-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependencies and bump to Go 1.17 #41
Conversation
079a383
to
be4fe69
Compare
|
||
RUN apk add ca-certificates --no-cache | ||
RUN apk add ca-certificates --no-cache make && update-ca-certificates |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to copy the car certificates into the final container now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch. Done
|
||
RUN make build | ||
|
||
FROM scratch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💕
This changes is similar to what we did in thanos-recieve-controller #82 and essentially, trying to improve our situation in regards to production readiness.
I've update the Go version to 1.17 and upgrade our dependencies, some of which were deprecated or contained vulnerabilities.
The linter version has been updated because the older version was not executable on OS X.
To keep in sync with our other components and to reduce the attack surface of the image I've updated to using a
scratch
image. I had a quick look at the code and can't see any reason why this would be an issue but perhaps I missed something in that regards.