-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade dependencies 2024-06-24 (#6356, #6289, #6354) #6361
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## develop #6361 +/- ##
========================================
Coverage 84.90% 84.90%
========================================
Files 156 156
Lines 20692 20692
========================================
Hits 17568 17568
Misses 3124 3124 ☔ View full report in Codecov by Sentry. |
a578f82
to
b78e2ae
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unsolicited review. We'll be updating to Docker 17. Note the new blocker for the connected issue. Last commit title should refer to the image it updates, not the command that was run to update it.
b78e2ae
to
0f0f887
Compare
5566298
to
58ed2d5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
environment.py
Outdated
'url': 'https://hub.docker.com/repository/docker/ucscgi/azul-bigquery-emulator', | ||
'is_custom': True | ||
}, | ||
# Updating any of the four images below additionally requires | ||
# redeploying the `gitlab` TF component. | ||
'clamav': { | ||
'ref': 'docker.io/clamav/clamav:1.3.1-54', | ||
'ref': 'docker.io/clamav/clamav:1.3.1-57', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is stale already.
58ed2d5
to
7e745d2
Compare
Security design review
|
7e745d2
to
bf1d569
Compare
Connected issue: #6356, #6289, #6354
Checklist
Author
develop
upgrades/yyyy-mm-dd
Upgrade dependencies yyyy-mm-dd
Author (upgrading deployments)
make image_manifests.json
and committed the resulting changes or this PR does not modifyazul_docker_images
, or any other variables referenced in the definition of that variableu
tag to commit title or this PR does not require upgrading deploymentsupgrade
or does not require upgrading deploymentsdeploy:shared
or does not modifyimage_manifests.json
, and does not require deploying theshared
component for any other reasondeploy:gitlab
or does not require deploying thegitlab
componentbackup:gitlab
deploy:runner
or does not require deploying therunner
imageAuthor (before every review)
develop
, squashed old fixupsmake requirements_update
or this PR does not modifyrequirements*.txt
,common.mk
,Makefile
andDockerfile
R
tag to commit title or this PR does not modifyrequirements*.txt
reqs
or does not modifyrequirements*.txt
make integration_test
passes in personal deployment or this PR does not modify functionality that could affect the IT outcomeSystem administrator (after approval)
no demo
Operator (before pushing merge the commit)
develop
cerebro
,kibana
, andgitlab-runner
images fromdev
._select dev.shared && CI_COMMIT_REF_NAME=develop make -C terraform/shared apply_keep_unused
or this PR is not labeleddeploy:shared
dev
(see operator manual for details) or this PR is not labeledbackup:gitlab
_select dev.gitlab && CI_COMMIT_REF_NAME=develop make -C terraform/gitlab apply
or this PR is not labeleddeploy:gitlab
cerebro
,kibana
, andgitlab-runner
images fromanvildev
._select anvildev.shared && CI_COMMIT_REF_NAME=develop make -C terraform/shared apply_keep_unused
or this PR is not labeleddeploy:shared
anvildev
(see operator manual for details) or this PR is not labeledbackup:gitlab
_select anvildev.gitlab && CI_COMMIT_REF_NAME=develop make -C terraform/gitlab apply
or this PR is not labeleddeploy:gitlab
deploy:gitlab
deploy:gitlab
System administrator
dev.gitlab
are complete or this PR is not labeleddeploy:gitlab
anvildev.gitlab
are complete or this PR is not labeleddeploy:gitlab
Operator (before pushing merge the commit)
_select dev.gitlab && make -C terraform/gitlab/runner
or this PR is not labeleddeploy:runner
_select anvildev.gitlab && make -C terraform/gitlab/runner
or this PR is not labeleddeploy:runner
sandbox
labeldev
anvildev
sandbox
deploymentanvilbox
deploymentsandbox
deploymentanvilbox
deploymentp
tagsOperator (after pushing the merge commit)
dev
anvildev
dev
dev
anvildev
anvildev
_select dev.shared && make -C terraform/shared apply
or this PR is not labeleddeploy:shared
_select anvildev.shared && make -C terraform/shared apply
or this PR is not labeleddeploy:shared
dev
anvildev
Operator
anvildev.shared
was last deployedscript/export_inspector_findings.py
againstanvildev
, imported results to Google Sheet and posted screenshot of relevant1 findings as a comment on the connected issue.prod
andanvilprod
promotion PRs:deploy:shared
,deploy:gitlab
,deploy:runner
andbackup:gitlab
labels to the next promotion PRs or this PR carries none of these labelsdeploy:shared
,deploy:gitlab
,deploy:runner
andbackup:gitlab
labels, from the description of this PR to that of the next promotion PRs or this PR carries none of these labels1A relevant finding is a high or critical vulnerability in an image
that is used within the security boundary. Images not used within the boundary
are tracked in
azul.docker_images
under a key starting with_
.System administrator
Shorthand for review comments
L
line is too longW
line wrapping is wrongQ
bad quotesF
other formatting problem