update to go 1.22 and k8s.io mods to v0.30

as part of fixing CVE-2023-48795 [0], the golang.org/x/crypto fixed this in v0.17 [1]. this brings in 0.22: ❯ go list -m -mod=mod all | rg crypto golang.org/x/crypto v0.21.0 this also updated kubernetes.NewForConfig() which now requires context.Context as the first argument so that was updated. [0] https://www.cve.org/CVERecord?id=CVE-2023-48795 [1] : ❯ git remote -v origin https://go.googlesource.com/crypto (fetch) origin https://go.googlesource.com/crypto (push) * (HEAD detached at v0.17.0) ❯ git br master ❯ git log -1 commit 9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d (HEAD, tag: v0.17.0) Author: Roland Shoemaker <bracewell@google.com> Date: Mon Nov 20 12:06:18 2023 -0800 ssh: implement strict KEX protocol changes Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Signed-off-by: Jamo Luhrsen <jluhrsen@gmail.com>
jluhrsen · Jun 21, 2024 · 2fe0f42 · 2fe0f42
1 parent 91c3a0e
commit 2fe0f42
Show file tree

Hide file tree

Showing 2,932 changed files with 617,187 additions and 215,463 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.15
+FROM golang:1.22
 ADD . /usr/src/egress-router-cni
 RUN mkdir -p $GOPATH/src/github.com/openshift/egress-router-cni
 WORKDIR $GOPATH/src/github.com/openshift/egress-router-cni

diff --git a/go.mod b/go.mod
@@ -1,19 +1,65 @@
 module github.com/openshift/egress-router-cni
 
-go 1.13
+go 1.22
 
 require (
 	github.com/containernetworking/cni v0.8.0
 	github.com/containernetworking/plugins v0.8.7
 	github.com/coreos/go-iptables v0.4.5
 	github.com/j-keck/arping v1.0.0
 	github.com/onsi/ginkgo v1.8.0
-	github.com/onsi/gomega v1.5.0
+	github.com/onsi/gomega v1.31.0
 	github.com/openshift/build-machinery-go v0.0.0-20200512074546-3744767c4131
 	github.com/pkg/errors v0.9.1
-	github.com/stretchr/testify v1.6.1
+	github.com/stretchr/testify v1.8.4
 	github.com/vishvananda/netlink v1.0.0
+	k8s.io/apimachinery v0.30.0
+	k8s.io/client-go v0.30.0
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/hpcloud/tail v1.0.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8 // indirect
+	github.com/stretchr/objx v0.5.0 // indirect
+	github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect
+	golang.org/x/net v0.23.0 // indirect
+	golang.org/x/oauth2 v0.10.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	gopkg.in/fsnotify.v1 v1.4.7 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apimachinery v0.0.0-20190913080033-27d36303b655
-	k8s.io/client-go v0.0.0-20190918160344-1fbdaa4c8d90
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.30.0 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
+	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
 )
diff --git a/go.sum b/go.sum
diff --git a/pkg/dependencymagnet/doc.go b/pkg/dependencymagnet/doc.go
@@ -1,3 +1,4 @@
+//go:build tools
 // +build tools
 
 // go mod won't pull in code that isn't depended upon, but we have some code we don't depend on from code that must be included

diff --git a/pkg/macvlan/macvlan.go b/pkg/macvlan/macvlan.go
@@ -1,6 +1,7 @@
 package macvlan
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net"
@@ -221,7 +222,7 @@ func loadIPConfig(ipc *types.IPConfig, podNamespace string) (*types.IP, map[stri
 		return nil, nil, fmt.Errorf("failed to get Kubernetes clientset")
 	}
 
-	cm, err := clientset.CoreV1().ConfigMaps(ipc.Namespace).Get(ipc.Name, metav1.GetOptions{})
+	cm, err := clientset.CoreV1().ConfigMaps(ipc.Namespace).Get(context.TODO(), ipc.Name, metav1.GetOptions{})
 	if err != nil {
 		logging.Errorf("failed to get ConfigMap on namespace %s with name %s", ipc.Namespace, ipc.Name)
 		return nil, nil, fmt.Errorf("failed to get ConfigMap on namespace %s with name %s", ipc.Namespace, ipc.Name)

diff --git a/pkg/util/netlinkops.go b/pkg/util/netlinkops.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 package util

diff --git a/vendor/github.com/emicklei/go-restful/v3/.gitignore b/vendor/github.com/emicklei/go-restful/v3/.gitignore
diff --git a/vendor/github.com/emicklei/go-restful/v3/.goconvey b/vendor/github.com/emicklei/go-restful/v3/.goconvey
diff --git a/vendor/github.com/emicklei/go-restful/v3/.travis.yml b/vendor/github.com/emicklei/go-restful/v3/.travis.yml