Merge pull request #11004 from chainguardian/cve-telegraf-1.28-GHSA-4…

…5x7-px36-x8w8 CVE Remediation: GHSA-mhpq-9638-x6pw/CVE Remediation: GHSA-7ww5-4wqc-m92c/CVE Remediation: GHSA-45x7-px36-x8w8/: fix CVE for Wolfi package telegraf-1.28
wolfi-dev · Jan 11, 2024 · cfe5316 · cfe5316
2 parents 8637897 + bd2c119
commit cfe5316
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/telegraf-1.28.yaml b/telegraf-1.28.yaml
@@ -1,7 +1,7 @@
 package:
   name: telegraf-1.28
   version: 1.28.5
-  epoch: 0
+  epoch: 1
   description: Telegraf is an agent for collecting, processing, aggregating, and writing metric
   copyright:
     - license: MIT
@@ -21,9 +21,14 @@ environment:
 pipeline:
   - uses: git-checkout
     with:
-      tag: v${{package.version}}
       expected-commit: 77e1a498e520faf38ac7ee3daef1481d6f990957
       repository: https://github.com/influxdata/telegraf
+      tag: v${{package.version}}
+
+  - uses: go/bump
+    with:
+      deps: golang.org/x/[email protected] github.com/containerd/[email protected] github.com/dvsekhvalnov/[email protected] go.opentelemetry.io/otel/exporters/otlp/internal/[email protected] go.opentelemetry.io/otel/exporters/otlp/otlpmetric/[email protected]
+      go-version: "1.21"
 
   - if: ${{build.arch}} == 'x86_64'
     runs: |