diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f7d700ccdf..13d5e8f580 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/changelog_pr.yaml b/.github/workflows/changelog_pr.yaml index 055d68024c..438883efa8 100644 --- a/.github/workflows/changelog_pr.yaml +++ b/.github/workflows/changelog_pr.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5def97b940..433f1c0347 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -46,7 +46,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -55,7 +55,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -66,7 +66,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -80,4 +80,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 diff --git a/.github/workflows/curldemo.yaml b/.github/workflows/curldemo.yaml index 846adeb78a..80d9d56909 100644 --- a/.github/workflows/curldemo.yaml +++ b/.github/workflows/curldemo.yaml @@ -17,7 +17,7 @@ jobs: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -31,7 +31,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: Build and push id: docker_build - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 with: context: ./deploy/test-apps/curldemo/ file: ./deploy/test-apps/curldemo/Dockerfile diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 6c704f4852..33c814dc5a 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/gh-pages.yaml b/.github/workflows/gh-pages.yaml index 0fc1298a4c..1a9c87be3f 100644 --- a/.github/workflows/gh-pages.yaml +++ b/.github/workflows/gh-pages.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/helm_check-values-schema.yaml b/.github/workflows/helm_check-values-schema.yaml index d8a7813fcb..bc43663533 100644 --- a/.github/workflows/helm_check-values-schema.yaml +++ b/.github/workflows/helm_check-values-schema.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/helm_docs.yaml b/.github/workflows/helm_docs.yaml index 7282f4bb67..2ecdabfd9a 100644 --- a/.github/workflows/helm_docs.yaml +++ b/.github/workflows/helm_docs.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/helm_publish.yaml b/.github/workflows/helm_publish.yaml index 703fcdbe4f..4d13ad90f4 100644 --- a/.github/workflows/helm_publish.yaml +++ b/.github/workflows/helm_publish.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/kube-linter.yaml b/.github/workflows/kube-linter.yaml index 4705e69b28..4390f17c32 100644 --- a/.github/workflows/kube-linter.yaml +++ b/.github/workflows/kube-linter.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -37,5 +37,5 @@ jobs: output-file: ../results/kube-linter.sarif - name: Upload sarif output to GitHub - uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 continue-on-error: true diff --git a/.github/workflows/olm_pr.yaml b/.github/workflows/olm_pr.yaml index 9f9ed33a77..107f13ae16 100644 --- a/.github/workflows/olm_pr.yaml +++ b/.github/workflows/olm_pr.yaml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/terrascan.yaml b/.github/workflows/terrascan.yaml index 89a8126eea..0f1a37c8c4 100644 --- a/.github/workflows/terrascan.yaml +++ b/.github/workflows/terrascan.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -35,6 +35,6 @@ jobs: sarif_upload: true iac_dir: chart/k8gb - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: terrascan.sarif diff --git a/.github/workflows/terratest.yaml b/.github/workflows/terratest.yaml index ff3931b8de..e5071da047 100644 --- a/.github/workflows/terratest.yaml +++ b/.github/workflows/terratest.yaml @@ -29,7 +29,7 @@ jobs: should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/upgrade-testing.yaml b/.github/workflows/upgrade-testing.yaml index 70b7607215..d37b22ff12 100644 --- a/.github/workflows/upgrade-testing.yaml +++ b/.github/workflows/upgrade-testing.yaml @@ -29,7 +29,7 @@ jobs: should_skip: ${{ steps.skip_check.outputs.should_skip }} steps: - name: Harden Runner - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/docs/examples/route53/terraform-aws-eks-k8gb/main.tf b/docs/examples/route53/terraform-aws-eks-k8gb/main.tf index fbffe79f55..5614b00fd4 100644 --- a/docs/examples/route53/terraform-aws-eks-k8gb/main.tf +++ b/docs/examples/route53/terraform-aws-eks-k8gb/main.tf @@ -65,7 +65,7 @@ resource "aws_ec2_tag" "eks_elb" { module "eks-cluster" { tags = var.eks_tags source = "terraform-aws-modules/eks/aws" - version = "20.29.0" + version = "20.30.1" cluster_name = var.cluster_name cluster_version = var.kubernetes_version subnets = data.aws_subnet_ids.private.ids diff --git a/docs/examples/route53/terraform-aws-eks-k8gb/providers.tf b/docs/examples/route53/terraform-aws-eks-k8gb/providers.tf index e433bd3c13..27fd60f5d4 100644 --- a/docs/examples/route53/terraform-aws-eks-k8gb/providers.tf +++ b/docs/examples/route53/terraform-aws-eks-k8gb/providers.tf @@ -2,11 +2,11 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.76.0" + version = "5.78.0" } kubernetes = { source = "hashicorp/kubernetes" - version = "2.33.0" + version = "2.34.0" } } } diff --git a/go.mod b/go.mod index 54ffccf368..a6b88c15c9 100644 --- a/go.mod +++ b/go.mod @@ -13,14 +13,14 @@ require ( github.com/miekg/dns v1.1.62 github.com/prometheus/client_golang v1.20.5 github.com/rs/zerolog v1.33.0 - github.com/stretchr/testify v1.9.0 + github.com/stretchr/testify v1.10.0 go.opentelemetry.io/otel v1.32.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0 go.opentelemetry.io/otel/sdk v1.32.0 go.opentelemetry.io/otel/trace v1.32.0 go.uber.org/mock v0.5.0 - istio.io/client-go v1.24.0 + istio.io/client-go v1.24.1 k8s.io/api v0.31.0 k8s.io/apimachinery v0.31.0 k8s.io/client-go v0.31.0 diff --git a/go.sum b/go.sum index f471d8f398..0c226f3d95 100644 --- a/go.sum +++ b/go.sum @@ -211,6 +211,8 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -399,6 +401,8 @@ istio.io/client-go v1.23.3 h1:rs+mO4A+NaXVcZgDO0RRZE7KRAlDooq2PSkxl7tevig= istio.io/client-go v1.23.3/go.mod h1:Lfa3anzx7/kCOpcAciR+JiRMj/SYuzDcbXQDjkThnLg= istio.io/client-go v1.24.0 h1:30Qmx12lJCB5xeJuyodPSWh848b2PvgCubdPTazG1eU= istio.io/client-go v1.24.0/go.mod h1:sCDBDJWQGJQz/1t3CHwUTDE5V7Nk6pFFkqBwhIg+LrI= +istio.io/client-go v1.24.1 h1:m1hYt+S7zZZpiWHVnJkp9SFfQ9EApBhKL0LUaviKh9c= +istio.io/client-go v1.24.1/go.mod h1:sCDBDJWQGJQz/1t3CHwUTDE5V7Nk6pFFkqBwhIg+LrI= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.31.0 h1:b9LiSjR2ym/SzTOlfMHm1tr7/21aD7fSkqgD/CVJBCo= k8s.io/api v0.31.0/go.mod h1:0YiFF+JfFxMM6+1hQei8FY8M7s1Mth+z/q7eF1aJkTE= diff --git a/terratest/go.mod b/terratest/go.mod index 71836323b1..01df36a969 100644 --- a/terratest/go.mod +++ b/terratest/go.mod @@ -5,7 +5,7 @@ go 1.22.3 require ( github.com/AbsaOSS/gopkg v0.1.3 github.com/gruntwork-io/terratest v0.47.2 - github.com/stretchr/testify v1.9.0 + github.com/stretchr/testify v1.10.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.28.4 k8s.io/apimachinery v0.28.4 diff --git a/terratest/go.sum b/terratest/go.sum index 6eb126b5f3..c68dff8fc9 100644 --- a/terratest/go.sum +++ b/terratest/go.sum @@ -255,6 +255,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/texttheater/golang-levenshtein v1.0.1 h1:+cRNoVrfiwufQPhoMzB6N0Yf/Mqajr6t1lOv8GyGE2U= github.com/texttheater/golang-levenshtein v1.0.1/go.mod h1:PYAKrbF5sAiq9wd+H82hs7gNaen0CplQ9uvm6+enD/8= github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=