[release-1.10] Rebuild using Go 1.20.10 (to address CVEs) #14501
Conversation
knative-prow
bot
added
the
do-not-merge/hold
knative-prow
bot
added
the
size/XS
Codecov ReportAll modified lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release-1.10 #14501 +/- ##
================================================
+ Coverage 86.20% 86.21% +0.01%
================================================
Files 199 199
Lines 14766 14766
================================================
+ Hits 12729 12731 +2
+ Misses 1735 1733 -2
Partials 302 302 ☔ View full report in Codecov by Sentry. |
|
/retest |
knative-prow
bot
removed
the
do-not-merge/hold
|
/retest |
|
/override "test (v1.24.7, kourier-tls, e2e)" /lgtm |
|
@dprotaso: Overrode contexts on behalf of dprotaso: test (v1.24.7, kourier-tls, e2e), test (v1.25.3, kourier-tls, e2e), test (v1.26.0, kourier-tls, e2e) DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dprotaso, ReToCode The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow
bot
added
the
approved
|
/override "test (v1.25.3, contour, e2e)" |
|
@dprotaso: Overrode contexts on behalf of dprotaso: test (v1.25.3, contour, e2e) DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
* Min TLS for tag to digest defaults to 1.2 again and is configurable (knative#13963) quay.io only supports 1.2 Co-authored-by: dprotaso <dprotaso@gmail.com> * drop safe to evict annotations (knative#14051) this prevents nodes from draining Co-authored-by: dprotaso <dprotaso@gmail.com> * [release-1.10] RandomChoice 2 policy wasn't random when the number of targets is 2 (with equal weight) (knative#14052) * RandomChoice 2 policy wasn't random when the number of targets is 2 * fix linting --------- Co-authored-by: dprotaso <dprotaso@gmail.com> * [release-1.10] fix securityContext for Knative Service Pod (user-container and queue-proxy) (knative#14377) * add seccompProfile to queue container security context * run as non root by default * update tests to expect new default run as nonroot * fix perms --------- Co-authored-by: Clay Kauzlaric <ckauzlaric@vmware.com> Co-authored-by: Dave Protasowski <dprotaso@gmail.com> * Leave a comment which will trigger a new dot release (knative#14501) * [release-1.10] bump x/net to v0.17 (knative#14517) * [release-1.10] bump x/net to v0.17 * Re-generate test/config/tls/cert-secret.yaml (knative#14324) * Run hack/upgrade * Update secure-pod-defaults patch * Use a static value for S-O branch --------- Co-authored-by: Knative Prow Robot <knative-prow-robot@google.com> Co-authored-by: dprotaso <dprotaso@gmail.com> Co-authored-by: Clay Kauzlaric <ckauzlaric@vmware.com> Co-authored-by: Kenjiro Nakayama <nakayamakenjiro@gmail.com>
* Min TLS for tag to digest defaults to 1.2 again and is configurable (knative#13963) quay.io only supports 1.2 Co-authored-by: dprotaso <dprotaso@gmail.com> * drop safe to evict annotations (knative#14051) this prevents nodes from draining Co-authored-by: dprotaso <dprotaso@gmail.com> * [release-1.10] RandomChoice 2 policy wasn't random when the number of targets is 2 (with equal weight) (knative#14052) * RandomChoice 2 policy wasn't random when the number of targets is 2 * fix linting --------- Co-authored-by: dprotaso <dprotaso@gmail.com> * [release-1.10] fix securityContext for Knative Service Pod (user-container and queue-proxy) (knative#14377) * add seccompProfile to queue container security context * run as non root by default * update tests to expect new default run as nonroot * fix perms --------- Co-authored-by: Clay Kauzlaric <ckauzlaric@vmware.com> Co-authored-by: Dave Protasowski <dprotaso@gmail.com> * Leave a comment which will trigger a new dot release (knative#14501) * [release-1.10] bump x/net to v0.17 (knative#14517) * [release-1.10] bump x/net to v0.17 * Re-generate test/config/tls/cert-secret.yaml (knative#14324) * Run hack/upgrade * Bound buffer for reading stats (knative#14541) Co-authored-by: Evan Anderson <evan.k.anderson@gmail.com> --------- Co-authored-by: Knative Prow Robot <knative-prow-robot@google.com> Co-authored-by: dprotaso <dprotaso@gmail.com> Co-authored-by: Clay Kauzlaric <ckauzlaric@vmware.com> Co-authored-by: Kenjiro Nakayama <nakayamakenjiro@gmail.com> Co-authored-by: Evan Anderson <evan.k.anderson@gmail.com>
4 participants
https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
/hold for the new CI images to be there knative/infra#232