Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rebase: update Kubernetes modules to v1.27.4 #4017

Merged
merged 2 commits into from
Jul 26, 2023
Merged

rebase: update Kubernetes modules to v1.27.4 #4017

merged 2 commits into from
Jul 26, 2023

Conversation

nixpanic
Copy link
Member

Dependabot complains about Ceph-CSI being vulnerable to GHSA-f4w6-3rh6-6q4q . This is an old and addressed CSI sidecar issue, not related to the k8s.io/kubernetes module listed in go.mod. Is it possible that updating the Kubernetes modules helps?

Show available bot commands

These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:

  • /retest ci/centos/<job-name>: retest the <job-name> after unrelated
    failure (please report the failure too!)

@mergify mergify bot added the rebase update the version of an external component label Jul 25, 2023
@nixpanic nixpanic changed the title rebase: update Kuberneres modules to v1.27.4 rebase: update Kubernetes modules to v1.27.4 Jul 25, 2023
Madhu-1
Madhu-1 previously approved these changes Jul 25, 2023
View reviewed changes
Copy link
Collaborator

@Madhu-1 Madhu-1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure it helps but good to get the dependency to latest.

@nixpanic
Copy link
Member Author

It doesn't seem to be enough. I also dismissed the warning, but that isn't sufficient either it seems.

@Rakshith-R
Copy link
Contributor

It doesn't seem to be enough. I also dismissed the warning, but that isn't sufficient either it seems.

It seems to be a glitch somewhere I think,
as dependency check is not required by mergifyio rules, we should still be able to merge this pr.

Rakshith-R
Rakshith-R previously approved these changes Jul 26, 2023
View reviewed changes
@mergify mergify bot dismissed stale reviews from Rakshith-R and Madhu-1 July 26, 2023 06:45

Pull request has been modified.

@nixpanic nixpanic force-pushed the rebase/k8s/v1.27.4 branch 2 times, most recently from 6ee5396 to d41c7c8 Compare July 26, 2023 06:46
riya-singhal31
riya-singhal31 previously approved these changes Jul 26, 2023
View reviewed changes
@nixpanic nixpanic marked this pull request as ready for review July 26, 2023 07:09
@mergify
Copy link
Contributor

mergify bot commented Jul 26, 2023

This pull request now has conflicts with the target branch. Could you please resolve conflicts and force push the corrected changes? 🙏

@Rakshith-R
Copy link
Contributor

This pull request now has conflicts with the target branch. Could you please resolve conflicts and force push the corrected changes?

@nixpanic ^

@nixpanic
rebase: update Kubernetes modules to v1.27.4
f13a4e7 
Dependabot complains about Ceph-CSI being vulnerable to
GHSA-f4w6-3rh6-6q4q . This is an old and addressed CSI sidecar issue,
not related to the k8s.io/kubernetes module listed in go.mod. Is it
possible that updating the Kubernetes modules helps?

Signed-off-by: Niels de Vos <[email protected]>
@nixpanic
ci: allow CVE-2019-11255 in Kubernetes module dependency
c7abe6e 
It is unclear how a module for utility functions can have the same
problem as a separate side-car that is expected to do the input
validation. The side-cars have been fixed already, no further details
are in the CVE description (from 2019).

See-also: https://github.com/advisories/GHSA-f4w6-3rh6-6q4
Signed-off-by: Niels de Vos <[email protected]>
@mergify mergify bot dismissed riya-singhal31’s stale review July 26, 2023 10:23

Pull request has been modified.

@nixpanic nixpanic added the ok-to-test Label to trigger E2E tests label Jul 26, 2023
@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/k8s-e2e-external-storage/1.25

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/k8s-e2e-external-storage/1.26

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/k8s-e2e-external-storage/1.27

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e-helm/k8s-1.25

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e-helm/k8s-1.26

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e-helm/k8s-1.27

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e/k8s-1.25

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e/k8s-1.26

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/mini-e2e/k8s-1.27

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/upgrade-tests-cephfs

@ceph-csi-bot
Copy link
Collaborator

/test ci/centos/upgrade-tests-rbd

@ceph-csi-bot ceph-csi-bot removed the ok-to-test Label to trigger E2E tests label Jul 26, 2023
@mergify mergify bot merged commit ce26b0e into ceph:devel Jul 26, 2023
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@riya-singhal31 riya-singhal31 riya-singhal31 approved these changes

@Rakshith-R Rakshith-R Rakshith-R approved these changes

@Madhu-1 Madhu-1 Awaiting requested review from Madhu-1

Assignees
No one assigned
Labels
rebase update the version of an external component
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@nixpanic @Rakshith-R @ceph-csi-bot @Madhu-1 @riya-singhal31