fix: CVE updates for libraries (#460)

- update several libraries for CVEs
- update test containers to newer version

Signed-off-by: Brian Davis <[email protected]>

.go-version

@@ -0,0 +1 @@
+1.24.1

Dockerfile

@@ -3,7 +3,7 @@
 # Similar to https://github.com/drecom/docker-centos-ruby/blob/2.6.5-slim/Dockerfile
 
 
-FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.21 as builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.24 AS builder
 
 ARG TARGETPLATFORM
 ARG BUILDPLATFORM
@@ -29,8 +29,8 @@ ARG BUILDPLATFORM
 ARG TARGETOS
 ARG TARGETARCH
 
-ENV PATH $RUBY_PATH/bin:$PATH
-ENV FLUENTD_DISABLE_BUNDLER_INJECTION 1
+ENV PATH=$RUBY_PATH/bin:$PATH
+ENV FLUENTD_DISABLE_BUNDLER_INJECTION=1
 ENV BUILDDEPS="\
       gmp-devel \
       libffi-devel \

config-reloader/controller/controller_test.go

@@ -36,13 +36,13 @@ func TestRunOnceController(t *testing.T) {
 	// 1. Create new controller
 	ctrl, err := New(ctx, &config, ds, up)
 	if err != nil {
-		logrus.Fatalf(err.Error())
+		logrus.Fatalf("Unable to create new controller: %+v", err.Error())
 	}
 
 	// 2. RunOnce controller
 	err = ctrl.RunOnce(ctx)
 	if err != nil {
-		logrus.Fatalf(err.Error())
+		logrus.Fatalf("Unable to trigger RunOnce: %+v",err.Error())
 	}
 	assert.Equal(expectedResult, ctrl.GetTotalConfigNS())
 
@@ -52,13 +52,13 @@ func TestRunOnceController(t *testing.T) {
 	defer os.Remove(newNamespaceFile)
 	err = os.WriteFile(newNamespaceFile, configData, 0644)
 	if err != nil {
-		logrus.Fatalf(err.Error())
+		logrus.Fatalf("Unable to create new Namespace: %+v", err.Error())
 	}
 
 	// 4. RunOnce controller
 	err = ctrl.RunOnce(ctx)
 	if err != nil {
-		logrus.Fatalf(err.Error())
+		logrus.Fatalf("Unable to trigger runOnce: %+v",err.Error())
 	}
 	assert.Equal(expectedResult+1, ctrl.GetTotalConfigNS())
 }

config-reloader/datasource/kube_informer_test.go

@@ -172,7 +172,7 @@ func TestGetNamespaces(t *testing.T) {
 		namespaces, err := ds.GetNamespaces(ctx)
 		// Check Test Result
 		if err != nil {
-			logrus.Fatalf(err.Error())
+			logrus.Fatalf("Unable to get Namespace: %+v", err.Error())
 		}
 		assert.Equal(config.expectedResult, len(namespaces))
 		for index, ns := range namespaces {
@@ -310,7 +310,7 @@ func TestDiscoverNamespaces(t *testing.T) {
 		namespaces, err := ds.discoverNamespaces(ctx)
 		// Check Test Result
 		if err != nil {
-			logrus.Fatalf(err.Error())
+			logrus.Fatalf("Unable to discover Namespace: %+v", err.Error())
 		}
 		assert.Equal(config.expectedResult, len(namespaces))
 	}

config-reloader/go.mod

@@ -1,6 +1,6 @@
 module github.com/vmware/kube-fluentd-operator/config-reloader
 
-go 1.21
+go 1.24
 
 require (
 	github.com/Masterminds/sprig/v3 v3.2.3
@@ -57,7 +57,7 @@ require (
 	github.com/spf13/cast v1.3.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/oauth2 v0.8.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/term v0.27.0 // indirect

config-reloader/go.sum

@@ -191,8 +191,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=

image/fluentd_test.go

@@ -22,6 +22,18 @@ var mu = sync.Mutex{}
 var counterOutput int
 var counterTotal = 5
 
+type FileMountSource struct {
+	FilePath string
+}
+
+func (f *FileMountSource) Source() string {
+	return f.FilePath
+}
+
+func (f *FileMountSource) Type() testcontainers.MountType {
+	return testcontainers.MountTypeBind
+}
+
 func TestFluentd(t *testing.T) {
 	assert := assert.New(t)
 	path, err := os.Getwd()
@@ -48,27 +60,19 @@ func TestFluentd(t *testing.T) {
 		SkipReaper: true,
 		Mounts: testcontainers.ContainerMounts{
 			testcontainers.ContainerMount{
-				Source: testcontainers.GenericBindMountSource{
-					HostPath: fmt.Sprintf("%s/test", path),
-				},
+				Source: &FileMountSource{FilePath: fmt.Sprintf("%s/test", path)},
 				Target: "/workspace/test",
 			},
 			testcontainers.ContainerMount{
-				Source: testcontainers.GenericBindMountSource{
-					HostPath: fmt.Sprintf("%s/test", path),
-				},
+				Source: &FileMountSource{FilePath: fmt.Sprintf("%s/test", path)},
 				Target: "/var/log",
 			},
 			testcontainers.ContainerMount{
-				Source: testcontainers.GenericBindMountSource{
-					HostPath: fmt.Sprintf("%s/test/ci.conf", path),
-				},
+				Source: &FileMountSource{FilePath: fmt.Sprintf("%s/test/ci.conf", path)},
 				Target: "/fluentd/etc/fluent.conf",
 			},
 			testcontainers.ContainerMount{
-				Source: testcontainers.GenericBindMountSource{
-					HostPath: fmt.Sprintf("%s/test/input.conf", path),
-				},
+				Source: &FileMountSource{FilePath: fmt.Sprintf("%s/test/input.conf", path)},
 				Target: "/fluentd/etc/input.conf",
 			},
 		},

image/go.mod

@@ -1,46 +1,61 @@
 module github.com/vmware/kube-fluentd-operator/base-image
 
-go 1.21
+go 1.24
 
 require (
-	github.com/stretchr/testify v1.8.4
-	github.com/testcontainers/testcontainers-go v0.21.0
+	github.com/stretchr/testify v1.9.0
+	github.com/testcontainers/testcontainers-go v0.34.0
 )
 
 require (
+	dario.cat/mergo v1.0.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
-	github.com/Microsoft/go-winio v0.5.2 // indirect
-	github.com/Microsoft/hcsshim v0.9.10 // indirect
-	github.com/cenkalti/backoff/v4 v4.2.0 // indirect
-	github.com/containerd/containerd v1.6.26 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/containerd/containerd v1.7.18 // indirect
 	github.com/containerd/log v0.1.0 // indirect
-	github.com/cpuguy83/dockercfg v0.3.1 // indirect
+	github.com/containerd/platforms v0.2.1 // indirect
+	github.com/cpuguy83/dockercfg v0.3.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/docker/distribution v2.8.2+incompatible // indirect
-	github.com/docker/docker v24.0.9+incompatible // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/distribution/reference v0.6.0 // indirect
+	github.com/docker/docker v27.1.1+incompatible // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/uuid v1.3.0 // indirect
-	github.com/imdario/mergo v0.3.15 // indirect
-	github.com/klauspost/compress v1.15.9 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/klauspost/compress v1.17.4 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
-	github.com/moby/patternmatcher v0.5.0 // indirect
+	github.com/moby/docker-image-spec v1.3.1 // indirect
+	github.com/moby/patternmatcher v0.6.0 // indirect
 	github.com/moby/sys/sequential v0.5.0 // indirect
+	github.com/moby/sys/user v0.1.0 // indirect
 	github.com/moby/term v0.5.0 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b // indirect
-	github.com/opencontainers/runc v1.1.12 // indirect
+	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
+	github.com/shirou/gopsutil/v3 v3.23.12 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	golang.org/x/exp v0.0.0-20230510235704-dd950f8aeaea // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
+	github.com/yusufpapurcu/wmi v1.2.3 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
+	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/metric v1.24.0 // indirect
+	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
-	google.golang.org/grpc v1.58.3 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )