grafana-operator: build with go 1.26 to remediate critical CVE-2026-27143 (#72406)

Signed-off-by: Brian Carey <brian.carey@chainguard.dev>

Export:  8c2fcded91a73114471b858b6d2db1695912598d

Author: brianmcarey

grafana-operator.yaml

@@ -1,7 +1,7 @@
 package:
   name: grafana-operator
   version: "5.22.2"
-  epoch: 3 # CVE-2026-27143
+  epoch: 4 # CVE-2026-27143
   description: An operator for Grafana that installs and manages Grafana instances, Dashboards and Datasources through Kubernetes/OpenShift CRs
   copyright:
     - license: Apache-2.0
@@ -14,11 +14,9 @@ package:
     memory: 5Gi
 
 environment:
-  environment:
-    GOTOOLCHAIN: local+auto
   contents:
     packages:
-      - go-1.25
+      - go-1.26
 
 pipeline:
   - uses: git-checkout
@@ -29,6 +27,7 @@ pipeline:
 
   - uses: go/build
     with:
+      go-package: go-1.26
       modroot: .
       packages: .
       output: grafana-operator