Skip to content

Commit 96597a5

Browse files
Abhishek ValabojuAbhishek Valaboju
Abhishek Valaboju
authored and
Abhishek Valaboju
committed
[main] security fix
1 parent 5767595 commit 96597a5

2 files changed

Lines changed: 33 additions & 17 deletions

File tree

hack/make/deps.mk

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,16 @@
11
# renovate: datasource=github-release-attachments depName=golangci/golangci-lint
2-
GOLANGCI_VERSION = v2.1.6
2+
GOLANGCI_VERSION = v2.11.4
3+
GOLANGCI_SUM_amd64 := 200c5b7503f67b59a6743ccf32133026c174e272b930ee79aa2aa6f37aca7ef1
4+
GOLANGCI_SUM_arm64 := 3bcfa2e6f3d32b2bf5cd75eaa876447507025e0303698633f722a05331988db4
35
# renovate: datasource=github-release-attachments depName=k3d-io/k3d
46
K3D_VERSION = v5.8.3
5-
6-
KUBECTL_VERSION = 1.31.10
7+
K3D_SUM_amd64 := dbaa79a76ace7f4ca230a1ff41dc7d8a5036a8ad0309e9c54f9bf3836dbe853e
8+
K3D_SUM_arm64 := 0b8110f2229631af7402fb828259330985918b08fefd38b7f1b788a1c8687216
9+
# renovate: datasource=github-releases packageName=kubernetes/kubernetes
10+
KUBECTL_VERSION = v1.35.3
11+
KUBECTL_SUM_amd64 := fd31c7d7129260e608f6faf92d5984c3267ad0b5ead3bced2fe125686e286ad6
12+
KUBECTL_SUM_arm64 := 6f0cd088a82dde5d5807122056069e2fac4ed447cc518efc055547ae46525f14
713
# renovate: datasource=github-release-attachments depName=helm/helm
8-
HELM_VERSION = v3.18.2
14+
HELM_VERSION = v4.1.3
15+
HELM_SUM_amd64 := 02ce9722d541238f81459938b84cf47df2fdf1187493b4bfb2346754d82a4700
16+
HELM_SUM_arm64 := 5db45e027cc8de4677ec869e5d803fc7631b0bab1c1eb62ac603a62d22359a43

hack/make/tools.mk

Lines changed: 21 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -12,34 +12,42 @@ endif
1212
K3D = $(TOOLS_BIN)/k3d-$(K3D_VERSION)
1313
$(K3D):
1414
rm -f $(TOOLS_BIN)/k3d*
15-
curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | \
16-
PATH=$(PATH):$(TOOLS_BIN) K3D_INSTALL_DIR="$(TOOLS_BIN)" TAG="$(K3D_VERSION)" USE_SUDO=false bash
17-
mv $(TOOLS_BIN)/k3d $(TOOLS_BIN)/k3d-$(K3D_VERSION)
15+
curl -sSfL -o $(K3D) "https://github.com/k3d-io/k3d/releases/download/$(K3D_VERSION)/k3d-$(OS_NAME)-$(OS_ARCH)"
16+
echo "$(K3D_SUM_$(OS_ARCH)) $(K3D)" | shasum -a 256 -c -
17+
chmod u+x $(K3D)
1818

1919
GOLANGCI = $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION)
20+
GOLANGCI_VERSION_TRIMMED := $(GOLANGCI_VERSION:v%=%)
2021
$(GOLANGCI):
21-
rm -f $(TOOLS_BIN)/golangci-lint*
22-
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TOOLS_BIN) $(GOLANGCI_VERSION)
23-
mv $(TOOLS_BIN)/golangci-lint $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION)
22+
rm -rf $(TOOLS_BIN)/golangci*
23+
curl -sSfL -o $(TOOLS_BIN)/golangci.tar.gz \
24+
"https://github.com/golangci/golangci-lint/releases/download/$(GOLANGCI_VERSION)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH).tar.gz"
25+
echo "$(GOLANGCI_SUM_$(OS_ARCH)) $(TOOLS_BIN)/golangci.tar.gz" | shasum -a 256 -c -
26+
tar -xf $(TOOLS_BIN)/golangci.tar.gz -C $(TOOLS_BIN)
27+
mv $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH)/golangci-lint $(GOLANGCI)
28+
chmod u+x $(GOLANGCI)
29+
rm -rf $(TOOLS_BIN)/golangci-lint-$(GOLANGCI_VERSION_TRIMMED)-$(OS_NAME)-$(OS_ARCH)
30+
rm -f $(TOOLS_BIN)/golangci.tar.gz
2431

2532
KUBECTL = $(TOOLS_BIN)/kubectl-$(KUBECTL_VERSION)
2633
$(KUBECTL):
2734
rm -f $(TOOLS_BIN)/kubectl*
28-
curl --output $(KUBECTL) -sSfL "https://dl.k8s.io/release/v$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl"
29-
echo "$(shell curl -L "https://dl.k8s.io/release/v$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl.sha256") $(KUBECTL)" | shasum -a 256 -c -
35+
curl -sSfL -o $(KUBECTL) \
36+
"https://dl.k8s.io/release/$(KUBECTL_VERSION)/bin/$(OS_NAME)/$(OS_ARCH)/kubectl"
37+
echo "$(KUBECTL_SUM_$(OS_ARCH)) $(KUBECTL)" | shasum -a 256 -c -
3038
chmod u+x $(KUBECTL)
3139

3240
HELM = $(TOOLS_BIN)/helm-$(HELM_VERSION)
3341
$(HELM):
3442
rm -rf $(TOOLS_BIN)/helm*
3543
mkdir -p $(TOOLS_BIN)/tmp-helm
36-
curl --output $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz -sSfL "https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz"
37-
$(call indirect-value,HELM_SUM)
38-
cd $(TOOLS_BIN) && echo "$(shell curl -L "https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz.sha256sum")" | shasum -a 256 -c -
39-
tar -xf $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz --strip-components 1 -C $(TOOLS_BIN)/tmp-helm
44+
curl -sSfL -o $(TOOLS_BIN)/helm.tar.gz \
45+
"https://get.helm.sh/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz"
46+
echo "$(HELM_SUM_$(OS_ARCH)) $(TOOLS_BIN)/helm.tar.gz" | shasum -a 256 -c -
47+
tar -xf $(TOOLS_BIN)/helm.tar.gz --strip-components 1 -C $(TOOLS_BIN)/tmp-helm
4048
mv $(TOOLS_BIN)/tmp-helm/helm $(HELM)
4149
chmod u+x $(HELM)
42-
rm -rf $(TOOLS_BIN)/helm-$(HELM_VERSION)-$(OS_NAME)-$(OS_ARCH).tar.gz $(TOOLS_BIN)/tmp-helm
50+
rm -rf $(TOOLS_BIN)/helm.tar.gz $(TOOLS_BIN)/tmp-helm
4351

4452
# go-install-tool will 'go install' any package $2 and install it as $1.
4553
define go-install-tool

0 commit comments

Comments
 (0)