deps: bumped golang versrion 1.21 - 1.23.1 (PROJQUAY-9764)

[namansharma18899]

Updated golang version to resolve CVE-2024-34156

[coderabbitai]

Walkthrough

Go runtime version bumped from 1.21 to 1.23.1 across builder stage Dockerfiles and module configuration. All build processes and dependencies remain structurally unchanged.

Changes

Cohort / File(s)	Change Summary
Docker build stages Dockerfile, Dockerfile.codegen	Updated base image from golang:1.21 to golang:1.23.1 in builder stage
Module configuration go.mod	Bumped Go version directive from 1.21 to 1.23.1

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• All changes are identical version bumps applied uniformly across three files with no logic modifications or behavioral changes

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 4ba8e55 and fec0917.

📒 Files selected for processing (3)

• Dockerfile (1 hunks)
• Dockerfile.codegen (1 hunks)
• go.mod (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Tests

🔇 Additional comments (6)

go.mod (2)

5-66: Dependency list remains locked and unchanged.

No new or removed dependencies. Since the locked dependency versions were previously tested with Go 1.21, ensure CI/CD validates that the build succeeds with Go 1.23.1 and that no runtime issues emerge from Go language changes (e.g., stricter module requirements, range semantics).

---

3-3: Go 1.23.1 resolves CVE-2024-34156.

The version bump to Go 1.23.1 addresses CVE-2024-34156 (GO-2024-3106), which was fixed in this release.

Dockerfile.codegen (1)

1-1: Base image version aligned with go.mod and Dockerfile.

The golang base image is consistently bumped to 1.23.1. Ensure the golang:1.23.1 image is available and stable in the container registry.

Dockerfile (3)

1-1: Builder base image consistently updated to 1.23.1.

The builder stage base image is bumped to 1.23.1, matching go.mod. The cross-compilation setup (line 19: CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH) should remain compatible with Go 1.23.1. Verify cross-compilation targets succeed in CI/CD.

---

21-25: Final stage unaffected by Go version bump.

The runtime stage uses a static binary copied from the builder. No Go version dependencies exist at runtime.

---

1-25: No stray Go 1.21 references remain—version bump is complete and consistent.

Verification confirms the Go version upgrade to 1.23.1 is consistent across go.mod, Dockerfile, and all configuration files. No conflicting or outdated Go 1.21 references were found in the repository, including build scripts (hack/build.sh) and CI/CD configurations.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[namansharma18899]

/cherry-pick redhat-3.16

[openshift-cherrypick-robot]

@namansharma18899: once the present PR merges, I will cherry-pick it on top of redhat-3.16 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick redhat-3.16

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[namansharma18899]

/cherry-pick redhat-3.15

[openshift-cherrypick-robot]

@namansharma18899: once the present PR merges, I will cherry-pick it on top of redhat-3.15 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick redhat-3.15

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[namansharma18899]

/cherry-pick redhat-3.14

[openshift-cherrypick-robot]

@namansharma18899: once the present PR merges, I will cherry-pick it on top of redhat-3.14 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick redhat-3.14

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-cherrypick-robot]

@namansharma18899: new pull request could not be created: failed to create pull request against quay/container-security-operator#redhat-3.16 from head openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.16: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"No commits between quay:redhat-3.16 and openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.16"}],"documentation_url":"https://docs.github.com/rest/pulls/pulls#create-a-pull-request","status":"422"}

Details

In response to this:

/cherry-pick redhat-3.16

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-cherrypick-robot]

@namansharma18899: new pull request could not be created: failed to create pull request against quay/container-security-operator#redhat-3.15 from head openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.15: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"No commits between quay:redhat-3.15 and openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.15"}],"documentation_url":"https://docs.github.com/rest/pulls/pulls#create-a-pull-request","status":"422"}

Details

In response to this:

/cherry-pick redhat-3.15

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-cherrypick-robot]

@namansharma18899: new pull request could not be created: failed to create pull request against quay/container-security-operator#redhat-3.14 from head openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.14: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"No commits between quay:redhat-3.14 and openshift-cherrypick-robot:cherry-pick-150-to-redhat-3.14"}],"documentation_url":"https://docs.github.com/rest/pulls/pulls#create-a-pull-request","status":"422"}

Details

In response to this:

/cherry-pick redhat-3.14

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.