Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CMP-2639: Exclude binary libcrypto check using golang 1.22 #205

Merged
merged 1 commit into from
Jun 28, 2024
Merged

CMP-2639: Exclude binary libcrypto check using golang 1.22 #205

merged 1 commit into from
Jun 28, 2024

Conversation

rhmdnd
Copy link
Contributor

@rhmdnd rhmdnd commented Jun 28, 2024

Golang version 1.22 does not have hardcoded libcrypto versions anymore, and does not emit the libcrypto version in the binary output of a go binary (e.g., using strings).

Because of this, the approach we were using to detect the OpenSSL version based on a regular expression and attempting to match that with the binary output does not work for binaries built with golang 1.22.

This is particularly prevalent with OpenShift 4.17 payloads that are using RHEL 9 and golang 1.22 base images.

This commit updates the binary scan logic to skip checking binaries for OpenSSL versions when using golang 1.22.

@rhmdnd
CMP-2639: Exclude binary libcrypto check using golang 1.22
8362095 
Golang version 1.22 does not have hardcoded libcrypto versions anymore,
and does not emit the libcrypto version in the binary output of a go
binary (e.g., using strings).

Because of this, the approach we were using to detect the OpenSSL
version based on a regular expression and attempting to match that with
the binary output does not work for binaries built with golang 1.22.

This is particularly prevalent with OpenShift 4.17 payloads that are
using RHEL 9 and golang 1.22 base images.

This commit updates the binary scan logic to skip checking binaries for
OpenSSL versions when using golang 1.22.
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jun 28, 2024
@openshift-ci-robot
Copy link

openshift-ci-robot commented Jun 28, 2024
edited by openshift-ci bot
Loading

@rhmdnd: This pull request references CMP-2639 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.17.0" version, but no target version was set.

In response to this:

Golang version 1.22 does not have hardcoded libcrypto versions anymore, and does not emit the libcrypto version in the binary output of a go binary (e.g., using strings).

Because of this, the approach we were using to detect the OpenSSL version based on a regular expression and attempting to match that with the binary output does not work for binaries built with golang 1.22.

This is particularly prevalent with OpenShift 4.17 payloads that are using RHEL 9 and golang 1.22 base images.

This commit updates the binary scan logic to skip checking binaries for OpenSSL versions when using golang 1.22.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot requested review from kolyshkin and mrunalp June 28, 2024 17:49
@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 28, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jun 28, 2024

@rhmdnd: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

mrunalp
mrunalp approved these changes Jun 28, 2024
View reviewed changes
Copy link
Member

@mrunalp mrunalp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jun 28, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jun 28, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mrunalp, rhmdnd

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 8593cc2 into openshift:main Jun 28, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mrunalp mrunalp mrunalp approved these changes

@kolyshkin kolyshkin Awaiting requested review from kolyshkin

Assignees

@mrunalp mrunalp

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rhmdnd @openshift-ci-robot @mrunalp