Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kubernetes client package upgrade #3323

Merged
merged 1 commit into from
Oct 11, 2024
Merged

Kubernetes client package upgrade #3323

merged 1 commit into from
Oct 11, 2024

Conversation

dpanshug
Copy link
Contributor

@dpanshug dpanshug commented Oct 11, 2024
edited
Loading

Closes:
https://issues.redhat.com/browse/RHOAIENG-14278
https://issues.redhat.com/browse/RHOAIENG-14279
https://issues.redhat.com/browse/RHOAIENG-14280
https://issues.redhat.com/browse/RHOAIENG-14281
https://issues.redhat.com/browse/RHOAIENG-14282
https://issues.redhat.com/browse/RHOAIENG-14288

Solves the CVE, by updating kubernetes/[email protected] and [email protected]

image

Description

Upgrade the package kubernetes-client to latest to remove vulnerabilities.

How Has This Been Tested?

Run backend and frontend separately to check for any error.

Test Impact

Request review criteria:

Self checklist (all need to be checked):

  • The developer has manually tested the changes and verified that the changes work
  • Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has added tests or explained why testing cannot be added (unit or cypress tests for related changes)

If you have UI changes:

  • Included any necessary screenshots or gifs if it was a UI change.
  • Included tags to the UX team if it was a UI/UX change.

After the PR is posted & before it merges:

  • The developer has tested their solution on a cluster by using the image produced by the PR to main

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress This PR is in WIP state label Oct 11, 2024
@dpanshug dpanshug force-pushed the kubernetes-client-upgrade branch 2 times, most recently from 03c464d to cd383b8 Compare October 11, 2024 11:45
@dpanshug dpanshug changed the title [WIP] Kubernetes client package upgrade Kubernetes client package upgrade Oct 11, 2024
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress This PR is in WIP state label Oct 11, 2024
@codecov Codecov
Copy link

codecov bot commented Oct 11, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.89%. Comparing base (bd03c0b) to head (70ae0bb).
Report is 3 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #3323   +/-   ##
=======================================
  Coverage   84.89%   84.89%           
=======================================
  Files        1309     1309           
  Lines       29327    29327           
  Branches     8002     8002           
=======================================
  Hits        24896    24896           
  Misses       4431     4431

see 3 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bd03c0b...70ae0bb. Read the comment docs.

alexcreasy
alexcreasy requested changes Oct 11, 2024
View reviewed changes
Copy link
Contributor

@alexcreasy alexcreasy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few changes to make - then we need to do some testing to make sure it works!

backend/src/types.ts Outdated Show resolved Hide resolved
backend/src/plugins/kube.ts Outdated Show resolved Hide resolved
backend/src/plugins/kube.ts Outdated Show resolved Hide resolved
backend/src/plugins/kube.ts Outdated Show resolved Hide resolved
alexcreasy
alexcreasy approved these changes Oct 11, 2024
View reviewed changes
Copy link
Contributor

@alexcreasy alexcreasy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Dipanshu!

Tested on your cluster for issues. Verified jsonpath-plus < 10.0.0 is not present in the build now.

@christianvogt
Copy link
Contributor

/approve

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Oct 11, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexcreasy, christianvogt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [alexcreasy,christianvogt]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 63e8206 into opendatahub-io:main Oct 11, 2024
8 checks passed
alexcreasy added a commit to alexcreasy/odh-dashboard that referenced this pull request Oct 14, 2024
@alexcreasy
Revert "Kubernetes client package upgrade (opendatahub-io#3323)" due …
a4c8d78 
…to incompatibilities caused.

This reverts commit 63e8206.
@alexcreasy alexcreasy mentioned this pull request Oct 14, 2024
Merged
6 tasks
openshift-merge-bot bot pushed a commit that referenced this pull request Oct 14, 2024
@alexcreasy
Revert "Kubernetes client package upgrade (#3323)" due to incompatibi…
ae66e3b 
…lities caused. (#3330)

This reverts commit 63e8206.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexcreasy alexcreasy alexcreasy approved these changes

@lucferbux lucferbux Awaiting requested review from lucferbux

@mturley mturley Awaiting requested review from mturley

Assignees

@alexcreasy alexcreasy

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dpanshug @christianvogt @alexcreasy