Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd3eba18

Browse files
committed
chore: update git -> 2.43.4 and terraform -> 1.7.5
This fixes an RCE in git and gets us one minor version closer to fixinga critical Terraform vulnerability. In the next release we'll bump to1.8.x.
1 parent85de0e9 commitd3eba18

File tree

6 files changed

+9
-9
lines changed

6 files changed

+9
-9
lines changed

‎.github/actions/setup-tf/action.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,5 +7,5 @@ runs:
77
-name:Install Terraform
88
uses:hashicorp/setup-terraform@v3
99
with:
10-
terraform_version:1.6.6
10+
terraform_version:1.7.5
1111
terraform_wrapper:false

‎docs/install/offline.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ RUN mkdir -p /opt/terraform
5454
# The below step is optional if you wish to keep the existing version.
5555
# See https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24
5656
# for supported Terraform versions.
57-
ARG TERRAFORM_VERSION=1.5.6
57+
ARG TERRAFORM_VERSION=1.7.5
5858
RUN apk update && \
5959
apk del terraform && \
6060
curl -LOs https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip \

‎dogfood/Dockerfile‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -169,9 +169,9 @@ RUN apt-get update --quiet && apt-get install --yes \
169169
# Configure FIPS-compliant policies
170170
update-crypto-policies --set FIPS
171171

172-
# NOTE: In scripts/Dockerfile.base we specifically install Terraform version 1.6.6.
172+
# NOTE: In scripts/Dockerfile.base we specifically install Terraform version 1.7.5.
173173
# Installing the same version here to match.
174-
RUN wget -O /tmp/terraform.zip"https://releases.hashicorp.com/terraform/1.6.6/terraform_1.6.6_linux_amd64.zip" && \
174+
RUN wget -O /tmp/terraform.zip"https://releases.hashicorp.com/terraform/1.7.5/terraform_1.7.5_linux_amd64.zip" && \
175175
unzip /tmp/terraform.zip -d /usr/local/bin && \
176176
rm -f /tmp/terraform.zip && \
177177
chmod +x /usr/local/bin/terraform && \

‎install.sh‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -250,7 +250,7 @@ EOF
250250
main() {
251251
MAINLINE=1
252252
STABLE=0
253-
TERRAFORM_VERSION="1.6.6"
253+
TERRAFORM_VERSION="1.7.5"
254254

255255
if ["${TRACE-}" ];then
256256
set -x

‎provisioner/terraform/install.go‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,10 @@ var (
2020
// when Terraform is not available on the system.
2121
// NOTE: Keep this in sync with the version in scripts/Dockerfile.base.
2222
// NOTE: Keep this in sync with the version in install.sh.
23-
TerraformVersion=version.Must(version.NewVersion("1.6.6"))
23+
TerraformVersion=version.Must(version.NewVersion("1.7.5"))
2424

2525
minTerraformVersion=version.Must(version.NewVersion("1.1.0"))
26-
maxTerraformVersion=version.Must(version.NewVersion("1.6.9"))// use .9 to automatically allow patch releases
26+
maxTerraformVersion=version.Must(version.NewVersion("1.7.9"))// use .9 to automatically allow patch releases
2727

2828
terraformMinorVersionMismatch=xerrors.New("Terraform binary minor version mismatch.")
2929
)

‎scripts/Dockerfile.base‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ RUN apk add --no-cache \
1010
curl \
1111
wget \
1212
bash \
13-
git \
13+
git=2.43.4-r0 \
1414
openssl \
1515
openssh-client && \
1616
addgroup \
@@ -26,7 +26,7 @@ RUN apk add --no-cache \
2626
# Terraform was disabled in the edge repo due to a build issue.
2727
# https://gitlab.alpinelinux.org/alpine/aports/-/commit/f3e263d94cfac02d594bef83790c280e045eba35
2828
# Using wget for now. Note that busybox unzip doesn't support streaming.
29-
RUN ARCH="$(arch)"; if [ "${ARCH}" == "x86_64" ]; then ARCH="amd64"; elif [ "${ARCH}" == "aarch64" ]; then ARCH="arm64"; fi; wget -O /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.6.6/terraform_1.6.6_linux_${ARCH}.zip" && \
29+
RUN ARCH="$(arch)"; if [ "${ARCH}" == "x86_64" ]; then ARCH="amd64"; elif [ "${ARCH}" == "aarch64" ]; then ARCH="arm64"; fi; wget -O /tmp/terraform.zip "https://releases.hashicorp.com/terraform/1.7.5/terraform_1.7.5_linux_${ARCH}.zip" && \
3030
busybox unzip /tmp/terraform.zip -d /usr/local/bin && \
3131
rm -f /tmp/terraform.zip && \
3232
chmod +x /usr/local/bin/terraform && \

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp