Merge pull request #114 from UKHomeOffice/ACPENG-1944

[ACPENG-1944] Update Alpine and Golang
UKHomeOffice · May 24, 2024 · bee0166 · bee0166
2 parents c6e94ff + d7095aa
commit bee0166
Show file tree

Hide file tree

Showing 7 changed files with 284 additions and 14 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,2 +1,2 @@
-**
-!bin/
+# **
+# !bin/
diff --git a/.drone.yml b/.drone.yml
@@ -0,0 +1,74 @@
+---
+kind: pipeline
+name: default
+type: kubernetes
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: build-image
+  image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/dind
+  commands:
+  - /usr/local/bin/wait
+  - docker build -t vault-sidekick:$${DRONE_COMMIT_SHA} .
+  when:
+    event:
+    - push
+    - pull_request
+
+- name: scan-image
+  pull: Always
+  image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/trivy/client:latest
+  resources:
+    limits:
+      cpu: 1000
+      memory: 1024Mi
+  environment:
+    IMAGE_NAME: vault-sidekick:${DRONE_COMMIT_SHA}
+    IGNORE_UNFIXED: "true"
+  when:
+    event:
+    - pull_request
+    - push
+
+- name: publish-latest
+  image: plugins/docker
+  settings:
+    registry: quay.io
+    repo: quay.io/ukhomeofficedigital/vault-sidekick
+    tags:
+      - latest
+      - ${DRONE_COMMIT_SHA}
+  environment:
+    DOCKER_USERNAME: ukhomeofficedigital+vault_sidekick
+    DOCKER_PASSWORD:
+      from_secret: DOCKER_PASSWORD
+  when:
+    branch:
+    - main
+    event:
+    - push
+
+- name: publish-tag
+  image: plugins/docker
+  settings:
+    registry: quay.io
+    repo: quay.io/ukhomeofficedigital/vault-sidekick
+    tags: ${DRONE_TAG}
+  environment:
+    DOCKER_USERNAME: ukhomeofficedigital+vault_sidekick
+    DOCKER_PASSWORD:
+      from_secret: DOCKER_PASSWORD
+  when:
+    event:
+    - tag
+
+services:
+- name: docker
+  image: 340268328991.dkr.ecr.eu-west-2.amazonaws.com/acp/dind
+  when:
+    event:
+    - push
+    - pull_request
diff --git a/Dockerfile b/Dockerfile
@@ -1,12 +1,20 @@
-FROM alpine:3.12
-MAINTAINER Rohith <[email protected]>
+FROM golang:1.21 as builder
 
-RUN apk update && \
-    apk add ca-certificates bash
+WORKDIR /go/src/github.com/ukhomeoffice/vault-sidekick
 
+COPY . .
+
+RUN make build
+
+FROM alpine:3.19.1
+
+RUN apk update
+RUN apk upgrade
+RUN apk add ca-certificates bash
 RUN adduser -D vault
 
-ADD bin/vault-sidekick /vault-sidekick
+COPY --from=builder /go/src/github.com/ukhomeoffice/vault-sidekick /vault-sidekick
+
 RUN chmod 755 /vault-sidekick
 
 USER vault

diff --git a/Makefile b/Makefile
@@ -2,7 +2,7 @@
 NAME=vault-sidekick
 AUTHOR ?= ukhomeofficedigital
 REGISTRY ?= quay.io
-GOVERSION ?= 1.15.10
+GOVERSION ?= 1.22.2
 HARDWARE=$(shell uname -m)
 VERSION ?= $(shell awk '/release =/ { print $$3 }' main.go | sed 's/"//g')
 GIT_SHA=$(shell git --no-pager describe --always --dirty)

diff --git a/go.mod b/go.mod
@@ -1,11 +1,89 @@
 module github.com/walton-io/vault-sidekick
 
-go 1.15
+go 1.21
+
+toolchain go1.21.3
 
 require (
-	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
-	github.com/hashicorp/vault/api v1.0.4
-	github.com/stretchr/testify v1.7.0
+	github.com/golang/glog v1.2.1
+	github.com/hashicorp/vault/api v1.13.0
+	github.com/stretchr/testify v1.9.0
 	gopkg.in/yaml.v2 v2.4.0
-	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
+)
+
+require (
+	cloud.google.com/go v0.26.0 // indirect
+	github.com/BurntSushi/toml v0.3.1 // indirect
+	github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da // indirect
+	github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310 // indirect
+	github.com/bgentry/speakeasy v0.1.0 // indirect
+	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
+	github.com/client9/misspell v0.3.4 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/fatih/color v1.16.0 // indirect
+	github.com/fatih/structs v1.1.0 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.1 // indirect
+	github.com/go-ldap/ldap v3.0.2+incompatible // indirect
+	github.com/go-test/deep v1.0.2 // indirect
+	github.com/golang/mock v1.1.1 // indirect
+	github.com/golang/protobuf v1.3.1 // indirect
+	github.com/golang/snappy v0.0.1 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-hclog v0.16.2 // indirect
+	github.com/hashicorp/go-immutable-radix v1.0.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-plugin v1.0.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
+	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
+	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
+	github.com/hashicorp/go-uuid v1.0.1 // indirect
+	github.com/hashicorp/go-version v1.1.0 // indirect
+	github.com/hashicorp/golang-lru v0.5.1 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hashicorp/vault/sdk v0.1.13 // indirect
+	github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mitchellh/cli v1.1.5 // indirect
+	github.com/mitchellh/copystructure v1.0.0 // indirect
+	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/go-testing-interface v1.0.0 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/mitchellh/reflectwalk v1.0.0 // indirect
+	github.com/natefinch/atomic v1.0.1 // indirect
+	github.com/oklog/run v1.0.0 // indirect
+	github.com/pascaldekloe/goe v0.1.0 // indirect
+	github.com/pierrec/lz4 v2.0.5+incompatible // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/posener/complete v1.1.1 // indirect
+	github.com/ryanuber/columnize v2.1.2+incompatible // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
+	github.com/stretchr/objx v0.5.2 // indirect
+	github.com/yuin/goldmark v1.4.13 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/exp v0.0.0-20190121172915-509febef88a4 // indirect
+	golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3 // indirect
+	golang.org/x/mod v0.8.0 // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be // indirect
+	golang.org/x/sync v0.1.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
+	golang.org/x/tools v0.6.0 // indirect
+	golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 // indirect
+	google.golang.org/appengine v1.4.0 // indirect
+	google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107 // indirect
+	google.golang.org/grpc v1.22.0 // indirect
+	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
+	gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 // indirect
+	gopkg.in/square/go-jose.v2 v2.3.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc // indirect
 )
-Original file line number
+Diff line change
@@ -1,2 +1,2 @@
-    **
-    !bin/
+    # **
+    # !bin/