public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity
2,266 Commits 24 Branches 63 Tags 286 MiB
Commit Graph

35 Commits

Author SHA1 Message Date
Michael Plump 3e56c7fd0f
chore: upgrade all the dependencies to their latest versions (#3454) 
* chore: go get -u ./...

* chore: go mod tidy

* chore: go mod vendor

* chore: fix compilation for buildkit >= 0.15.0

* chore: upgrade to Go 1.24

* chore: upgrade the Debian container used in an integration test
 2025-05-21 09:31:10 -04:00
JeromeJu 3cf227e8af
fix: address outdated dependencies for go-git CVE upgrade (#3440) 2025-04-11 13:24:05 -04:00
dependabot[bot] 7825b6bf4f
chore(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 (#3253) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/net/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-15 09:28:18 -07:00
dependabot[bot] ad1896a680
chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#3190) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.26.0.
- [Commits](https://github.com/golang/net/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-10 11:14:21 -07:00
dependabot[bot] 4601a7e3f1
chore(deps): bump google.golang.org/api from 0.177.0 to 0.180.0 (#3160) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.177.0 to 0.180.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.177.0...v0.180.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-13 16:45:43 -07:00
dependabot[bot] 5c56bdf634
chore(deps): bump golang.org/x/net from 0.22.0 to 0.24.0 (#3113) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 10:33:55 -07:00
dependabot[bot] 10567f9cf6
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#3056) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-11 14:09:52 -07:00
dependabot[bot] e520af18a6
chore(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#2948) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-16 21:37:48 -08:00
dependabot[bot] fcc3a3ef94
chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2915) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 08:33:23 -08:00
dependabot[bot] b77b858a62
chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#2891) 
Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](https://github.com/spf13/afero/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 10:05:01 -05:00
dependabot[bot] e983eb66d7
chore(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 (#2859) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-19 19:28:50 -08:00
dependabot[bot] bda9700863
chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#2781) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-09 07:14:31 -07:00
dependabot[bot] 7e905499af
chore(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 (#2663) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.14.0.
- [Commits](https://github.com/golang/net/compare/v0.12.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-08 11:14:27 -07:00
dependabot[bot] 7b27cee893
chore(deps): bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#2617) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-17 10:16:54 -07:00
dependabot[bot] 22df0b3046
chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#2578) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-18 20:57:34 -07:00
dependabot[bot] 4edf751d43
chore(deps): bump github.com/go-git/go-git/v5 from 5.4.2 to 5.7.0 (#2528) 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.4.2...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-29 16:28:53 -07:00
dependabot[bot] 74fc5403c3
chore(deps): bump google.golang.org/api from 0.110.0 to 0.120.0 (#2484) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.110.0 to 0.120.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.120.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-05 15:52:07 -07:00
Joe Kimmel 906cc96b59
Upgrade docker (#2440) 
* somehow now the only thing that doesnt work is devices.Device

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* this gets rid of all the compiler errors in the vendored code

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* fixed some things but a bunch of tests and maybe some compiler steps are still failing

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* all the things i figured out how to fix so far

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* guess i had to redo go mods after rebasing again

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* update docker constants to be SHOUTY CASE now

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* include DestPath in resolveEnv

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* fix one mistake in Docker lib upgrade and some typos/deprecations in the file

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* last changes (hopefully) to update to new docker libs

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

---------

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>
 2023-03-23 20:34:25 -04:00
Joël Pepper 0cbb7664de
fix(executor): make pax tar builds reproducible again (#2384) 
In v1.8.0 (commit 7410007) kaniko switched to using the pax tar header
format for compressing image layers, since this format allows for greater
precision in recording timestamps, however this inadvertendly broke the
"--reproducible" functionality, due to an bug in the underlying
go-containerregistry dependency which did not set the additional
timestamps in the pax header when canonicalizing image layers. This
oversight has since been fixed in the dependency.

This commit bumps the google/go-containerregistry dependency to the
first commit which has fixed the bug
(v0.13.1-0.20230201183932-824efc7772b0). It also bumps the version of
cloud.google.com/go/storage to v1.29.0 to be compatible with the higher
transitive dependency.
 2023-03-21 18:08:29 -04:00
Jason Hall 6bbd8a331c
Bump deps (#1885) 
```
* use go 1.17 semantics in go.mod
* pin tonistiigi/fsutil dep to match docker/docker's dep
go get -u ./...
go mod vendor
```
 2022-01-21 13:59:16 -05:00
Jason Hall 76624697df
Bump github.com/docker/docker to latest release (#1866) 
* Bump github.com/docker/docker to latest release

* Pin deps to docker/docker's requirements

fix build breakages
fix unit test
Trying to see whether am-i-in-a-container checks are broken for integration tests...
 2022-01-14 15:58:32 -05:00
Matt Moore 1ad4295462
Update ggcr to pick up estargz and caching option (#1527) 2020-12-21 10:09:21 -08:00
Josh Chorlton 57ab7e03f1 bump go-containerregistry dep 2020-08-04 19:41:26 -07:00
Carlos Alexandro Becker 7b8879c03f
feat: upgrade go-git 
Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com>
 2020-06-15 11:58:04 -03:00
Tejal Desai 7b51aec5d9 upgrade go container registry to latest master 2020-03-18 15:00:49 -07:00
Ben Einaudi 03b8922ede Upgrade dependency to go-containerregistry third-party library 
By doing so it will fix issues met when mixing source/remote registry

Close #808
 2020-01-26 18:55:52 +01:00
Tejal Desai 6b020a1f97 fix highwayhash 2019-12-21 12:18:09 -08:00
Kartik Verma 8acca11a16
Added go-git 2018-09-03 14:03:12 +05:30
Nick Kubala e59f05e32f
fix deps 2018-08-01 13:02:54 -07:00
Jason Hall 0e3fc0bcd7 Look for usable on-cluster credentials using k8schain (#243) 
* dep ensure and use k8schain

* checkpoint

* fix vendoring, stuff builds

* Use k8schain for pushes too

* Use NewNoClient

* update ggcr dep

* Move k8schain usage to image_util.go
 2018-07-21 10:22:13 -07:00
Priya Wadhwa 3aafb843e2
Updated vendor for exported BuildArgs 2018-05-09 11:56:32 -07:00
dlorenc cd5b744904
Switch from containers/image to go-containerregistry (#140) 
* Vendor changes for go-containerregistry switch.

* Manual changes for go-containerregistry switch.

The biggest change is refactoring the tarball unpacking.

* Pull more of container-diff out.

* More vendor removals.

* More unit tests.
 2018-04-25 19:21:05 -07:00
Priya Wadhwa 4d048d1607
Updated vendor, for container-diff 2018-04-11 14:06:23 -07:00
Priya Wadhwa 66bb59ff12
Added to vendor 2018-02-28 12:22:10 -08:00
Priya Wadhwa c284f25441 Added CLI flags and set logs 2018-02-20 20:50:03 -08:00