public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity
2,266 Commits 24 Branches 63 Tags 286 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Michael Plump 3e56c7fd0f
chore: upgrade all the dependencies to their latest versions (#3454) 
* chore: go get -u ./...

* chore: go mod tidy

* chore: go mod vendor

* chore: fix compilation for buildkit >= 0.15.0

* chore: upgrade to Go 1.24

* chore: upgrade the Debian container used in an integration test
 2025-05-21 09:31:10 -04:00
JeromeJu 3cf227e8af
fix: address outdated dependencies for go-git CVE upgrade (#3440) 2025-04-11 13:24:05 -04:00
dependabot[bot] 7825b6bf4f
chore(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 (#3253) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/net/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-15 09:28:18 -07:00
dependabot[bot] ad1896a680
chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#3190) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.26.0.
- [Commits](https://github.com/golang/net/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-10 11:14:21 -07:00
dependabot[bot] 4601a7e3f1
chore(deps): bump google.golang.org/api from 0.177.0 to 0.180.0 (#3160) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.177.0 to 0.180.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.177.0...v0.180.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-13 16:45:43 -07:00
dependabot[bot] 70bd3628c6
chore(deps): bump golang.org/x/sys from 0.18.0 to 0.19.0 (#3103) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/sys/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 14:47:50 -07:00
dependabot[bot] 10567f9cf6
chore(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#3056) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-11 14:09:52 -07:00
dependabot[bot] a842559c42
chore(deps): bump golang.org/x/sys from 0.16.0 to 0.17.0 (#3001) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/sys/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-12 09:29:09 -08:00
dependabot[bot] 782eeef84d
chore(deps): bump golang.org/x/sys from 0.15.0 to 0.16.0 (#2936) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/sys/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-08 09:59:36 -08:00
dependabot[bot] b77b858a62
chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#2891) 
Bumps [github.com/spf13/afero](https://github.com/spf13/afero) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](https://github.com/spf13/afero/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/afero
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 10:05:01 -05:00
dependabot[bot] e5952216eb
chore(deps): bump golang.org/x/sys from 0.13.0 to 0.14.0 (#2848) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/sys/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 15:47:01 -08:00
dependabot[bot] bda9700863
chore(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#2781) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-09 07:14:31 -07:00
dependabot[bot] 517b69da44
chore(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 (#2722) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/sys/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-05 15:53:28 -07:00
dependabot[bot] 8ebc2ce2f4
chore(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 (#2659) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/sys/compare/v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-08 10:17:17 -07:00
dependabot[bot] 63be4990ca
chore(deps): bump golang.org/x/sys from 0.9.0 to 0.10.0 (#2613) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/sys/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-04 17:01:53 -07:00
dependabot[bot] 7ab68f2e5a
chore(deps): bump golang.org/x/sys from 0.8.0 to 0.9.0 (#2564) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/sys/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 00:59:27 -07:00
dependabot[bot] 7cc3b2a9fc
chore(deps): bump golang.org/x/sys from 0.7.0 to 0.8.0 (#2507) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/sys/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-16 00:43:01 -07:00
dependabot[bot] 74fc5403c3
chore(deps): bump google.golang.org/api from 0.110.0 to 0.120.0 (#2484) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.110.0 to 0.120.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.120.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-05 15:52:07 -07:00
Joe Kimmel 906cc96b59
Upgrade docker (#2440) 
* somehow now the only thing that doesnt work is devices.Device

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* this gets rid of all the compiler errors in the vendored code

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* fixed some things but a bunch of tests and maybe some compiler steps are still failing

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* all the things i figured out how to fix so far

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* guess i had to redo go mods after rebasing again

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* update docker constants to be SHOUTY CASE now

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* include DestPath in resolveEnv

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* fix one mistake in Docker lib upgrade and some typos/deprecations in the file

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

* last changes (hopefully) to update to new docker libs

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>

---------

Signed-off-by: Joe Kimmel <jkimmel@vmware.com>
 2023-03-23 20:34:25 -04:00
Joël Pepper 0cbb7664de
fix(executor): make pax tar builds reproducible again (#2384) 
In v1.8.0 (commit 7410007) kaniko switched to using the pax tar header
format for compressing image layers, since this format allows for greater
precision in recording timestamps, however this inadvertendly broke the
"--reproducible" functionality, due to an bug in the underlying
go-containerregistry dependency which did not set the additional
timestamps in the pax header when canonicalizing image layers. This
oversight has since been fixed in the dependency.

This commit bumps the google/go-containerregistry dependency to the
first commit which has fixed the bug
(v0.13.1-0.20230201183932-824efc7772b0). It also bumps the version of
cloud.google.com/go/storage to v1.29.0 to be compatible with the higher
transitive dependency.
 2023-03-21 18:08:29 -04:00
dependabot[bot] 697bfc6acb
Bump cloud.google.com/go/storage from 1.21.0 to 1.22.0 (#2041) 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.21.0...spanner/v1.22.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-11 10:26:23 -04:00
Jason Hall f067edae9f
Fix bug with log disabling (#1959) 
Prior to this change, Kaniko disabled logging for its ecr-login
dependency by redirecting the logger's output to ioutil.Discard.
However, since that used the logrus standard logger, this had the effect
of completely disabling (redirecting to Discard) _all_ logging done by
Kaniko.

This caused integratiion test failures, and left any user of Kaniko
without any logging.

This fix updates the dependency on ecr-login to include a fix for this
issue, and updates to the new API introduced in that fix.
 2022-02-28 15:02:05 -05:00
Jason Hall c6623cd1e3
Bump ecr-login dep to avoid some log spam (#1946) 
Previously the ecr-login cred helper we compile into the executor/warmer
binaries would log a warning when they were asked for credentials for a
non-ECR image. This takes advantage of recent work in ecr-login to let
consumers like kaniko disable that logging.
 2022-02-21 02:20:02 +05:30
Jason Hall 6bbd8a331c
Bump deps (#1885) 
```
* use go 1.17 semantics in go.mod
* pin tonistiigi/fsutil dep to match docker/docker's dep
go get -u ./...
go mod vendor
```
 2022-01-21 13:59:16 -05:00
Jason Hall 76624697df
Bump github.com/docker/docker to latest release (#1866) 
* Bump github.com/docker/docker to latest release

* Pin deps to docker/docker's requirements

fix build breakages
fix unit test
Trying to see whether am-i-in-a-container checks are broken for integration tests...
 2022-01-14 15:58:32 -05:00
Sascha Schwarze 69f942f751
Improve retry behavior for push operation (#1578) 
* Update go-containerregistry to 0.4

* Implement --push-retry argument
 2021-02-22 21:25:58 -08:00
Josh Chorlton 57ab7e03f1 bump go-containerregistry dep 2020-08-04 19:41:26 -07:00
Carlos Alexandro Becker 7b8879c03f
feat: upgrade go-git 
Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com>
 2020-06-15 11:58:04 -03:00
Ben Einaudi 03b8922ede Upgrade dependency to go-containerregistry third-party library 
By doing so it will fix issues met when mixing source/remote registry

Close #808
 2020-01-26 18:55:52 +01:00
Benjamin EINAUDI f17734e799 Tidy dependencies 
Run 'go mod tidy' and re-vendored dependencies
 2019-12-30 22:26:26 +01:00
Fahri Yardımcı 16b4f700cc Upgrade aws go sdk for supporting eks oidc credential chain 2019-12-21 14:56:04 -08:00
Tejal Desai 6b020a1f97 fix highwayhash 2019-12-21 12:18:09 -08:00
Nick Kubala e59f05e32f
fix deps 2018-08-01 13:02:54 -07:00
Priya Wadhwa 3aafb843e2
Updated vendor for exported BuildArgs 2018-05-09 11:56:32 -07:00
Priya Wadhwa ae59204727
Updated vendor for changes to container-diff 2018-04-20 10:42:16 -07:00
Priya Wadhwa 4d048d1607
Updated vendor, for container-diff 2018-04-11 14:06:23 -07:00
Priya Wadhwa cd9467dcf4
Updated vendor for new version of container-diff 2018-03-07 15:35:44 -08:00
Priya Wadhwa 31d02ad5db
Updated vendor to get container-diff master 2018-03-01 13:10:24 -08:00
Priya Wadhwa c284f25441 Added CLI flags and set logs 2018-02-20 20:50:03 -08:00