Bump google.golang.org/grpc (#266)

to address CVE: GHSA-m425-mq94-257g CVE-2023-44487

newer grpc throws an error when address is not defined,
so tests were changed to reflect that.

Author: winkingturtle-vmw

src/code.cloudfoundry.org/bosh-dns-adapter/copilot/client.go

@@ -10,10 +10,10 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/balancer/roundrobin"
 	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/insecure"
 )
 
 //go:generate counterfeiter -o fakes/vip_resolver_copilot_client.go --fake-name VIPResolverCopilotClient api VIPResolverCopilotClient
-
 type Client struct {
 	VIPResolverCopilotClient api.VIPResolverCopilotClient
 	conn                     *grpc.ClientConn
@@ -35,7 +35,7 @@ func NewConnectedClient(serverAddr string, dialOpts ...DialOption) (*Client, err
 	}
 
 	if opts.withInsecure {
-		grpcOpts = append(grpcOpts, grpc.WithInsecure())
+		grpcOpts = append(grpcOpts, grpc.WithTransportCredentials(insecure.NewCredentials()))
 	}
 
 	conn, err := grpc.Dial(serverAddr, grpcOpts...)

src/code.cloudfoundry.org/bosh-dns-adapter/main_test.go

@@ -64,6 +64,7 @@ var _ = Describe("Main", func() {
 		fakeCopilotVIPResolverServer = &fakes.CopilotVIPResolverServer{}
 		fakeCopilotVIPResolverServer.Start(ports.PickAPort())
 
+		vipResolverAddress = fakeCopilotVIPResolverServer.Address()
 		dnsAdapterAddress = "127.0.0.1"
 		internalRouteVIPRange = "127.0.0.0/24"
 
@@ -184,17 +185,16 @@ var _ = Describe("Main", func() {
 		})
 
 		It("returns a http 500 response", func() {
-			Eventually(session).Should(gbytes.Say("bosh-dns-adapter.server-started"))
+			Eventually(session).Should(gbytes.Say("bosh-dns-adapter.Unable to create vip resovler client"))
 
 			var reader io.Reader
 			url := fmt.Sprintf("http://127.0.0.1:%s?type=1&name=app-id.istio.local.", dnsAdapterPort)
 			request, err := http.NewRequest("GET", url, reader)
 			Expect(err).To(Succeed())
 
-			resp, err := http.DefaultClient.Do(request)
-			Expect(err).To(Succeed())
+			_, err = http.DefaultClient.Do(request)
+			Expect(err).NotTo(Succeed())
 
-			Expect(resp.StatusCode).To(Equal(http.StatusInternalServerError))
 		})
 	})
 

src/code.cloudfoundry.org/go.mod

@@ -12,9 +12,6 @@ replace (
 	github.com/nats-io/gnatsd => github.com/nats-io/gnatsd v1.1.1-0.20180411231007-da89364d9d43
 	github.com/nats-io/go-nats => github.com/nats-io/go-nats v1.5.1-0.20180331191609-247b2a84d8d0
 	github.com/nats-io/nats-top => github.com/nats-io/nats-top v0.3.3-0.20160824043733-1c2a6920a922
-
-	// Prevents test failures in bosh-dns-adapter when grpc is upgraded
-	google.golang.org/grpc => google.golang.org/grpc v1.50.1
 )
 
 require (
@@ -55,7 +52,7 @@ require (
 	github.com/tedsuo/rata v1.0.0
 	golang.org/x/net v0.21.0
 	golang.org/x/sys v0.17.0
-	google.golang.org/grpc v1.61.0
+	google.golang.org/grpc v1.61.1
 	gopkg.in/validator.v2 v2.0.1
 	gopkg.in/yaml.v2 v2.4.0
 )
@@ -93,7 +90,7 @@ require (
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/tools v0.17.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9 // indirect
 	google.golang.org/protobuf v1.32.0 // indirect
 	gopkg.in/gorp.v1 v1.7.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect