d5155ca1e9e Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Wed, 18 Mar 2026 11:00:04 +0000 Subject: [PATCH 08/13] improve docker ubi 8 to support arm --- docker/Dockerfile.ubi8 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docker/Dockerfile.ubi8 b/docker/Dockerfile.ubi8 index 91f78f697de..52300fb547d 100644 --- a/docker/Dockerfile.ubi8 +++ b/docker/Dockerfile.ubi8 @@ -1,11 +1,10 @@ -FROM --platform=${BUILDPLATFORM:-linux/amd64} registry.access.redhat.com/ubi8:latest AS build_env +FROM --platform=${TARGETARCH:-linux/amd64} registry.access.redhat.com/ubi8:latest AS build_env WORKDIR /build ENV PATH=$PATH:/usr/local/go/bin -ARG BUILDPLATFORM=linux/amd64 -RUN ARCH=$(echo ${BUILDPLATFORM} | cut -d'/' -f2) \ +RUN ARCH=$(echo ${TARGETARCH} | cut -d'/' -f2) \ && yum install git gcc wget -y \ && rm -rf /usr/local/go \ && wget -q https://golang.org/dl/go1.25.7.linux-${ARCH}.tar.gz \ From de9f760f984e36ebccc5ef05652ce3fd0e58a714 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Wed, 18 Mar 2026 16:25:58 +0000 Subject: [PATCH 09/13] improve docker ubi 8 to support arm --- .github/workflows/go-e2e.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/go-e2e.yaml b/.github/workflows/go-e2e.yaml index 61345181bc6..96e976865ca 100644 --- a/.github/workflows/go-e2e.yaml +++ b/.github/workflows/go-e2e.yaml @@ -14,32 +14,26 @@ jobs: config: - os: ubuntu-latest platform: linux/amd64 - build-arch: amd64 dockerfile: Dockerfile tag_suffix: default-amd64 - os: ubuntu-latest platform: linux/amd64 - build-arch: amd64 dockerfile: docker/Dockerfile.ubi8 tag_suffix: ubi8-amd64 - os: ubuntu-latest platform: linux/amd64 - build-arch: amd64 dockerfile: docker/Dockerfile.alpine tag_suffix: alpine-amd64 - os: ubuntu-24.04-arm platform: linux/arm64 - build-arch: arm64 dockerfile: Dockerfile tag_suffix: default-arm64 - os: ubuntu-24.04-arm platform: linux/arm64 - build-arch: arm64 dockerfile: docker/Dockerfile.ubi8 tag_suffix: ubi8-arm64 - os: ubuntu-24.04-arm platform: linux/arm64 - build-arch: arm64 dockerfile: docker/Dockerfile.alpine tag_suffix: alpine-arm64 runs-on: ${{ matrix.config.os }} @@ -96,8 +90,6 @@ jobs: build-args: | VERSION=development COMMIT=${{ github.sha }} - BUILDPLATFORM=${{ matrix.config.platform }} - BUILDARCH=${{ matrix.config.build-arch }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest From 01dc8ce242c0dac3410f82901a4c9bc5ff1d4b21 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Thu, 19 Mar 2026 12:12:12 +0000 Subject: [PATCH 10/13] improve docker ubi 8 to support arm --- docker/Dockerfile.ubi8 | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/docker/Dockerfile.ubi8 b/docker/Dockerfile.ubi8 index 52300fb547d..9bb12ff2deb 100644 --- a/docker/Dockerfile.ubi8 +++ b/docker/Dockerfile.ubi8 @@ -1,15 +1,19 @@ -FROM --platform=${TARGETARCH:-linux/amd64} registry.access.redhat.com/ubi8:latest AS build_env +FROM registry.access.redhat.com/ubi8:latest AS build_env + +ARG TARGETOS +ARG TARGETARCH WORKDIR /build ENV PATH=$PATH:/usr/local/go/bin -RUN ARCH=$(echo ${TARGETARCH} | cut -d'/' -f2) \ - && yum install git gcc wget -y \ +RUN echo "Installing Go 1.25.7 for ${TARGETARCH:-amd64} architecture" + +RUN yum install git gcc wget -y \ && rm -rf /usr/local/go \ - && wget -q https://golang.org/dl/go1.25.7.linux-${ARCH}.tar.gz \ - && tar -C /usr/local -xzf go1.25.7.linux-${ARCH}.tar.gz \ - && rm -f go1.25.7.linux-${ARCH}.tar.gz + && wget -q https://golang.org/dl/go1.25.7.linux-${TARGETARCH:-amd64}.tar.gz \ + && tar -C /usr/local -xzf go1.25.7.linux-${TARGETARCH:-amd64}.tar.gz \ + && rm -f go1.25.7.linux-${TARGETARCH:-amd64}.tar.gz ENV GOPRIVATE=github.com/Checkmarx/* ARG VERSION="development" @@ -17,9 +21,6 @@ ARG COMMIT="NOCOMMIT" ARG SENTRY_DSN="" ARG DESCRIPTIONS_URL="" -ARG TARGETOS -ARG TARGETARCH - # Copy go mod and sum files COPY go.mod . COPY go.sum . @@ -38,6 +39,9 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build \ FROM registry.access.redhat.com/ubi8:latest +ARG RELEASE +ARG VERSION + ENV RELEASE=$RELEASE \ VERSION=$VERSION @@ -57,7 +61,7 @@ ARG UID=1000 ARG GID=1000 RUN yum install git wget unzip -y \ - && groupadd -g ${UID} ${KGROUP} \ + && groupadd -g ${GID} ${KGROUP} \ && adduser \ --home-dir /app/bin \ --no-create-home \ From f80c1e45ff6cbe9aec30350f7fa24194cdb1cc41 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Fri, 20 Mar 2026 18:09:57 +0000 Subject: [PATCH 11/13] fix vulnerabilities --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6b9c0685fd6..7b814fe35d4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM checkmarx/go:1.26.1-r1@sha256:3984b97600a32d5a9ff14cc4b8029572a762082d98fb9788bbc4050d4f45d9d2 AS build_env +FROM checkmarx/go:1.26.1-r1@sha256:7eaab909cc0aca91eaa4dde0171ef12d03bcad437eea651ceebb70b0f63c5dee AS build_env # Copy the source from the current directory to the Working Directory inside the container WORKDIR /app @@ -29,7 +29,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build \ # Runtime image # Ignore no User Cmd since KICS container is stopped afer scan # kics-scan ignore-line -FROM checkmarx/git:2.53.0-r0@sha256:6f398e9772fc0271cbdd77b065a09c9244004fbda17c1c58ba01b412a4292bde +FROM checkmarx/git:2.53.0-r0sha256:36de24faffc5abca400a8f3bdb178bedca1f359ca98262b0400af6c77c5858af ENV TERM xterm-256color From ec1d17e743e2a5e5cd6db559e8b563e1de81de07 Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Fri, 20 Mar 2026 18:23:14 +0000 Subject: [PATCH 12/13] fix vulnerabilities --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 7b814fe35d4..13fb61653a3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,7 +29,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build \ # Runtime image # Ignore no User Cmd since KICS container is stopped afer scan # kics-scan ignore-line -FROM checkmarx/git:2.53.0-r0sha256:36de24faffc5abca400a8f3bdb178bedca1f359ca98262b0400af6c77c5858af +FROM checkmarx/git:2.53.0-r0@sha256:36de24faffc5abca400a8f3bdb178bedca1f359ca98262b0400af6c77c5858af ENV TERM xterm-256color From ffe7cd22ce1c17c7a4768dd539d11023b02c44fe Mon Sep 17 00:00:00 2001 From: cx-miguel-silva <100352574+cx-miguel-silva@users.noreply.github.com> Date: Fri, 20 Mar 2026 18:28:05 +0000 Subject: [PATCH 13/13] fix vulnerabilities --- go.mod | 32 +++++++++++++-------------- go.sum | 68 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 50 insertions(+), 50 deletions(-) diff --git a/go.mod b/go.mod index aaff9b63c99..edd30cfab39 100644 --- a/go.mod +++ b/go.mod @@ -40,8 +40,8 @@ require ( github.com/yargevad/filepathx v1.0.0 github.com/zclconf/go-cty v1.16.2 golang.org/x/exp v0.0.0-20250911091902-df9299821621 - golang.org/x/net v0.47.0 - golang.org/x/text v0.31.0 + golang.org/x/net v0.48.0 + golang.org/x/text v0.32.0 golang.org/x/tools/godoc v0.1.0-deprecated gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.19.4 @@ -50,7 +50,7 @@ require ( ) require ( - cel.dev/expr v0.24.0 // indirect + cel.dev/expr v0.25.1 // indirect cloud.google.com/go v0.116.0 // indirect cloud.google.com/go/auth v0.13.0 // indirect cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect @@ -81,14 +81,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 // indirect github.com/aws/smithy-go v1.22.5 // indirect github.com/blang/semver/v4 v4.0.0 // indirect - github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f // indirect + github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5 // indirect github.com/containerd/errdefs v1.0.0 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/platforms v1.0.0-rc.2 // indirect github.com/containerd/typeurl/v2 v2.2.3 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect - github.com/envoyproxy/go-control-plane/envoy v1.35.0 // indirect - github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect + github.com/envoyproxy/go-control-plane/envoy v1.36.0 // indirect + github.com/envoyproxy/protoc-gen-validate v1.3.0 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fxamacker/cbor/v2 v2.9.0 // indirect @@ -130,7 +130,7 @@ require ( github.com/x448/float16 v0.8.4 // indirect go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect - go.opentelemetry.io/contrib/detectors/gcp v1.38.0 // indirect + go.opentelemetry.io/contrib/detectors/gcp v1.39.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect go.opentelemetry.io/otel v1.40.0 // indirect @@ -140,12 +140,12 @@ require ( go.opentelemetry.io/otel/trace v1.40.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/mod v0.29.0 // indirect - golang.org/x/tools v0.38.0 // indirect + golang.org/x/mod v0.30.0 // indirect + golang.org/x/tools v0.39.0 // indirect google.golang.org/api v0.215.0 // indirect google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20251022142026-3a174f9686a8 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect oras.land/oras-go/v2 v2.6.0 // indirect sigs.k8s.io/randfill v1.0.0 // indirect @@ -243,13 +243,13 @@ require ( github.com/xlab/treeprint v1.2.0 // indirect github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect - golang.org/x/crypto v0.45.0 // indirect - golang.org/x/oauth2 v0.32.0 // indirect - golang.org/x/sync v0.18.0 // indirect + golang.org/x/crypto v0.46.0 // indirect + golang.org/x/oauth2 v0.34.0 // indirect + golang.org/x/sync v0.19.0 // indirect golang.org/x/sys v0.40.0 // indirect - golang.org/x/term v0.37.0 // indirect + golang.org/x/term v0.38.0 // indirect golang.org/x/time v0.14.0 // indirect - google.golang.org/grpc v1.77.0 // indirect + google.golang.org/grpc v1.79.3 // indirect google.golang.org/protobuf v1.36.10 // indirect gopkg.in/inf.v0 v0.9.1 // indirect k8s.io/api v0.34.2 diff --git a/go.sum b/go.sum index a85e7ea176a..9cdf26baf58 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY= -cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw= +cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4= +cel.dev/expr v0.25.1/go.mod h1:hrXvqGP6G6gyx8UAHSHJ5RGk//1Oj5nXQ2NI02Nrsg4= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.116.0 h1:B3fRrSDkLRt5qSHWe40ERJvhvnQwdZiHu0bJOpldweE= cloud.google.com/go v0.116.0/go.mod h1:cEPSRWPzZEswwdr9BxE6ChEn01dWlTaF05LiC2Xs70U= @@ -138,8 +138,8 @@ github.com/cheggaaa/pb/v3 v3.1.7 h1:2FsIW307kt7A/rz/ZI2lvPO+v3wKazzE4K/0LtTWsOI= github.com/cheggaaa/pb/v3 v3.1.7/go.mod h1:/Ji89zfVPeC/u5j8ukD0MBPHt2bzTYp74lQ7KlgFWTQ= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f h1:Y8xYupdHxryycyPlc9Y+bSQAYZnetRJ70VMVKm5CKI0= -github.com/cncf/xds/go v0.0.0-20251022180443-0feb69152e9f/go.mod h1:HlzOvOjVBOfTGSRXRyY0OiCS/3J1akRGQQpRO/7zyF4= +github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5 h1:6xNmx7iTtyBRev0+D/Tv1FZd4SCg8axKApyNyRsAt/w= +github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5/go.mod h1:KdCmV+x/BuvyMxRnYBlmVaq4OLiKW6iRQfvC62cvdkI= github.com/containerd/containerd v1.7.30 h1:/2vezDpLDVGGmkUXmlNPLCCNKHJ5BbC5tJB5JNzQhqE= github.com/containerd/containerd v1.7.30/go.mod h1:fek494vwJClULlTpExsmOyKCMUAbuVjlFsJQc4/j44M= github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= @@ -194,15 +194,15 @@ github.com/emicklei/proto v1.14.0/go.mod h1:rn1FgRS/FANiZdD2djyH7TMA9jdRDcYQ9IEN github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.13.5-0.20251024222203-75eaa193e329 h1:K+fnvUM0VZ7ZFJf0n4L/BRlnsb9pL/GuDG6FqaH+PwM= -github.com/envoyproxy/go-control-plane v0.13.5-0.20251024222203-75eaa193e329/go.mod h1:Alz8LEClvR7xKsrq3qzoc4N0guvVNSS8KmSChGYr9hs= -github.com/envoyproxy/go-control-plane/envoy v1.35.0 h1:ixjkELDE+ru6idPxcHLj8LBVc2bFP7iBytj353BoHUo= -github.com/envoyproxy/go-control-plane/envoy v1.35.0/go.mod h1:09qwbGVuSWWAyN5t/b3iyVfz5+z8QWGrzkoqm/8SbEs= +github.com/envoyproxy/go-control-plane v0.14.0 h1:hbG2kr4RuFj222B6+7T83thSPqLjwBIfQawTkC++2HA= +github.com/envoyproxy/go-control-plane v0.14.0/go.mod h1:NcS5X47pLl/hfqxU70yPwL9ZMkUlwlKxtAohpi2wBEU= +github.com/envoyproxy/go-control-plane/envoy v1.36.0 h1:yg/JjO5E7ubRyKX3m07GF3reDNEnfOboJ0QySbH736g= +github.com/envoyproxy/go-control-plane/envoy v1.36.0/go.mod h1:ty89S1YCCVruQAm9OtKeEkQLTb+Lkz0k8v9W0Oxsv98= github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 h1:/G9QYbddjL25KvtKTv3an9lx6VBE2cnb8wp1vEGNYGI= github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v1.2.1 h1:DEo3O99U8j4hBFwbJfrz9VtgcDfUKS7KJ7spH3d86P8= -github.com/envoyproxy/protoc-gen-validate v1.2.1/go.mod h1:d/C80l/jxXLdfEIhX1W2TmLfsJ31lvEjwamM4DxlWXU= +github.com/envoyproxy/protoc-gen-validate v1.3.0 h1:TvGH1wof4H33rezVKWSpqKz5NXWg5VPuZ0uONDT6eb4= +github.com/envoyproxy/protoc-gen-validate v1.3.0/go.mod h1:HvYl7zwPa5mffgyeTUHA9zHIH36nmrm7oCbo4YKoSWA= github.com/evanphx/json-patch v5.9.11+incompatible h1:ixHHqfcGvxhWkniF1tWxBHA0yb4Z+d1UQi45df52xW8= github.com/evanphx/json-patch v5.9.11+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= @@ -615,8 +615,8 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= go.opentelemetry.io/contrib/bridges/prometheus v0.57.0 h1:UW0+QyeyBVhn+COBec3nGhfnFe5lwB0ic1JBVjzhk0w= go.opentelemetry.io/contrib/bridges/prometheus v0.57.0/go.mod h1:ppciCHRLsyCio54qbzQv0E4Jyth/fLWDTJYfvWpcSVk= -go.opentelemetry.io/contrib/detectors/gcp v1.38.0 h1:ZoYbqX7OaA/TAikspPl3ozPI6iY6LiIY9I8cUfm+pJs= -go.opentelemetry.io/contrib/detectors/gcp v1.38.0/go.mod h1:SU+iU7nu5ud4oCb3LQOhIZ3nRLj6FNVrKgtflbaf2ts= +go.opentelemetry.io/contrib/detectors/gcp v1.39.0 h1:kWRNZMsfBHZ+uHjiH4y7Etn2FK26LAGkNFw7RHv1DhE= +go.opentelemetry.io/contrib/detectors/gcp v1.39.0/go.mod h1:t/OGqzHBa5v6RHZwrDBJ2OirWc+4q/w2fTbLZwAKjTk= go.opentelemetry.io/contrib/exporters/autoexport v0.57.0 h1:jmTVJ86dP60C01K3slFQa2NQ/Aoi7zA+wy7vMOKD9H4= go.opentelemetry.io/contrib/exporters/autoexport v0.57.0/go.mod h1:EJBheUMttD/lABFyLXhce47Wr6DPWYReCzaZiXadH7g= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 h1:q4XOmH/0opmeuJtPsbFNivyl7bCt7yRBbeEm2sC/XtQ= @@ -674,8 +674,8 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= -golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= +golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU= +golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20250911091902-df9299821621 h1:2id6c1/gto0kaHYyrixvknJ8tUK/Qs5IsmBtrc+FtgU= golang.org/x/exp v0.0.0-20250911091902-df9299821621/go.mod h1:TwQYMMnGpvZyc+JpB/UAuTNIsVJifOlSkrZkhcvpVUk= @@ -686,8 +686,8 @@ golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= -golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= +golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk= +golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -698,19 +698,19 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= +golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY= -golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= +golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= +golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -726,12 +726,12 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q= +golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= -golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= +golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU= +golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY= golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI= golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -743,8 +743,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= -golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ= +golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ= golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk= golang.org/x/tools/godoc v0.1.0-deprecated/go.mod h1:qM63CriJ961IHWmnWa9CjZnBndniPt4a3CK0PVB9bIg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -764,17 +764,17 @@ google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 h1:ToEetK57OidYuqD4Q5w+vfEnPvPpuTwedCNVohYJfNk= google.golang.org/genproto v0.0.0-20241118233622-e639e219e697/go.mod h1:JJrvXBWRZaFMxBufik1a4RpFw4HhgVtBBWQeQgUj2cc= -google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8 h1:mepRgnBZa07I4TRuomDE4sTIYieg/osKmzIf4USdWS4= -google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8/go.mod h1:fDMmzKV90WSg1NbozdqrE64fkuTv6mlq2zxo9ad+3yo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20251022142026-3a174f9686a8 h1:M1rk8KBnUsBDg1oPGHNCxG4vc1f49epmTO7xscSajMk= -google.golang.org/genproto/googleapis/rpc v0.0.0-20251022142026-3a174f9686a8/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk= +google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 h1:fCvbg86sFXwdrl5LgVcTEvNC+2txB5mgROGmRL5mrls= +google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto= +google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww= +google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.77.0 h1:wVVY6/8cGA6vvffn+wWK5ToddbgdU3d8MNENr4evgXM= -google.golang.org/grpc v1.77.0/go.mod h1:z0BY1iVj0q8E1uSQCjL9cppRj+gnZjzDnzV0dHhrNig= +google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE= +google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=