Update dependency go to v1.24.6

Migrate config .github/renovate.json (#167 )
Co-authored-by: renovate-rancher[bot] <119870437+renovate-rancher[bot]@users.noreply.github.com>
2025-09-02 13:44:26 +00:00 · 2025-08-07 04:44:42 +00:00 · 2025-06-24 11:12:58 -04:00 · 2025-06-24 11:12:32 -04:00 · 2025-06-24 11:11:22 -04:00 · 2025-06-11 15:06:36 -04:00
7 changed files with 51 additions and 27 deletions
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -3,24 +3,30 @@
    "github>rancher/renovate-config#release"
  ],
  "baseBranches": [
-    "main", "release/v0.3", "release/v0.4", "release/v0.5"
+    "main",
+    "release/v0.3",
+    "release/v0.4",
+    "release/v0.5"
  ],
  "prHourlyLimit": 2,
  "packageRules": [
    {
-      "matchPackagePatterns": [
-        "k8s.io/*",
-        "sigs.k8s.io/*",
-        "github.com/prometheus/*"
-      ],
-      "enabled": false
+      "enabled": false,
+      "matchPackageNames": [
+        "/k8s.io/*/",
+        "/sigs.k8s.io/*/",
+        "/github.com/prometheus/*/"
+      ]
    },
    {
-      "matchPackagePatterns": [
-        "github.com/rancher/wrangler/*"
+      "matchUpdateTypes": [
+        "major",
+        "minor"
      ],
-      "matchUpdateTypes": ["major", "minor"],
-      "enabled": false
+      "enabled": false,
+      "matchPackageNames": [
+        "/github.com/rancher/wrangler/*/"
+      ]
    }
  ]
 }
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -14,7 +14,7 @@ jobs:
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
    - name: Install Go
      # https://github.com/actions/setup-go/releases/tag/VERSION
-      uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
      with:
        go-version-file: 'go.mod'
-    - run: go test -race -cover ./...
+    - run: go test -v -race -cover ./...
--- a/VERSION.md
+++ b/VERSION.md
@@ -3,8 +3,9 @@ DynamicListener follows a pre-release (v0.x) strategy of semver. There is limite
 The current supported release lines are:

 | DynamicListener Branch | DynamicListener Minor version | Kubernetes Version Range | Wrangler Version |
-|--------------------------|------------------------------------|------------------------------------------------|------------------------------------------------|
-| main | v0.6 | v1.27+ | v3 |
+|------------------------|-------------------------------|--------------------------|------------------------------------------------|
+| main | v0.7 | v1.27+ | v3 |
+| release/v0.6 | v0.6 | v1.27 - v1.32 | v3 |
 | release/v0.5 | v0.5 | v1.26 - v1.30 | v3 |
 | release/v0.4 | v0.4 | v1.25 - v1.28 | v2 |
 | release/v0.3 | v0.3 | v1.23 - v1.27 | v2 |
--- a/factory/gen.go
+++ b/factory/gen.go
@@ -25,7 +25,7 @@ import (
 const (
 	cnPrefix    = "listener.cattle.io/cn-"
 	Static      = "listener.cattle.io/static"
-	fingerprint = "listener.cattle.io/fingerprint"
+	Fingerprint = "listener.cattle.io/fingerprint"
 )

 var (
@@ -189,7 +189,7 @@ func (t *TLS) generateCert(secret *v1.Secret, cn ...string) (*v1.Secret, bool, e
 	secret.Type = v1.SecretTypeTLS
 	secret.Data[v1.TLSCertKey] = certBytes
 	secret.Data[v1.TLSPrivateKeyKey] = keyBytes
-	secret.Annotations[fingerprint] = fmt.Sprintf("SHA1=%X", sha1.Sum(newCert.Raw))
+	secret.Annotations[Fingerprint] = fmt.Sprintf("SHA1=%X", sha1.Sum(newCert.Raw))

 	return secret, true, nil
 }
--- a/go.mod
+++ b/go.mod
@@ -2,10 +2,10 @@ module github.com/rancher/dynamiclistener

 go 1.24.0

-toolchain go1.24.3
+toolchain go1.24.6

 require (
-	github.com/rancher/wrangler/v3 v3.2.2-rc.1
+	github.com/rancher/wrangler/v3 v3.2.2-rc.3
 	github.com/sirupsen/logrus v1.9.3
 	github.com/stretchr/testify v1.10.0
 	golang.org/x/crypto v0.36.0
@@ -41,7 +41,7 @@ require (
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.62.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
-	github.com/rancher/lasso v0.2.3-rc1 // indirect
+	github.com/rancher/lasso v0.2.3-rc3 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	golang.org/x/net v0.38.0 // indirect
 	golang.org/x/oauth2 v0.27.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -72,10 +72,10 @@ github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ
 github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I=
 github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
 github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
-github.com/rancher/lasso v0.2.3-rc1 h1:dRerAaAiziQKSVasSQe3Av2aNGokjidzZD/bLLLIQT4=
-github.com/rancher/lasso v0.2.3-rc1/go.mod h1:L8ct0T/HAYTWLKWPBQCZvluqmr72Yl5YOewjgRRvnMk=
-github.com/rancher/wrangler/v3 v3.2.2-rc.1 h1:UoReGk+6sZD9uVoCpwdFWrznhVs4jKDsZ+fNNMJ0EQE=
-github.com/rancher/wrangler/v3 v3.2.2-rc.1/go.mod h1:G+gawqOKIo7i1jtgPKvzU3RzA+3OCaAsYVxq03Iya20=
+github.com/rancher/lasso v0.2.3-rc3 h1:kkYnARdFeY6A9E2XnjfQbG8CssHQwobPMIFqPRGpVxc=
+github.com/rancher/lasso v0.2.3-rc3/go.mod h1:G+KeeOaKRjp+qGp0bV6VbLhYrq1vHbJPbDh40ejg5yE=
+github.com/rancher/wrangler/v3 v3.2.2-rc.3 h1:ObcqAxQkQFP6r1YI3zJhi9v9PE+UUNNZpelz6NSpQnc=
+github.com/rancher/wrangler/v3 v3.2.2-rc.3/go.mod h1:ukbwLYT+MTCx+43aXNQNYxZizQpeo0gILK05k4RoW7o=
 github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
 github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
@@ -95,8 +95,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
-go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
-go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
+go.uber.org/mock v0.5.2 h1:LbtPTcP8A5k9WPXj54PPPbjcI4Y6lhyOZXn+VS7wNko=
+go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
--- a/storage/memory/memory.go
+++ b/storage/memory/memory.go
@@ -2,6 +2,7 @@ package memory

 import (
 	"github.com/rancher/dynamiclistener"
+	"github.com/rancher/dynamiclistener/factory"
 	"github.com/sirupsen/logrus"
 	v1 "k8s.io/api/core/v1"
 )
@@ -32,7 +33,7 @@ func (m *memory) Get() (*v1.Secret, error) {
 }

 func (m *memory) Update(secret *v1.Secret) error {
-	if m.secret == nil || m.secret.ResourceVersion == "" || m.secret.ResourceVersion != secret.ResourceVersion {
+	if isChanged(m.secret, secret) {
 		if m.storage != nil {
 			if err := m.storage.Update(secret); err != nil {
 				return err
@@ -44,3 +45,19 @@ func (m *memory) Update(secret *v1.Secret) error {
 	}
 	return nil
 }
+
+func isChanged(old, new *v1.Secret) bool {
+	if old == nil {
+		return true
+	}
+	if old.ResourceVersion == "" {
+		return true
+	}
+	if old.ResourceVersion != new.ResourceVersion {
+		return true
+	}
+	if old.Annotations[factory.Fingerprint] != new.Annotations[factory.Fingerprint] {
+		return true
+	}
+	return false
+}
Author	SHA1	Message	Date
renovate-rancher[bot]	fbe527615a	Update dependency go to v1.24.6	2025-08-07 04:44:42 +00:00
renovate-rancher[bot]	8fd666b26c	Migrate config .github/renovate.json (#167 ) Co-authored-by: renovate-rancher[bot] <119870437+renovate-rancher[bot]@users.noreply.github.com>	2025-06-24 11:12:58 -04:00
renovate-rancher[bot]	6a93e7e127	Update actions/setup-go action to v5.5.0 (#177 ) Co-authored-by: renovate-rancher[bot] <119870437+renovate-rancher[bot]@users.noreply.github.com>	2025-06-24 11:12:32 -04:00
renovate-rancher[bot]	db1147364d	Update module github.com/rancher/wrangler/v3 to v3.2.2-rc.3 (#183 ) Co-authored-by: renovate-rancher[bot] <119870437+renovate-rancher[bot]@users.noreply.github.com>	2025-06-24 11:11:22 -04:00
Chad Roberts	6144f3d8db	Update VERSION.md for v0.7 (#181 )	2025-06-11 15:06:36 -04:00
Brad Davidson	242c2af2db	Check certificate fingerprint when deciding if memory store needs to be updated (#180 ) When using a chained store of Kubernetes -> Memory -> File, a file-backed cert with a valid ResourceVersion could not be updated when the Kubernetes store was offline, as the Memory store was skipping the update if the ResourceVersion was not changed. The Kubernetes store passes through the secret update without a modified ResourceVersion if the Secret controller is not yet available to round-trip the secret through the apiserver, as the apiserver is what handles updating the ResourceVersion when the Secret changes. In RKE2, this caused a deadlock on startup when the certificate is expired, as the apiserver cannot be started until the cert is updated, but the cert cannot be updated until the apiserver is up. Fix this by also considering the certificate hash annotation when deciding if the update can be skipped. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2025-06-11 10:52:11 -07:00