diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 72892a21f78..9be73104346 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -39,7 +39,8 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # will use the latest release available for ko - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2708001f35d..a137c3fe83f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -54,7 +54,8 @@ jobs: - name: Set correct version of Golang to use during CodeQL run uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.1.5 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/cross.yaml b/.github/workflows/cross.yaml index e501b45ec3a..8088140449e 100644 --- a/.github/workflows/cross.yaml +++ b/.github/workflows/cross.yaml @@ -31,7 +31,8 @@ jobs: - name: Install Go uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true - name: Checkout code uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - name: build cosign diff --git a/.github/workflows/e2e-with-binary.yml b/.github/workflows/e2e-with-binary.yml index 4c1a81ab22c..6951b274ba0 100644 --- a/.github/workflows/e2e-with-binary.yml +++ b/.github/workflows/e2e-with-binary.yml @@ -41,7 +41,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true - name: build cosign and check shell: bash run: | diff --git a/.github/workflows/e2e_tests.yml b/.github/workflows/e2e_tests.yml index d3ab0597bd3..63af4284d4a 100644 --- a/.github/workflows/e2e_tests.yml +++ b/.github/workflows/e2e_tests.yml @@ -34,7 +34,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true - name: Set up Cloud SDK uses: google-github-actions/setup-gcloud@877d4953d2c70a0ba7ef3290ae968eb24af233bb # v0.5.1 with: diff --git a/.github/workflows/github-oidc.yaml b/.github/workflows/github-oidc.yaml index 57bd414b050..5c6330f6595 100644 --- a/.github/workflows/github-oidc.yaml +++ b/.github/workflows/github-oidc.yaml @@ -38,7 +38,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # Install tools. - uses: sigstore/cosign-installer@536b37ec5d5b543420bdfd9b744c5965bd4d8730 # v2.3.0 diff --git a/.github/workflows/kind-cluster-image-policy-with-attestations.yaml b/.github/workflows/kind-cluster-image-policy-with-attestations.yaml index 887946d008d..b972161cba6 100644 --- a/.github/workflows/kind-cluster-image-policy-with-attestations.yaml +++ b/.github/workflows/kind-cluster-image-policy-with-attestations.yaml @@ -51,7 +51,8 @@ jobs: - uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # will use the latest release available for ko - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 diff --git a/.github/workflows/kind-cluster-image-policy.yaml b/.github/workflows/kind-cluster-image-policy.yaml index 02f7b735b3e..9542e3fdb61 100644 --- a/.github/workflows/kind-cluster-image-policy.yaml +++ b/.github/workflows/kind-cluster-image-policy.yaml @@ -51,7 +51,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # will use the latest release available for ko - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 diff --git a/.github/workflows/kind-e2e-cosigned.yaml b/.github/workflows/kind-e2e-cosigned.yaml index 24aee0fd8bd..7b179c369e8 100644 --- a/.github/workflows/kind-e2e-cosigned.yaml +++ b/.github/workflows/kind-e2e-cosigned.yaml @@ -46,7 +46,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: 1.17.x + go-version: '1.17' + check-latest: true - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 diff --git a/.github/workflows/kind-verify-attestation.yaml b/.github/workflows/kind-verify-attestation.yaml index abeef3e9d38..b2527fba0fe 100644 --- a/.github/workflows/kind-verify-attestation.yaml +++ b/.github/workflows/kind-verify-attestation.yaml @@ -54,7 +54,8 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true # will use the latest release available for ko - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 diff --git a/.github/workflows/style.yaml b/.github/workflows/style.yaml index 349f58c3ce7..23a843d123d 100644 --- a/.github/workflows/style.yaml +++ b/.github/workflows/style.yaml @@ -15,7 +15,8 @@ jobs: - name: Set up Go uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: 1.16.x + go-version: '1.17' + check-latest: true - name: Check out code uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 @@ -32,7 +33,8 @@ jobs: - name: Set up Go uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: 1.16.x + go-version: '1.17' + check-latest: true - name: Check out code uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 06ac1449c42..14383aadfeb 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -23,7 +23,7 @@ on: permissions: read-all env: - GO_VERSION: 1.17.x + GO_VERSION: 1.17 jobs: unit-tests: @@ -58,6 +58,7 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.1.5 with: go-version: ${{ env.GO_VERSION }} + check-latest: true - name: Run Go tests run: go test -covermode atomic -coverprofile coverage.txt $(go list ./... | grep -v third_party/) - name: Upload Coverage Report @@ -93,6 +94,7 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.1.5 with: go-version: ${{ env.GO_VERSION }} + check-latest: true - uses: imjasonh/setup-ko@2c3450ca27f6e6f2b02e72a40f2163c281a1f675 # v0.4 - name: setup kind cluster run: | @@ -115,6 +117,7 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.1.5 with: go-version: ${{ env.GO_VERSION }} + check-latest: true # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2 @@ -140,6 +143,7 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: go-version: ${{ env.GO_VERSION }} + check-latest: true - name: Install addlicense run: go install github.com/google/addlicense@latest - name: Check license headers @@ -155,9 +159,10 @@ jobs: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: go-version: ${{ env.GO_VERSION }} + check-latest: true - name: golangci-lint uses: golangci/golangci-lint-action@537aa1903e5d359d0b27dbc19ddd22c5087f3fbc # v3 timeout-minutes: 5 with: # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. - version: v1.44.2 + version: v1.46.0 diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 7bb34d48668..960e61de542 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -39,8 +39,8 @@ jobs: statuses: none env: - CROSS_BUILDER_IMAGE: ghcr.io/gythialy/golang-cross:v1.17.9-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 - COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.7.2@sha256:ad2985a87622d5934a4bc06a61faadff772e377937e42519af4f506e1b019d1e + CROSS_BUILDER_IMAGE: ghcr.io/gythialy/golang-cross:v1.17.10-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 + COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.8.0@sha256:12b4d428529654c95a7550a936cbb5c6fe93a046ea7454676cb6fb0ce566d78c steps: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b #v2.4.0 diff --git a/.github/workflows/verify-codegen.yaml b/.github/workflows/verify-codegen.yaml index f9708711763..1685fd6a1ff 100644 --- a/.github/workflows/verify-codegen.yaml +++ b/.github/workflows/verify-codegen.yaml @@ -34,7 +34,8 @@ jobs: steps: - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab with: - go-version: 1.17.x + go-version: '1.17' + check-latest: true - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b with: diff --git a/.github/workflows/verify-docgen.yaml b/.github/workflows/verify-docgen.yaml index a247277967c..d8f1988ed58 100644 --- a/.github/workflows/verify-docgen.yaml +++ b/.github/workflows/verify-docgen.yaml @@ -34,5 +34,6 @@ jobs: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2.4.0 - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v2.2.0 with: - go-version: '1.17.x' + go-version: '1.17' + check-latest: true - run: ./cmd/help/verify.sh diff --git a/release/cloudbuild.yaml b/release/cloudbuild.yaml index bbd5bad0332..717c635b9ee 100644 --- a/release/cloudbuild.yaml +++ b/release/cloudbuild.yaml @@ -32,17 +32,17 @@ steps: echo "Checking out ${_GIT_TAG}" git checkout ${_GIT_TAG} -- name: 'gcr.io/projectsigstore/cosign:v1.7.2@sha256:ad2985a87622d5934a4bc06a61faadff772e377937e42519af4f506e1b019d1e' +- name: 'gcr.io/projectsigstore/cosign:v1.8.0@sha256:12b4d428529654c95a7550a936cbb5c6fe93a046ea7454676cb6fb0ce566d78c' dir: "go/src/sigstore/cosign" env: - COSIGN_EXPERIMENTAL=true - TUF_ROOT=/tmp args: - 'verify' - - 'ghcr.io/gythialy/golang-cross:v1.17.9-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418' + - 'ghcr.io/gythialy/golang-cross:v1.17.10-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418' # maybe we can build our own image and use that to be more in a safe side -- name: ghcr.io/gythialy/golang-cross:v1.17.9-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 +- name: ghcr.io/gythialy/golang-cross:v1.17.10-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 entrypoint: /bin/sh dir: "go/src/sigstore/cosign" env: @@ -65,7 +65,7 @@ steps: gcloud auth configure-docker \ && make release -- name: ghcr.io/gythialy/golang-cross:v1.17.9-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 +- name: ghcr.io/gythialy/golang-cross:v1.17.10-0@sha256:62c64ee6c74285839db86ae0814d2411bfe4bc2cdc025b10122e4bb8d27b1418 entrypoint: 'bash' dir: "go/src/sigstore/cosign" env: