upgrade Go to 1.25 and update vulnerable x/net and x/crypto dependencies#162
upgrade Go to 1.25 and update vulnerable x/net and x/crypto dependencies#162sahusanket wants to merge 1 commit into
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the Go version to 1.25, updates several dependency versions, adjusts RBAC roles, and cleans up formatting across several controller files. A critical issue was identified in the RBAC configuration (config/rbac/role.yaml), where reducing the verbs for configmaps and services to only create will cause reconciliation failures due to missing CRUD permissions.
| - apiGroups: | ||
| - "" | ||
| resources: | ||
| - configmaps | ||
| verbs: | ||
| - create | ||
| - delete | ||
| - get | ||
| - list | ||
| - patch | ||
| - update | ||
| - watch | ||
| - apiGroups: | ||
| - "" | ||
| resources: | ||
| - services | ||
| verbs: | ||
| - create |
There was a problem hiding this comment.
Reducing the verbs for configmaps and services to only create is a critical regression. The operator reconciles these resources and requires full CRUD permissions (create, delete, get, list, patch, update, watch) to function correctly. Without these permissions, the operator will encounter RBAC authorization errors during reconciliation.
- apiGroups:
- ""
resources:
- configmaps
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
sahusanket
force-pushed
the
vuln_fix_go_xnet_xcrypto
branch
from
d5729d9 to
cb9bf8c
Compare
1 participant
No description provided.