Skip to content

Helm upgrade to v3.11.1 for CVE-2023-25165#2933

Merged
openshift-merge-robot merged 5 commits intooperator-framework:masterfrom
tmshort:helm-upgrade
Mar 14, 2023
Merged

Helm upgrade to v3.11.1 for CVE-2023-25165#2933
openshift-merge-robot merged 5 commits intooperator-framework:masterfrom
tmshort:helm-upgrade

Conversation

@tmshort
Copy link
Copy Markdown
Contributor

@tmshort tmshort commented Mar 7, 2023
edited
Loading

Description of the change:

Update helm to v3.11.1, this necessitates additional upgrades (e.g. to kube 1.26 APIs).

Motivation for the change:

CVE-2023-25165

Architectural changes:

None.

Testing remarks:

Reviewer Checklist

  • Implementation matches the proposed design, or proposal is updated to match implementation
  • Sufficient unit test coverage
  • Sufficient end-to-end test coverage
  • Bug fixes are accompanied by regression test(s)
  • e2e tests and flake fixes are accompanied evidence of flake testing, e.g. executing the test 100(0) times
  • tech debt/todo is accompanied by issue link(s) in comments in the surrounding code
  • Tests are comprehensible, e.g. Ginkgo DSL is being used appropriately
  • Docs updated or added to /doc
  • Commit messages sensible and descriptive
  • Tests marked as [FLAKE] are truly flaky and have an issue
  • Code is properly formatted

@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented Mar 7, 2023

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci openshift-ci Bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Mar 7, 2023
@tmshort
Update Helm to v3.11.1
49eca0d 
Updatate go.mod, go.sum, and vendor directory.

Signed-off-by: Todd Short <todd.short@me.com>
@tmshort tmshort force-pushed the helm-upgrade branch 4 times, most recently from 55c50bc to 2ffe592 Compare March 9, 2023 17:49
tmshort added 4 commits March 9, 2023 12:59
@tmshort
Run go fmt
dfe2fb3 
Plus some manual edits.

Signed-off-by: Todd Short <todd.short@me.com>
@tmshort
Update from make verify
7cebf02 
Signed-off-by: Todd Short <todd.short@me.com>
@tmshort
Fix golangci-lint issues
7c4baf3 
Signed-off-by: Todd Short <todd.short@me.com>
@tmshort
Client updates due to controller-runtime
63d3703 
Status is now updated using SubResource methods and options

Signed-off-by: Todd Short <todd.short@me.com>
@tmshort tmshort changed the title Helm upgrade OCPBUGS-7676: Helm upgrade to v3.11.1 for CVE-2023-25165 Mar 9, 2023
@openshift-ci-robot openshift-ci-robot added jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Mar 9, 2023
@tmshort tmshort changed the title OCPBUGS-7676: Helm upgrade to v3.11.1 for CVE-2023-25165 Helm upgrade to v3.11.1 for CVE-2023-25165 Mar 9, 2023
@openshift-ci-robot openshift-ci-robot removed jira/severity-low Referenced Jira bug's severity is low for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Mar 9, 2023
@tmshort tmshort marked this pull request as ready for review March 9, 2023 19:35
@openshift-ci openshift-ci Bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Mar 9, 2023
ankitathomas
ankitathomas approved these changes Mar 9, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@ankitathomas ankitathomas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Mar 9, 2023
m1kola
m1kola approved these changes Mar 10, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@m1kola m1kola left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One one minor comment about a code block in godoc. Otherwise looks good.

/lgtm

Comment thread pkg/lib/controller-runtime/client/ssa.go
Comment on lines 90 to +97
// plan := &InstallPlan{}
// plan.SetNamespace("ns")
// plan.SetName("install-123def")
// Eventually(c.Apply(plan, func(p *v1alpha1.InstallPlan) error {
// p.Spec.Approved = true
// return nil
// })).Should(Succeed())
//
// Eventually(c.Apply(plan, func(p *v1alpha1.InstallPlan) error {
// p.Spec.Approved = true
// return nil
// })).Should(Succeed())
Copy link
Copy Markdown
Member

@m1kola m1kola Mar 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might want to make the whole code block indented. See Go Doc Comments: Code blocks.

//	plan := &InstallPlan{}
//	plan.SetNamespace("ns")
//	plan.SetName("install-123def")
//	Eventually(c.Apply(plan, func(p *v1alpha1.InstallPlan) error {
//		p.Spec.Approved = true
//		return nil
//	})).Should(Succeed())

Copy link
Copy Markdown
Contributor Author

@tmshort tmshort Mar 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True. go fmt ./... did that particular change; not me! :)

Copy link
Copy Markdown
Member

@m1kola m1kola Mar 14, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know. go fmt makes assumptions and changes stuff, but not intelegent and breaks code blocks sometimes.

go fmt will be happy with the formatting I suggested.

awgreene
awgreene approved these changes Mar 14, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@awgreene awgreene left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
Looks good to me, nice work @tmshort

@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented Mar 14, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ankitathomas, awgreene, m1kola, tmshort

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 14, 2023
@openshift-merge-robot openshift-merge-robot merged commit b54296a into operator-framework:master Mar 14, 2023
@tmshort tmshort deleted the helm-upgrade branch March 14, 2023 14:23
@tmshort tmshort mentioned this pull request Mar 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@awgreene awgreene awgreene approved these changes

@ankitathomas ankitathomas ankitathomas approved these changes

@smarterclayton smarterclayton Awaiting requested review from smarterclayton

+1 more reviewer

@m1kola m1kola m1kola approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@m1kola m1kola

@ankitathomas ankitathomas

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tmshort @m1kola @awgreene @ankitathomas @openshift-ci-robot @openshift-merge-robot