[release-1.31] Bump k3s #7032

brandond · 2024-10-11T19:22:35Z

Proposed Changes

Bump K3s/wharfie/kine

Types of Changes

version bump / bugfix

Verification

Testing

Linked Issues

User-Facing Change

Further Comments

codecov-commenter · 2024-10-11T19:40:57Z

Codecov Report

Attention: Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.

Project coverage is 25.09%. Comparing base (00aded3) to head (a985d47).

Files with missing lines	Patch %	Lines
pkg/rke2/rke2_linux.go	0.00%	4 Missing ⚠️

Additional details and impacted files

@@               Coverage Diff                @@
##           release-1.31    #7032      +/-   ##
================================================
- Coverage         25.11%   25.09%   -0.02%     
================================================
  Files                33       33              
  Lines              2839     2841       +2     
================================================
  Hits                713      713              
- Misses             2079     2081       +2     
  Partials             47       47

Flag	Coverage Δ
inttests	`9.53% <0.00%> (-0.01%)`	⬇️
unittests	`17.74% <0.00%> (-0.02%)`	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

cwayne18 · 2024-10-11T20:02:36Z

/trivy

github-actions · 2024-10-11T20:05:17Z


bin/containerd (gobinary)
=========================
Total: 0 (HIGH: 0, CRITICAL: 0)


Suppressed Vulnerabilities (Total: 1)
=====================================
┌──────────────────────────────────────────────────────────────┬────────────────┬──────────┬──────────────┬─────────────────────────────────────┬─────────┐
│                           Library                            │ Vulnerability  │ Severity │    Status    │              Statement              │ Source  │
├──────────────────────────────────────────────────────────────┼────────────────┼──────────┼──────────────┼─────────────────────────────────────┼─────────┤
│ go.opentelemetry.io/contrib/instrumentation/google.golang.o- │ CVE-2023-47108 │ HIGH     │ not_affected │ vulnerable_code_not_in_execute_path │ OpenVEX │
│ rg/grpc/otelgrpc                                             │                │          │              │                                     │         │
└──────────────────────────────────────────────────────────────┴────────────────┴──────────┴──────────────┴─────────────────────────────────────┴─────────┘

bin/kubectl (gobinary)
======================
Total: 1 (HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬───────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                           Title                           │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼───────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2024-34156 │ HIGH     │ fixed  │ 1.22.6            │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message │
│         │                │          │        │                   │                │ which contains deeply nested structures...                │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34156                │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴───────────────────────────────────────────────────────────┘

bin/kubelet (gobinary)
======================
Total: 1 (HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬───────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                           Title                           │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼───────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2024-34156 │ HIGH     │ fixed  │ 1.22.6            │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message │
│         │                │          │        │                   │                │ which contains deeply nested structures...                │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34156                │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴───────────────────────────────────────────────────────────┘

Suppressed Vulnerabilities (Total: 1)
=====================================
┌──────────────────────────────────────────────────────────────┬────────────────┬──────────┬──────────────┬─────────────────────────────────────┬─────────┐
│                           Library                            │ Vulnerability  │ Severity │    Status    │              Statement              │ Source  │
├──────────────────────────────────────────────────────────────┼────────────────┼──────────┼──────────────┼─────────────────────────────────────┼─────────┤
│ go.opentelemetry.io/contrib/instrumentation/github.com/emic- │ CVE-2023-45142 │ HIGH     │ not_affected │ vulnerable_code_not_in_execute_path │ OpenVEX │
│ klei/go-restful/otelrestful                                  │                │          │              │                                     │         │
└──────────────────────────────────────────────────────────────┴────────────────┴──────────┴──────────────┴─────────────────────────────────────┴─────────┘

Updates k3s: k3s-io/k3s@2caa785...d74ad42 Signed-off-by: Brad Davidson <[email protected]>

Signed-off-by: Brad Davidson <[email protected]>

brandond requested a review from a team as a code owner October 11, 2024 19:22

brandond force-pushed the bump-k3s_release-1.31 branch from 8fad5d2 to fd28c85 Compare October 11, 2024 19:24

cwayne18 approved these changes Oct 11, 2024

View reviewed changes

briandowns approved these changes Oct 11, 2024

View reviewed changes

brandond force-pushed the bump-k3s_release-1.31 branch from fd28c85 to 7a51817 Compare October 14, 2024 20:15

brandond added 2 commits October 14, 2024 20:28

Bump K3s version for release-v1.31

e7131d7

Updates k3s: k3s-io/k3s@2caa785...d74ad42 Signed-off-by: Brad Davidson <[email protected]>

Sync kine changes from k3s-io/kine#325

a985d47

Signed-off-by: Brad Davidson <[email protected]>

brandond force-pushed the bump-k3s_release-1.31 branch from 7a51817 to a985d47 Compare October 14, 2024 20:28

brandond merged commit 7d51083 into rancher:release-1.31 Oct 14, 2024
6 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[release-1.31] Bump k3s #7032

[release-1.31] Bump k3s #7032

brandond commented Oct 11, 2024 •

edited

Loading

codecov-commenter commented Oct 11, 2024 •

edited

Loading

cwayne18 commented Oct 11, 2024

github-actions bot commented Oct 11, 2024

[release-1.31] Bump k3s #7032

[release-1.31] Bump k3s #7032

Conversation

brandond commented Oct 11, 2024 • edited Loading

Proposed Changes

Types of Changes

Verification

Testing

Linked Issues

User-Facing Change

Further Comments

codecov-commenter commented Oct 11, 2024 • edited Loading

Codecov Report

cwayne18 commented Oct 11, 2024

github-actions bot commented Oct 11, 2024

brandond commented Oct 11, 2024 •

edited

Loading

codecov-commenter commented Oct 11, 2024 •

edited

Loading