Skip to content

Remove vendor gowork 4.17 #384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
shubhadapaithankar wants to merge 36 commits into
base: main
Choose a base branch
from
Open

Remove vendor gowork 4.17 #384

shubhadapaithankar wants to merge 36 commits into from

Conversation

@shubhadapaithankar
Copy link

@shubhadapaithankar shubhadapaithankar commented Jan 29, 2026
edited
Loading

The go.work and go.work.sum files were accidentally included when vendoring the Azure SDK azidentity package. These files cause build failures with:

directory cmd/aro is contained in a module that is not one of the workspace modules listed in go.work

Removing these files fixes the build.

This is blocking the OneBranch installer image build pipeline.

preetisht and others added 30 commits June 3, 2025 10:31
@preetisht
Bumping up fluentbit base image to latest
ed587ca
@openshift-merge-bot
Merge pull request openshift#312 from openshift-cherrypick-robot/cher…
0dcf144 
…ry-pick-301-to-release-4.17

[release-4.17] Bumping up fluentbit base image to latest
@hawkowl
add code for fips-detect
d5a0111
@hawkowl
fix up check-fips
c6b9812
@hawkowl
bump dockerfile
ca3f061
@hawkowl
1.22 for fipsdetect
1af9722
@hawkowl
fix a lint error
5576f34
@hawkowl
update makefile to be more like ARO-RP's
e5cffd9
@hawkowl
try this
744a04e
@hawkowl
fix dockerfile
96a3910
@hawkowl
fix?
ca75a21
@hawkowl
maybe this will work for CI
158c8b6
@openshift-merge-bot
Merge pull request openshift#313 from openshift-cherrypick-robot/cher…
7e24135 
…ry-pick-308-to-release-4.17

[release-4.17] [ARO-9688] Move to partner-share-openshift image for builds, add fips-detect to validate our FIPS building
@hawkowl
update to go 1.24 and new golangci-lint
4562d58
@hawkowl
migrate golangci-lint config
3ecb55f
@hawkowl
update golangci-lint config
83f5e3c
@hawkowl
move to golang-lint-ci in makefile
ace06bc
@hawkowl
run golangcilint --fix
0c960ab
@hawkowl
go mod vendor
adf480c
@hawkowl
fix tests
ef6fbce
@openshift-merge-bot
Merge pull request openshift#321 from openshift-cherrypick-robot/cher…
c457753 
…ry-pick-317-to-release-4.17

[release-4.17] [ARO-19962] Update to go 1.24, golangci-lint, and run --fix
@hawkowl
don't check for availability zones in bad regions (like centraluseuap)
bdec16f
@openshift-merge-bot
Merge pull request openshift#326 from openshift-cherrypick-robot/cher…
fe21c1b 
…ry-pick-324-to-release-4.17

[release-4.17] [ARO-20321] Don't check for availability zones in bad regions (like centraluseuap)
@rhamitarora
FluentBit update to latest version 4.0.2
da33545
@rhamitarora
FluentBit update to latest version 4.0.2
05daa0d
@aasserzo
Fix security vulnerabilities in dependencies for release-4.17
4d0f1de 
- Updated golang.org/x/net from v0.35.0 to v0.38.0 to fix:
  - GHSA-qxp5-gwg8-xv66
  - GHSA-vvgc-356p-c3xw (CVE-2025-22872)
- Updated github.com/golang-jwt/jwt/v4 from v4.5.1 to v4.5.2 to fix:
  - GHSA-mh63-6h87-95cp
- Updated github.com/golang-jwt/jwt/v5 from v5.2.1 to v5.2.2 to fix:
  - GHSA-mh63-6h87-95cp (same vulnerability affects both v4 and v5)
- Updated related dependencies (x/crypto, x/sync, x/sys, x/term, x/text)
- Updated vendor directory to match dependency changes

System library vulnerabilities (glibc, krb5, libxml2) will be fixed on image rebuild.
@openshift-merge-bot
Merge pull request openshift#343 from aasserzo/aasserzo/ARO-21088/rel…
7f68477 
…ease-4.17

ARO-21088: Installer vulnerabilities September 2025 - 4.17
@fahlmant
Add red-hat-managed: true tag to install-config
b790e79
@openshift-merge-bot
Merge pull request openshift#348 from openshift-cherrypick-robot/cher…
77be41f 
…ry-pick-347-to-release-4.17

[release-4.17] Add red-hat-managed: true tag to install-config
@cadenmarchese
Revert "Add red-hat-managed: true tag to install-config"
f936c21 
This reverts commit 326633f.
openshift-merge-bot bot and others added 5 commits October 9, 2025 16:41
@openshift-merge-bot
Merge pull request openshift#356 from openshift-cherrypick-robot/cher…
bed4829 
…ry-pick-353-to-release-4.17

[release-4.17] Revert "Add red-hat-managed: true tag to install-config"
Make builder and base images configurable via build args
f8684d3 
Split image configuration into granular build args for better flexibility:

Builder image args:
- BUILDER_REGISTRY (default: registry.ci.openshift.org)
- BUILDER_REPOSITORY (default: ocp/builder)
- BUILDER_TAG (default: rhel-9-golang-1.24-openshift-4.20)

Base image args:
- REGISTRY (default: registry.access.redhat.com)
- REPOSITORY (default: ubi9/ubi-minimal)
- TAG (default: latest)

This allows customizing individual components (registry, repository, or tag)
without modifying the Dockerfile, making it more flexible for different
environments (e.g., using MCR images for OneBranch pipelines).

Defaults maintain existing behavior.
@openshift-merge-bot
Merge pull request openshift#363 from openshift-cherrypick-robot/cher…
f42d2f7 
…ry-pick-359-to-release-4.17

[release-4.17] Make builder and base images configurable via build args
@hlipsig
Merge pull request openshift#334 from openshift-cherrypick-robot/cher…
70d123e 
…ry-pick-329-to-release-4.17

[release-4.17] ARO-14269 Fluentbit update to latest support version 4.0.4
@hlipsig
Merge pull request openshift#330 from openshift-cherrypick-robot/cher…
3b8f37b 
…ry-pick-316-to-release-4.17

[release-4.17] ARO-14269 Fluentbit update to latest support version 4.0.4
@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 29, 2026
@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Jan 29, 2026

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci bot requested review from kimorris27 and tiguelu January 29, 2026 18:03
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jan 29, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: shubhadapaithankar
Once this PR has been reviewed and has the lgtm label, please assign tiguelu for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@shubhadapaithankar
vendor: Remove accidental go.work from azidentity
88cef6c 
The go.work and go.work.sum files were accidentally included when
vendoring the Azure SDK azidentity package. These files cause build
failures with "directory cmd/aro is contained in a module that is
not one of the workspace modules listed in go.work" error.

Removing these files fixes the build.
@shubhadapaithankar shubhadapaithankar force-pushed the remove-vendor-gowork-4.17 branch from 1fe2400 to 88cef6c Compare January 29, 2026 18:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kimorris27 kimorris27 Awaiting requested review from kimorris27

@tiguelu tiguelu Awaiting requested review from tiguelu

Assignees

No one assigned

Labels

needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@shubhadapaithankar @openshift-merge-robot @preetisht @hawkowl @rhamitarora @aasserzo @fahlmant @cadenmarchese @hlipsig