bump go version

[parkervcp]

change go version for push and release to 1.25.7 and 1.26.0

Summary by CodeRabbit

• Chores
  • Updated Go toolchain versions used in CI and release processes and in the build image.
  • Streamlined artifact upload gating so artifact uploads are aligned to a single Go version in the workflow matrix.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated CI and build images to newer Go toolchain versions: push workflow matrix now uses Go 1.25.7 and 1.26.0 with artifact uploads gated only for 1.25.7; release workflow and Dockerfile builder stage updated to Go 1.25.7.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflows \.github/workflows/push.yaml, \.github/workflows/release.yaml	Bumped Go versions in CI. push.yaml matrix changed to 1.25.7, 1.26.0 and artifact upload condition now gates only on matrix.go == '1.25.7'. release.yaml updated to use 1.25.7.
Dockerfile (builder image) Dockerfile	Updated builder base image from golang:1.24.7-alpine to golang:1.25.7-alpine; no other build steps changed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I hopped through CI and found a clue,
New Go versions shining through,
1.25.7 leads the pack, hooray!
Builds and workflows bounce and play,
A little hop, a tidy brew.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'bump go version' is vague and generic, using a non-descriptive term ('bump') that doesn't convey the specific versions involved or the scope of changes.	Consider using a more specific title like 'Update Go toolchain to 1.25.7 and 1.26.0' to better communicate the actual version changes.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[QuintenQVD0]

You forgot the dockerfile

[coderabbitai]

🧹 Nitpick comments (1)

Dockerfile (1)

2-2: Pin the Go builder image by digest for reproducible builds.

Line 2 currently uses a mutable tag (golang:1.25.7-alpine). Consider pinning to a digest to prevent silent upstream image drift.

Suggested change

-FROM golang:1.25.7-alpine AS builder
+FROM golang:1.25.7-alpine@sha256:<resolved-digest> AS builder

#!/bin/bash
set -euo pipefail

repo="library/golang"
tag="1.25.7-alpine"

token="$(curl -fsSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:${repo}:pull" \
  | sed -n 's/.*"token":"\([^"]*\)".*/\1/p')"

digest="$(curl -fsSI \
  -H "Authorization: Bearer ${token}" \
  -H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
  "https://registry-1.docker.io/v2/${repo}/manifests/${tag}" \
  | tr -d '\r' | awk -F': ' '/Docker-Content-Digest/{print $2}')"

if [ -z "${digest}" ]; then
  echo "Digest not found for ${repo}:${tag}" >&2
  exit 1
fi

echo "Resolved digest: ${digest}"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` at line 2, The Dockerfile uses a mutable image tag in the FROM
instruction ("FROM golang:1.25.7-alpine") which can cause unreproducible builds;
update that FROM line to pin the Go builder image to its immutable digest
(replace the tag with the resolved digest for the golang:1.25.7-alpine manifest)
so builds are reproducible—locate the FROM line in the Dockerfile and swap
"golang:1.25.7-alpine" for the corresponding "golang@sha256:..." digest obtained
from the registry.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@Dockerfile`:
- Line 2: The Dockerfile uses a mutable image tag in the FROM instruction ("FROM
golang:1.25.7-alpine") which can cause unreproducible builds; update that FROM
line to pin the Go builder image to its immutable digest (replace the tag with
the resolved digest for the golang:1.25.7-alpine manifest) so builds are
reproducible—locate the FROM line in the Dockerfile and swap
"golang:1.25.7-alpine" for the corresponding "golang@sha256:..." digest obtained
from the registry.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0881591 and e4a3bd2.

📒 Files selected for processing (1)

• Dockerfile

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Analyze (go)
• GitHub Check: Build and Test (ubuntu-22.04, 1.26.0, linux, amd64)
• GitHub Check: Build and Test (ubuntu-22.04, 1.25.7, linux, amd64)

[QuintenQVD0]

LGTM!