diff --git a/Makefile b/Makefile index 4192bbb..6b533d2 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ GENAPIDOC = npx @redocly/cli build-docs -o docs/api/index.html api/openapi-spec/ tools := gostwire gostdump lsallnifs -.PHONY: help pkgsite docsify redocsify build rebuild test test-all report clean deploy undeploy coverage lsallnifs install-tools vuln dist +.PHONY: help pkgsite docsify redocsify build rebuild test test-all report clean deploy undeploy coverage grype lsallnifs install-tools vuln dist help: ## list available targets @# Derived from Gomega's Makefile (github.com/onsi/gomega) under MIT License @@ -33,6 +33,9 @@ test-all: ## run tests as root as well as an ordinary user, including KinD go test -v -p 1 -tags=matchers,kind -exec sudo ./... go test -v -p 1 -tags=matchers,kind ./... +grype: ## run grype vul scan on sources + @scripts/grype.sh + docsify: ## run a docsify HTTP server on port 3300 (and 3301) @$(GENAPIDOC) @scripts/docsify.sh ./docs diff --git a/go.mod b/go.mod index 7c7a9d5..474b992 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,6 @@ replace github.com/mattn/go-sqlite3 => github.com/mattn/go-sqlite3 v1.14.12 require ( github.com/cenkalti/backoff/v4 v4.2.1 - github.com/containerd/containerd v1.7.7 github.com/containernetworking/cni v1.1.2 github.com/docker/docker v24.0.6+incompatible github.com/dustinkirkland/golang-petname v0.0.0-20231002161417-6a283f1aaaf2 @@ -15,9 +14,9 @@ require ( github.com/gorilla/mux v1.8.0 github.com/gorilla/websocket v1.5.0 github.com/jinzhu/copier v0.4.0 - github.com/ohler55/ojg v1.19.4 + github.com/ohler55/ojg v1.20.1 github.com/onsi/ginkgo/v2 v2.13.0 - github.com/onsi/gomega v1.28.0 + github.com/onsi/gomega v1.28.1 github.com/ory/dockertest v3.3.5+incompatible github.com/ory/dockertest/v3 v3.10.0 github.com/siemens/ieddata v1.0.0 @@ -32,7 +31,7 @@ require ( github.com/thediveo/netdb v1.0.2 github.com/thediveo/nufftables v0.8.0 github.com/thediveo/osrelease v1.0.1 - github.com/thediveo/procfsroot v1.0.0 + github.com/thediveo/procfsroot v1.0.1 github.com/thediveo/success v1.0.1 github.com/thediveo/testbasher v1.0.7 github.com/thediveo/whalewatcher v0.10.1 @@ -44,6 +43,7 @@ require ( ) require ( + github.com/containerd/containerd v1.7.7 // indirect github.com/containerd/log v0.1.0 // indirect gotest.tools v2.2.0+incompatible // indirect k8s.io/cri-api v0.28.2 // indirect @@ -81,7 +81,7 @@ require ( github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 // indirect github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect @@ -94,7 +94,6 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/josharian/native v0.0.0-20200817173448-b6b71def0850 // indirect github.com/klauspost/compress v1.16.6 // indirect - github.com/lib/pq v1.10.9 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-isatty v0.0.19 // indirect github.com/mattn/go-sqlite3 v1.14.17 // indirect @@ -116,7 +115,7 @@ require ( github.com/pelletier/go-toml v1.9.5 // indirect github.com/perimeterx/marshmallow v1.1.5 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/siemens/turtlefinder v1.0.1 + github.com/siemens/turtlefinder v1.0.2 github.com/spf13/pflag v1.0.5 // indirect github.com/thediveo/go-mntinfo v1.0.1 // indirect github.com/thediveo/ioctl v0.9.2 diff --git a/go.sum b/go.sum index e5f931d..f265fc8 100644 --- a/go.sum +++ b/go.sum @@ -140,8 +140,9 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/nftables v0.1.0 h1:T6lS4qudrMufcNIZ8wSRrL+iuwhsKxpN+zFLxhUWOqk= github.com/google/nftables v0.1.0/go.mod h1:b97ulCCFipUC+kSin+zygkvUVpx0vyIAwxXFdY3PlNc= @@ -206,7 +207,6 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= -github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= @@ -256,8 +256,8 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLA github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/ohler55/ojg v1.19.4 h1:ZIgfyHI83aLx+fi1VoKn4I80HqWo45usWKnnxw94Mro= -github.com/ohler55/ojg v1.19.4/go.mod h1:uHcD1ErbErC27Zhb5Df2jUjbseLLcmOCo6oxSr3jZxo= +github.com/ohler55/ojg v1.20.1 h1:Io65sHjMjYPI7yuhUr8VdNmIQdYU6asKeFhOs8xgBnY= +github.com/ohler55/ojg v1.20.1/go.mod h1:uHcD1ErbErC27Zhb5Df2jUjbseLLcmOCo6oxSr3jZxo= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= @@ -287,8 +287,8 @@ github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmv github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= -github.com/onsi/gomega v1.28.0 h1:i2rg/p9n/UqIDAMFUJ6qIUUMcsqOuUHgbpbu235Vr1c= -github.com/onsi/gomega v1.28.0/go.mod h1:A1H2JE76sI14WIP57LMKj7FVfCHx3g3BcZVjJG8bjX8= +github.com/onsi/gomega v1.28.1 h1:MijcGUbfYuznzK/5R4CPNoUP/9Xvuo20sXfEm6XxoTA= +github.com/onsi/gomega v1.28.1/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= @@ -325,10 +325,13 @@ github.com/siemens/mobydig v1.0.0 h1:kOZ0QYwXGxAuhT+A3Dz1QGoaovxyywVvwEvLC9yETkc github.com/siemens/mobydig v1.0.0/go.mod h1:TtROWS4S7mfaAFUGmbhaZ9jnUFsdfLWYnLPTi+44g4Q= github.com/siemens/turtlefinder v1.0.1 h1:CMReXXC5dWu1/JJTLyxZ6ja20GleyVuRD9gcxUNpjIo= github.com/siemens/turtlefinder v1.0.1/go.mod h1:GCWkpEhDxcOyYN5ZqXpss1uxc70Lbg3TsZdcyQEMlw4= +github.com/siemens/turtlefinder v1.0.2 h1:tcqS1fcqfaBVUNjebxbasCv6zF3FYMjrNjzeZVtLjJQ= +github.com/siemens/turtlefinder v1.0.2/go.mod h1:GCWkpEhDxcOyYN5ZqXpss1uxc70Lbg3TsZdcyQEMlw4= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= @@ -365,15 +368,13 @@ github.com/thediveo/netdb v1.0.2 h1:icuZWO8btuubgjFFFhxWmXALATlQO6bqEer7DPxRPco= github.com/thediveo/netdb v1.0.2/go.mod h1:Mz/McdR84D8xUX7rWk0cRgNLrLvqfDPzTAQKUeCR0OY= github.com/thediveo/notwork v1.3.0 h1:p2AfSBmr8FwHSqDQw1pry20dooT+ErEagfvh85wAjjU= github.com/thediveo/notwork v1.3.0/go.mod h1:OpfrCxmMtaPI7hzzWrg8cwUcW4H3QDijjTfKet9jYfE= -github.com/thediveo/nufftables v0.7.3 h1:nkA3gT2Timhpf0kGapuT5qE+bni+7V32Q3GsbNq7MtM= -github.com/thediveo/nufftables v0.7.3/go.mod h1:+3hqXzoGduN4du45Uojx5iZ7hFPdZRpIoIJNnDPd7Ig= github.com/thediveo/nufftables v0.8.0 h1:9xRtR0D8rCzp6D5k5qMy019v7zHCWvufoaFLz857pT8= github.com/thediveo/nufftables v0.8.0/go.mod h1:gnlGJOB6WJkx5MokgzBlnUxdPVFo488aTJGyQMpeVhQ= github.com/thediveo/once v0.9.0 h1:QmWMzqUnOtAxmBTOwIYc6gAN3lgVrmcJaLJrAHDNLPI= github.com/thediveo/osrelease v1.0.1 h1:NADNJzzGcL8N3oI8t8e0PagQfUKCq73OssIQMuau8FA= github.com/thediveo/osrelease v1.0.1/go.mod h1:WFlwmKYJs1t6Fxv3qEbOOQkJS+GrNZhRT0mmgAe8pcg= -github.com/thediveo/procfsroot v1.0.0 h1:jQMB45ELWX/K8ew2Vuz8yLvEsqcYu0dmz/YhA8NQiWI= -github.com/thediveo/procfsroot v1.0.0/go.mod h1:MbfLUIgAUn7g4vS/zhU6h1bq4SGrTCmTHAty85ll3Uo= +github.com/thediveo/procfsroot v1.0.1 h1:uJBK+LARIa8fJVyMqgsdZHaK8/XYyLAB0QzQr0zEeIs= +github.com/thediveo/procfsroot v1.0.1/go.mod h1:COuiAyTYS1iy2NP2Uti9YzTxxWqQlNMD57Xvfn65kIk= github.com/thediveo/spaserve v1.0.1 h1:GA4y1aKNRSl6YEUw/I1Y71uzyTRb/5CcY+sUxcUDQO0= github.com/thediveo/spaserve v1.0.1/go.mod h1:Y3v1NTNoUeSTkTzXwGBhBHbjf/2D7YEOI8lt7T0XQrY= github.com/thediveo/success v1.0.1 h1:NVwUOwKUwaN8szjkJ+vsiM2L3sNBFscldoDJ2g2tAPg= @@ -470,8 +471,6 @@ golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.16.0 h1:7eBu7KsSvFDtSXUIDbh3aqlK4DPsZ1rByC8PFfBThos= -golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= diff --git a/scripts/grype.sh b/scripts/grype.sh new file mode 100755 index 0000000..1dba456 --- /dev/null +++ b/scripts/grype.sh @@ -0,0 +1,11 @@ +#!/bin/bash +set -e + +if ! command -v grype &>/dev/null; then + export PATH="$(go env GOPATH)/bin:$PATH" + if ! command -v grype^ &>/dev/null; then + go install github.com/anchore/grype/cmd/grype@latest + fi +fi + +grype dir:.