Skip to content

Commit 1f327ac

Browse files
Abhishek-ValabojuAbhishek-Valaboju
authored
Merge pull request #884 from Abhishek-Valaboju/security-fix-main
[main]CI improvements
2 parents 5767595 + 68e7cff commit 1f327ac

2 files changed

Lines changed: 43 additions & 24 deletions

File tree

hack/make/deps.mk

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,27 @@
11
# renovate: datasource=github-release-attachments depName=golangci/golangci-lint
2-
GOLANGCI_VERSION = v2.1.6
2+
GOLANGCI_VERSION = v2.11.4
3+
# renovate: datasource=github-release-attachments depName=golangci/golangci-lint digestVersion=v2.11.4
4+
GOLANGCI_SUM_amd64 := 200c5b7503f67b59a6743ccf32133026c174e272b930ee79aa2aa6f37aca7ef1
5+
# renovate: datasource=github-release-attachments depName=golangci/golangci-lint digestVersion=v2.11.4
6+
GOLANGCI_SUM_arm64 := 3bcfa2e6f3d32b2bf5cd75eaa876447507025e0303698633f722a05331988db4
7+
38
# renovate: datasource=github-release-attachments depName=k3d-io/k3d
49
K3D_VERSION = v5.8.3
10+
# renovate: datasource=github-release-attachments depName=k3d-io/k3d digestVersion=v5.8.3
11+
K3D_SUM_amd64 := dbaa79a76ace7f4ca230a1ff41dc7d8a5036a8ad0309e9c54f9bf3836dbe853e
12+
# renovate: datasource=github-release-attachments depName=k3d-io/k3d digestVersion=v5.8.3
13+
K3D_SUM_arm64 := 0b8110f2229631af7402fb828259330985918b08fefd38b7f1b788a1c8687216
14+
15+
# renovate: datasource=github-releases packageName=kubernetes/kubernetes
16+
KUBECTL_VERSION = v1.31.13
17+
# renovate: datasource=github-releases packageName=kubernetes/kubernetes digestVersion=v1.31.13
18+
KUBECTL_SUM_amd64 := ce427a4df97b044bf6beaf38be6b3aaafb1b5c782c406958b3c71ebb25a48fe3
19+
# renovate: datasource=github-releases packageName=kubernetes/kubernetes digestVersion=v1.31.13
20+
KUBECTL_SUM_arm64 := cfe055bd02650cd5c2687599069630cf4a602f1c99be63986a25b775752620db
521

6-
KUBECTL_VERSION = 1.31.10
722
# renovate: datasource=github-release-attachments depName=helm/helm
8-
HELM_VERSION = v3.18.2
23+
HELM_VERSION = v3.17.2
24+
# renovate: datasource=github-release-attachments depName=helm/helm digestVersion=v3.17.2
25+
HELM_SUM_amd64 := 90c28792a1eb5fb0b50028e39ebf826531ebfcf73f599050dbd79bab2f277241
26+
# renovate: datasource=github-release-attachments depName=helm/helm digestVersion=v3.17.2
27+
HELM_SUM_arm64 := d78d76ec7625a94991e887ac049d93f44bd70e4876200b945f813c9e1ed1df7c

hack/make/tools.mk

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -12,40 +12,40 @@ endif
1212
K3D = $(TOOLS_BIN)/k3d-$(K3D_VERSION)
1313
$(K3D):
1414
rm -f $(TOOLS_BIN)/k3d*
15-
curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | \
16-
PATH=$(PATH):$(TOOLS_BIN) K3D_INSTALL_DIR="$(TOOLS_BIN)" TAG="$(K3D_VERSION)" USE_SUDO=false bash
17-
mv $(TOOLS_BIN)/k3d $(TOOLS_BIN)/k3d-$(K3D_VERSION)
15+
curl -sSfL -o $(K3D) "https://github.com/k3d-io/k3d/releases/download/$(K3D_VERSION)/k3d-$(OS_NAME)-$(OS_ARCH)"
16+
echo "$(K3D_SUM_$(OS_ARCH)) $(K3D)" | shasum -a 256 -c -
17+
chmod u+x $(K3D)
1818

1919
GOLANGCI = $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION)
20+
GOLANGCI_VERSION_TRIMMED := $(GOLANGCI_VERSION:v%=%)
2021
$(GOLANGCI):
21-
rm -f $(TOOLS_BIN)/golangci-lint*
22-
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TOOLS_BIN) $(GOLANGCI_VERSION)
23-
mv $(TOOLS_BIN)/golangci-lint $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION)
22+
rm -rf $(TOOLS_BIN)/golangci*
23+
curl -sSfL -o $(TOOLS_BIN)/golangci.tar.gz \
24+
"https://github.com/golangci/golangci-lint/releases/download/$(GOLANGCI_VERSION)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH).tar.gz"
25+
echo "$(GOLANGCI_SUM_$(OS_ARCH)) $(TOOLS_BIN)/golangci.tar.gz" | shasum -a 256 -c -
26+
tar -xf $(TOOLS_BIN)/golangci.tar.gz -C $(TOOLS_BIN)
27+
mv $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH)/golangci-lint $(GOLANGCI)
28+
chmod u+x $(GOLANGCI)
29+
rm -rf $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH)
30+
rm -f $(TOOLS_BIN)/golangci.tar.gz
2431

2532
KUBECTL = $(TOOLS_BIN)/kubectl-$(KUBECTL_VERSION)
2633
$(KUBECTL):
2734
rm -f $(TOOLS_BIN)/kubectl*
28-
curl --output $(KUBECTL) -sSfL "https://dl.k8s.io/release/v$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl"
29-
echo "$(shell curl -L "https://dl.k8s.io/release/v$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl.sha256") $(KUBECTL)" | shasum -a 256 -c -
35+
curl -sSfL -o $(KUBECTL) \
36+
"https://dl.k8s.io/release/$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl"
37+
echo "$(KUBECTL_SUM_$(OS_ARCH)) $(KUBECTL)" | shasum -a 256 -c -
3038
chmod u+x $(KUBECTL)
3139

3240
HELM = $(TOOLS_BIN)/helm-$(HELM_VERSION)
3341
$(HELM):
3442
rm -rf $(TOOLS_BIN)/helm*
3543
mkdir -p $(TOOLS_BIN)/tmp-helm
36-
curl --output $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz -sSfL "https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz"
37-
$(call indirect-value,HELM_SUM)
38-
cd $(TOOLS_BIN) && echo "$(shell curl -L "https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz.sha256sum")" | shasum -a 256 -c -
39-
tar -xf $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz --strip-components 1 -C $(TOOLS_BIN)/tmp-helm
44+
curl -sSfL -o $(TOOLS_BIN)/helm.tar.gz \
45+
"https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz"
46+
echo "$(HELM_SUM_$(OS_ARCH)) $(TOOLS_BIN)/helm.tar.gz" | shasum -a 256 -c -
47+
tar -xf $(TOOLS_BIN)/helm.tar.gz --strip-components 1 -C $(TOOLS_BIN)/tmp-helm
4048
mv $(TOOLS_BIN)/tmp-helm/helm $(HELM)
4149
chmod u+x $(HELM)
42-
rm -rf $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz $(TOOLS_BIN)/tmp-helm
50+
rm -rf $(TOOLS_BIN)/helm.tar.gz $(TOOLS_BIN)/tmp-helm
4351

44-
# go-install-tool will 'go install' any package $2 and install it as $1.
45-
define go-install-tool
46-
@[ -f $(1) ] || { \
47-
set -e ;\
48-
echo "Downloading $(2)" ;\
49-
GOBIN=$(TOOLS_BIN) go install $(2) ;\
50-
}
51-
endef

0 commit comments

Comments
 (0)