OCPBUGS-6370: Bump k8s dependencies from v0.25.3 to v0.26.1 #511
Conversation
openshift-ci-robot
added
jira/valid-reference
|
@abutcher: This pull request references Jira Issue OCPBUGS-6370, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci
bot
added
the
approved
| golang.org/x/text v0.3.7 // indirect | ||
| golang.org/x/tools v0.1.12 // indirect | ||
| golang.org/x/crypto v0.1.0 // indirect | ||
| golang.org/x/net v0.5.0 // indirect |
|
@abutcher: This pull request references Jira Issue OCPBUGS-6370, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #511 +/- ##
=======================================
Coverage 47.66% 47.66%
=======================================
Files 94 94
Lines 10100 10100
=======================================
Hits 4814 4814
Misses 4713 4713
Partials 573 573
|
abutcher
force-pushed
the
OCPBUGS-6370
branch
from
e9f4ccc to
2c2afd1
Compare
|
|
openshift-ci
bot
added
the
do-not-merge/hold
abutcher
force-pushed
the
OCPBUGS-6370
branch
3 times, most recently
from
89dd41c to
50bee56
Compare
|
/unhold |
|
/assign @2uasimojo |
openshift-ci
bot
removed
the
do-not-merge/hold
|
Added a commit that fixes the CRD schema flip flopping that was occurring, see 50bee56 |
|
@abutcher: This pull request references Jira Issue OCPBUGS-6370, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
2uasimojo
left a comment
2uasimojo
left a comment
There was a problem hiding this comment.
This looks good as far as it goes. However, I believe dependabot is still going to complain about these and these from go.sum.
If the x/net bump is still relevant to the k8s bump, we can keep it in here, but we should take out the claim that we're going to be resolving those dependabot complaints.
If it's not relevant, perhaps we should pull it out and put together a separate PR that addresses dependabot complaints specifically and completely.
|
@2uasimojo I think this will resolve the dependabot alerts based on the PR the dependabot automation opened but I'm not 100% sure. I kinda wanna try merging this to see.
The golang.org/x/net bump to 0.5.0 is relevant to the k8s bump and is the intended fix for GHSA-xrjj-mj9h-534m from OCPBUGS-6370. The subsequent bump to 0.7.0 golang.org/x/net is for the dependabot alerts opened recently. |
Well, okay. I'm basing my assertion on what happened in the hive repo, where at least the x/text flags were being raised based solely on go.sum. /retest |
|
@abutcher Looks like it is only dependency library update, we'll run the existing cco auto cases for regression. |
This commit updates various k8s.io vendored dependencies to v0.26.1 to pull in the fixes for CVE-2022-41717. https://issues.redhat.com/browse/OCPBUGS-6370
cloudcredential-{manifests,bindata} as a workaround to fix make
verify.
We copy the cloud credential operator config CRD from the
openshift/api repository (via the vendor dir) and since openshift/api
now utilizes a different codegen utility than build-machinery-go,
running the schemapatch code generator against the copied manifest
results in a different formatting. This results in a diff which causes
our verify target to fail so we ensure the copied manifests remain
unchanged by copying the CRDs once more after generating CRDs as a
workaround.
|
@abutcher: This pull request references Jira Issue OCPBUGS-6370, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
2uasimojo
left a comment
2uasimojo
left a comment
There was a problem hiding this comment.
If CI is happy, I'm happy.
/lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: 2uasimojo, abutcher The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/test e2e-aws-ovn |
|
@abutcher: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@abutcher: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-6370 has been moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@abutcher: Jira Issue OCPBUGS-6370 is in an unrecognized state (ON_QA) and will not be moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
We spent some time in openshift#511 and again in openshift#542 trying to reconcile CRDs. The problem is that we want to *generate* the CredentialsRequest CRD from code in this repo, but *use* (copy) the CloudCredential CRD from openshift/api, which we vendor. But we invoke controller-gen through build-machinery-go, and it does unexpected things to the latter, which breaks validation. With this commit, we move the CredentialsRequest CRD to a `generated` subdirectory and the CloudCredential CRD to an `imported` subdirectory. This lets us go back to the simpler invocation of bmg's tooling while keeping everything in the shape we expect. One more quirk: Because build-machinery-go starts defining dependency chains for targets like `update`, we need to start defining that dependency chain *before* we import the bmg libs to ensure that we copy/generate CRDs *before* we include them in bindata.
OCPBUGS-6370: Bump k8s dependencies from v0.25.3 to v0.26.1
5 participants
This commit updates various k8s.io vendored dependencies to v0.26.1 to
pull in the fixes for GHSA-xrjj-mj9h-534m.
Module bumps in this PR will fix:
OCPBUGS-6370