add(new): pvc-autoresizer package non-fips

[YashPimple]

Fixes:

Related:

Pre-review Checklist

For new package PRs only

• This PR is marked as fixing a pre-existing package request bug
  • Alternatively, the PR is marked as related to a pre-existing package request bug, such as a dependency
• REQUIRED - The package is available under an OSI-approved or FSF-approved license
• REQUIRED - The version of the package is still receiving security updates
• This PR links to the upstream project's support policy (e.g. endoflife.date)

For new version streams

• The upstream project actually supports multiple concurrent versions.
• Any subpackages include the version string in their package name (e.g. name: ${{package.name}}-compat)
• The package (and subpackages) provides: logical unversioned forms of the package (e.g. nodejs, nodejs-lts)
• If non-streamed package names no longer built, open PR to withdraw them (see WITHDRAWING PACKAGES)

For package updates (renames) in the base images

When updating packages part of base images (i.e. cgr.dev/chainguard/wolfi-base or ghcr.io/wolfi-dev/sdk)

• REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk images successfully build
• REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk contain no obsolete (no longer built) packages
• Upon launch, does apk upgrade --latest successfully upgrades packages or performs no actions

For security-related PRs

• The security fix is recorded in the advisories repo

For version bump PRs

• The epoch field is reset to 0

For PRs that add patches

• Patch source is documented

[octo-sts]

⚠️ EXPERIMENTAL

Please use 👍 or 👎 on this comment to indicate if you agree or disagree with the recommendation.

To provide more detailed feedback please comment on the recommendation prefixed with /ai-verify:

e.g. /ai-verify partially helpful but I also added bash to the build environment

Gen AI suggestions to solve the build error:

Let me help analyze and fix this build error.

• Detected Error:

Error: failed to run update. Error: failed to run 'go get': exit status 1 with output: go: golang.org/x/[email protected]: invalid version: unknown revision 0.36.0

• Error Category: Dependency

• Failure Point:
The go/bump step attempting to update golang.org/x/net dependency

• Root Cause Analysis:
The error indicates that version 0.36.0 of golang.org/x/net doesn't exist. This is likely because we're trying to use a version that hasn't been released yet or the version format is incorrect for this Go module.

• Suggested Fix:
Modify the go/bump step to use the latest known good version of golang.org/x/net:

  - uses: go/bump
    with:
      deps: |-
        golang.org/x/[email protected]
        golang.org/x/[email protected]

• Explanation:

• Go modules like golang.org/x/net use versioning with the 'v' prefix
• The versions suggested above are known stable releases
• The error occurs because we're trying to use version numbers that don't exist in the upstream repository

• Additional Notes:

• Always verify Go dependency versions against the official repo before updating
• For x/net and x/oauth2, versions typically follow Go releases
• Consider using go list -m -versions golang.org/x/net to check available versions

• References:

• golang.org/x/net releases: https://pkg.go.dev/golang.org/x/net?tab=versions
• Go modules reference: https://go.dev/ref/mod#go-get
• x/oauth2 releases: https://pkg.go.dev/golang.org/x/oauth2?tab=versions