From 57fc96959152c8c7ec33ac40b29f447accb6db17 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Fri, 10 Feb 2023 14:38:06 +0100 Subject: [PATCH] UPSTREAM: : bump(apiserver-library-go): scc admission - seccomp profiles fix --- go.mod | 4 ++-- go.sum | 4 ++-- .../pkg/securitycontextconstraints/seccomp/strategy.go | 4 ++-- vendor/modules.txt | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index 385a2f3e9a2a..f292cad1186a 100644 --- a/go.mod +++ b/go.mod @@ -58,7 +58,7 @@ require ( github.com/opencontainers/runc v1.1.3 github.com/opencontainers/selinux v1.10.0 github.com/openshift/api v0.0.0-20221116152553-4b67c2b2bb1e - github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c + github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 github.com/openshift/client-go v0.0.0-20221019143426-16aed247da5c github.com/openshift/library-go v0.0.0-20221205131816-1700fb06ea43 github.com/pkg/errors v0.9.1 @@ -494,7 +494,7 @@ replace ( github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.10.0 github.com/openshift/api => github.com/openshift/api v0.0.0-20221116152553-4b67c2b2bb1e - github.com/openshift/apiserver-library-go => github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c + github.com/openshift/apiserver-library-go => github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 github.com/openshift/build-machinery-go => github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20221019143426-16aed247da5c github.com/openshift/library-go => github.com/openshift/library-go v0.0.0-20221205131816-1700fb06ea43 diff --git a/go.sum b/go.sum index a34109a14e75..8ea4f28f5758 100644 --- a/go.sum +++ b/go.sum @@ -353,8 +353,8 @@ github.com/opencontainers/selinux v1.10.0 h1:rAiKF8hTcgLI3w0DHm6i0ylVVcOrlgR1kK9 github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/openshift/api v0.0.0-20221116152553-4b67c2b2bb1e h1:1MXi1NzWM2HVQrjL7rMz/43Py5WqfDCsl5tu7RU37XI= github.com/openshift/api v0.0.0-20221116152553-4b67c2b2bb1e/go.mod h1:aQ6LDasvHMvHZXqLHnX2GRmnfTWCF/iIwz8EMTTIE9A= -github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c h1:Wf/+w/6F/F3GnT/dBKvez6W4JlxRJ2JprzwsFIS27Bo= -github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c/go.mod h1:Rf4eEydKLk+BkXhb2oSxNJWWOdI/2XrU6Z9+Jn4AD6Q= +github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 h1:N71UWk4rjtqzASGdnDcv9Myski9AZjfHEacDH/Tt424= +github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681/go.mod h1:Rf4eEydKLk+BkXhb2oSxNJWWOdI/2XrU6Z9+Jn4AD6Q= github.com/openshift/client-go v0.0.0-20221019143426-16aed247da5c h1:CV76yFOTXmq9VciBR3Bve5ZWzSxdft7gaMVB3kS0rwg= github.com/openshift/client-go v0.0.0-20221019143426-16aed247da5c/go.mod h1:lFMO8mLHXWFzSdYvGNo8ivF9SfF6zInA8ZGw4phRnUE= github.com/openshift/library-go v0.0.0-20221205131816-1700fb06ea43 h1:siIMiY/kTrQvUzpwseN9Esw6fH+PD21VfqAzTa1b53M= diff --git a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/seccomp/strategy.go b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/seccomp/strategy.go index fdbf4cd46a13..8886bd0d188d 100644 --- a/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/seccomp/strategy.go +++ b/vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/seccomp/strategy.go @@ -141,8 +141,8 @@ func (s *strategy) validateProfile(fldPath *field.Path, profile string) *field.E // This means that we now have to automatically allow `runtime/default` // if a user specifies `docker/default` and vice versa in an SCC. if s.runtimeDefaultAllowed && - (p == v1.DeprecatedSeccompProfileDockerDefault || - p == v1.SeccompProfileRuntimeDefault) { + (profile == v1.DeprecatedSeccompProfileDockerDefault || + profile == v1.SeccompProfileRuntimeDefault) { return nil } } diff --git a/vendor/modules.txt b/vendor/modules.txt index e94478087353..5ca7dee9fb7a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -738,7 +738,7 @@ github.com/openshift/api/security github.com/openshift/api/security/v1 github.com/openshift/api/template/v1 github.com/openshift/api/user/v1 -# github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c => github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c +# github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 => github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 ## explicit; go 1.18 github.com/openshift/apiserver-library-go/pkg/admission/imagepolicy github.com/openshift/apiserver-library-go/pkg/admission/imagepolicy/apis/imagepolicy/v1 @@ -3011,7 +3011,7 @@ sigs.k8s.io/yaml # github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 # github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.10.0 # github.com/openshift/api => github.com/openshift/api v0.0.0-20221116152553-4b67c2b2bb1e -# github.com/openshift/apiserver-library-go => github.com/openshift/apiserver-library-go v0.0.0-20221017210321-925452e8316c +# github.com/openshift/apiserver-library-go => github.com/openshift/apiserver-library-go v0.0.0-20230210123647-1a6a836b6681 # github.com/openshift/build-machinery-go => github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d # github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20221019143426-16aed247da5c # github.com/openshift/library-go => github.com/openshift/library-go v0.0.0-20221205131816-1700fb06ea43