chore: upgrade kube-openapi Fixes #9149 #9235
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
v3
Outdated
| @@ -0,0 +1 @@ | |||
| . | |||
There was a problem hiding this comment.
Could you remove this file?
There was a problem hiding this comment.
hi @terrytangyuan, the v3 file came from the output of the make pre-commit -B command the pull request instructions said to run first. I can remove though 👍
mcgrawia
force-pushed
the
fix-CVE-2022-1996
branch
from
f850486
to
a22c31a
Compare
mcgrawia
commented
Jul 26, 2022
test/util/shared_index_informer.go
Outdated
| @@ -26,3 +27,4 @@ func (s *SharedIndexInformer) LastSyncResourceVersion() string | |||
| func (s *SharedIndexInformer) AddIndexers(cache.Indexers) error { return nil } | |||
| func (s *SharedIndexInformer) GetIndexer() cache.Indexer { return s.Indexer } | |||
| func (s *SharedIndexInformer) SetWatchErrorHandler(handler cache.WatchErrorHandler) error { return nil } | |||
| func (s *SharedIndexInformer) SetTransform(handler cache.TransformFunc) error { panic("implement me") } | |||
There was a problem hiding this comment.
this was a new function added to the SharedIndexInformer interface in k8s client-go v0.24.3
mcgrawia
force-pushed
the
fix-CVE-2022-1996
branch
2 times, most recently
from
391d567
to
12f55a6
Compare
|
@terrytangyuan can I get some help on how to resolve the Codegen issue? I attempted to run the command in the pull request template |
|
When you ran the command, did you see any errors? |
|
I didn't realize it the first time but it looks like there are some, although I'm not sure what the fix should be. Here's the full log: |
|
also when I check out the code according to that warning above into the folder |
.github/workflows/ci-build.yaml
Outdated
| @@ -17,7 +17,7 @@ jobs: | |||
| tests: | |||
| name: Unit Tests | |||
| runs-on: ubuntu-latest | |||
| timeout-minutes: 8 | |||
There was a problem hiding this comment.
Sync with the master. Master has unittest improvement
There was a problem hiding this comment.
Hi @sarabala1979, my PR is already based on the latest master:
There was a problem hiding this comment.
apologies, there was a new commit as of 4 hours ago I did not have, but I don't think this should affect the unittests. Rebased 👍
mcgrawia@b44981f
mcgrawia
force-pushed
the
fix-CVE-2022-1996
branch
from
12f55a6
to
0e54312
Compare
|
|
|
@terrytangyuan when I run that command, no output occurs, so I think it's already installed: go install github.com/gogo/protobuf/protoc-gen-gogo@v1.3.2I can see the binary in my ls ~/go/bin
client-gen deepcopy-gen diagram go-to-protobuf goimports informer-gen jsonschema kind openapi-gen protoc-gen-gogofast protoc-gen-swagger
controller-gen defaulter-gen generator go1.18.4 hack jose-util jwk-keygen lister-gen protoc-gen-gogo protoc-gen-grpc-gateway swagger |
|
I wiped my Go installation and reinstalled everything and added Is there documentation about how to run this process? It seems like I'm missing some basic setup |
|
The errors indicate that your |
|
hi @terrytangyuan , thanks or the help. Unfortunately after deleting the vendor folder and re-running I still see the following error: if it helps, my GO env variables look like this: echo $GO111MODULE $GOROOT $GOPATH
on /usr/local/go /Users/ianmcgraw/go |
|
@terrytangyuan would it be possible for someone on the Argo side to attempt this command and if it succeeds push the generated files to this branch? I imagine someone on the team likely already has this working so it might be easier than having me sink more hours into troubleshooting on my end. |
I just pushed the generated files. |
|
thank you @terrytangyuan ! I'll see if I can get the final tests passing and hopefully we can get this merged |
|
The build failures may not be related to your changes. I am observing similar failures in simple PRs like #9249 |
|
@terrytangyuan ok thank you for the heads up, I'll wait to hear from you for next steps |
mcgrawia
force-pushed
the
fix-CVE-2022-1996
branch
from
a626f2d
to
f47c5b6
Compare
|
@terrytangyuan it looks like all of the tests are now passing, let me know if there's anything else I can do before we can merge this, thanks! Also I wanted to ask, is there anything else I can do to help get this released ASAP? Is there a branch I should back-port this patch to? Not sure what would be required to release a v3.3.9. |
terrytangyuan
approved these changes
Jul 29, 2022
There was a problem hiding this comment.
LGTM. I'd defer to @sarabala1979 @alexec regarding back-porting this.
alexec
approved these changes
Jul 29, 2022
test/util/shared_index_informer.go
Outdated
| @@ -26,3 +27,4 @@ func (s *SharedIndexInformer) LastSyncResourceVersion() string | |||
| func (s *SharedIndexInformer) AddIndexers(cache.Indexers) error { return nil } | |||
| func (s *SharedIndexInformer) GetIndexer() cache.Indexer { return s.Indexer } | |||
| func (s *SharedIndexInformer) SetWatchErrorHandler(handler cache.WatchErrorHandler) error { return nil } | |||
| func (s *SharedIndexInformer) SetTransform(handler cache.TransformFunc) error { panic("implement me") } | |||
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Yuan Tang <terrytangyuan@gmail.com> Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
mcgrawia
force-pushed
the
fix-CVE-2022-1996
branch
from
51d4220
to
bdd7dbc
Compare
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
|
thanks @alexec, changed! Will merge once CICD finishes. Any suggestions how I can help get this patched into a |
Signed-off-by: Ian McGraw <mcgrawia@umich.edu>
|
also @alexec @terrytangyuan @sarabala1979 I think everything should be good to go on this PR when one of you is available to merge. Thanks for the help 👍 |
|
Thank you! @sarabala1979 Do you think we can backport this to 3.3.9 release? |
|
Good morning @sarabala1979, please let me know if there's anything I can help with to get a 3.3.9 release with this patch. This vulnerability is preventing us from releasing to our customers so would appreciate if we can get this out quickly. Thank you |
|
amazing, thanks @terrytangyuan ! will follow along there 👍 |
terrytangyuan
pushed a commit
that referenced
this pull request
Aug 2, 2022
juchaosong
pushed a commit
to juchaosong/argo-workflows
that referenced
this pull request
Nov 3, 2022
Signed-off-by: juchao <juchao@coscene.io>
reddymh
pushed a commit
to reddymh/argo-workflows
that referenced
this pull request
Jan 2, 2023
Signed-off-by: Reddy <Rajshekar.Reddy@lowes.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Ian McGraw mcgrawia@umich.edu
Fixes #9149 CVE-2022-1996