chore: build with keda-tools:1.22.5 #5971
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I guess that we need to bump the user version too: I'd say that it's a good moment to bump go version, don't you think @zroubalik ? |
I tested locally for both Also, I think we should bump go version in the Devcontainer too, right? Line 6 in bb53516 |
Yeah, you can check all the places to change here: https://github.com/kedacore/keda/pull/5734/files |
pauldotyu
force-pushed
the
main
branch
3 times, most recently
from
c4cd459
to
f625518
Compare
|
Semgrep found 1 Avoid using sudo in Dockerfiles. Running processes as a non-root user can help reduce the potential impact of configuration errors and security vulnerabilities. Ignore this finding from no-sudo-in-dockerfile. |
pauldotyu
force-pushed
the
main
branch
2 times, most recently
from
56195f9
to
abd7e74
Compare
In the Devcontainer's Dockerfile, I had to change the way go modules were installed. Bumping to 1.22.5 gave me errors about running Also, after looking through the Devcontainer files, there seems to be a bit of code that could use some cleanup. For instance, in the Dockerfile I see that it configures a non-root user vscode but runs as root (probably for Docker CLI). Also, might be able to leverage devcontainer features in the devcontainer.json file to load some of the tooling instead of baking them all into the container. I can create an issue for this and work on cleaning this up if that's okay. |
Yeah, let's do it |
Sounds good! Anything else I need to do for this particular pull request? |
|
just solve merge conflicts please 🙏 |
|
Merge conflict has been resolved 😁 |
|
Semgrep found 1 Avoid using sudo in Dockerfiles. Running processes as a non-root user can help reduce the potential impact of configuration errors and security vulnerabilities. Ignore this finding from no-sudo-in-dockerfile. |
zroubalik
approved these changes
Jul 25, 2024
to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791 bump github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255 Signed-off-by: Paul Yu <paul.d.yu@gmail.com>
Signed-off-by: Paul Yu <paul.d.yu@gmail.com>
Signed-off-by: Paul Yu <paul.d.yu@gmail.com>
|
Semgrep found 1 Avoid using sudo in Dockerfiles. Running processes as a non-root user can help reduce the potential impact of configuration errors and security vulnerabilities. Ignore this finding from no-sudo-in-dockerfile. |
|
Hi @JorTurFer, Once this PR is merged, is it possible to cut a release for KEDA 2.14.1? |
|
We plan to ship v2.15 next week and I'd like to include the golang bump. Is it enough? We don't plan any other release for v2.14 |
|
/run-e2e internal |
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
|
/run-e2e azure |
|
Semgrep found 1 Avoid using sudo in Dockerfiles. Running processes as a non-root user can help reduce the potential impact of configuration errors and security vulnerabilities. Ignore this finding from no-sudo-in-dockerfile. |
1 similar comment
|
Semgrep found 1 Avoid using sudo in Dockerfiles. Running processes as a non-root user can help reduce the potential impact of configuration errors and security vulnerabilities. Ignore this finding from no-sudo-in-dockerfile. |
JorTurFer
added a commit
to JorTurFer/keda
that referenced
this pull request
Jul 30, 2024
* chore: build with keda-tools:1.22.5 to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791 bump github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255 Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: use go install instead of go get and replacing deprecated tools Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: vendor dependency cleanup Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * Update missing references to 1.21 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es>
JorTurFer
added a commit
to JorTurFer/keda
that referenced
this pull request
Jul 30, 2024
* chore: build with keda-tools:1.22.5 to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791 bump github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255 Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: use go install instead of go get and replacing deprecated tools Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: vendor dependency cleanup Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * Update missing references to 1.21 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
JorTurFer
added a commit
that referenced
this pull request
Jul 31, 2024
* bump golang Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * chore: build with keda-tools:1.22.5 (#5971) * chore: build with keda-tools:1.22.5 to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791 bump github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255 Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: use go install instead of go get and replacing deprecated tools Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: vendor dependency cleanup Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * Update missing references to 1.21 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * [BUG-5922] Report failing ScaledJob triggers in status (#5916) Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * [BUG-5656] Annotate Jobs with parent ScaledJob generation (#5876) * Annotate Jobs with parent ScaledJob generation Signed-off-by: Josef Karasek <josef@kedify.io> * fix tests Signed-off-by: Josef Karasek <josef@kedify.io> * fix lint Signed-off-by: Josef Karasek <josef@kedify.io> * fix log message Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> --------- Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: `+srv` mongodb url scheme parsing bug (#5773) This commit fixs issue #5760. where OP was facing problem with +srv schema Signed-off-by: Rishikesh Betigeri <53863619+Rishikesh01@users.noreply.github.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: issue when GitHub organization contains more than 30 repos (#5746) Signed-off-by: Simon Kobler <github@kobler.me> Signed-off-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Co-authored-by: Simon Kobler <github@kobler.me> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Fix scaler leak during cache refresh (#5807) Signed-off-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Prepare release v2.14.1 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * add missing change Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * update changelog Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: e2e test regex check tag (#5831) Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Validate regex before building image for e2e test (#5783) * added regex pre check before building image Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * refactored Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> --------- Signed-off-by: Yaxhveer <yaxhcod@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix some pending tasks Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * use AAD-Pod-Identity always Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> * use AAD-Pod-Identity always Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> --------- Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Signed-off-by: Rishikesh Betigeri <53863619+Rishikesh01@users.noreply.github.com> Signed-off-by: Simon Kobler <github@kobler.me> Signed-off-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Signed-off-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Signed-off-by: Yaxhveer <yaxhcod@gmail.com> Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> Co-authored-by: Paul Yu <paul.d.yu@gmail.com> Co-authored-by: Josef Karasek <josef@kedify.io> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Rishikesh <53863619+Rishikesh01@users.noreply.github.com> Co-authored-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Co-authored-by: Simon Kobler <github@kobler.me> Co-authored-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Co-authored-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Yashveer <101015836+Yaxhveer@users.noreply.github.com>
jkyros
pushed a commit
to jkyros/keda
that referenced
this pull request
Aug 2, 2024
* bump golang Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * chore: build with keda-tools:1.22.5 (kedacore#5971) * chore: build with keda-tools:1.22.5 to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791 bump github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255 Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: use go install instead of go get and replacing deprecated tools Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * chore: vendor dependency cleanup Signed-off-by: Paul Yu <paul.d.yu@gmail.com> * Update missing references to 1.21 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * [BUG-5922] Report failing ScaledJob triggers in status (kedacore#5916) Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * [BUG-5656] Annotate Jobs with parent ScaledJob generation (kedacore#5876) * Annotate Jobs with parent ScaledJob generation Signed-off-by: Josef Karasek <josef@kedify.io> * fix tests Signed-off-by: Josef Karasek <josef@kedify.io> * fix lint Signed-off-by: Josef Karasek <josef@kedify.io> * fix log message Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> * update changelog Signed-off-by: Josef Karasek <josef@kedify.io> --------- Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: `+srv` mongodb url scheme parsing bug (kedacore#5773) This commit fixs issue kedacore#5760. where OP was facing problem with +srv schema Signed-off-by: Rishikesh Betigeri <53863619+Rishikesh01@users.noreply.github.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: issue when GitHub organization contains more than 30 repos (kedacore#5746) Signed-off-by: Simon Kobler <github@kobler.me> Signed-off-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Co-authored-by: Simon Kobler <github@kobler.me> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Fix scaler leak during cache refresh (kedacore#5807) Signed-off-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Prepare release v2.14.1 Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * add missing change Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * update changelog Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: e2e test regex check tag (kedacore#5831) Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * Validate regex before building image for e2e test (kedacore#5783) * added regex pre check before building image Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * refactored Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> --------- Signed-off-by: Yaxhveer <yaxhcod@gmail.com> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix some pending tasks Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * use AAD-Pod-Identity always Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> * use AAD-Pod-Identity always Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> --------- Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Signed-off-by: Paul Yu <paul.d.yu@gmail.com> Signed-off-by: Josef Karasek <josef@kedify.io> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Signed-off-by: Rishikesh Betigeri <53863619+Rishikesh01@users.noreply.github.com> Signed-off-by: Simon Kobler <github@kobler.me> Signed-off-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Signed-off-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com> Signed-off-by: Yaxhveer <yaxhcod@gmail.com> Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> Co-authored-by: Paul Yu <paul.d.yu@gmail.com> Co-authored-by: Josef Karasek <josef@kedify.io> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Rishikesh <53863619+Rishikesh01@users.noreply.github.com> Co-authored-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Co-authored-by: Simon Kobler <github@kobler.me> Co-authored-by: Guillaume Jacquet <guillaume.jacquet@gmail.com> Co-authored-by: Jan Wozniak <wozniak.jan@gmail.com> Co-authored-by: Yashveer <101015836+Yaxhveer@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Provide a description of what has been changed
This PR is to build keda container images with an updated version of keda-tools with latest version of Go to resolve CVE-2024-24790, CVE-2024-24789, and CVE-2024-24791. Related PR: kedacore/test-tools#169
Also bumping github.com/Azure/azure-sdk-for-go/sdk/azidentity to resolve CVE-2024-35255.
Checklist
Fixes #
Relates to #
kedacore/test-tools#169