Skip to content
This repository has been archived by the owner on Aug 19, 2024. It is now read-only.

update dependencies #215

Merged
merged 2 commits into from
Feb 21, 2024
Merged

update dependencies #215

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a486d38
update dependencies
kim-tsao Feb 20, 2024
2679836
address review comments
kim-tsao Feb 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -220,7 +220,7 @@ GOLANGCI_LINT_VERSION ?= v1.55.2
GOIMPORTS_VERSION ?= v0.15.0
ADDLICENSE_VERSION ?= v1.1.1
# opm and operator-sdk version
OP_VERSION ?= v1.33.0
OP_VERSION ?= v1.36.0
nickboldt marked this conversation as resolved.
Show resolved Hide resolved
GOSEC_VERSION ?= v2.18.2

## Gosec options - default format is sarif so we can integrate with Github code scanning
Expand Down
2 changes: 1 addition & 1 deletion docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ RUN export ARCH="$(uname -m)" && if [[ ${ARCH} == "x86_64" ]]; then export ARCH=
# Install openssl for FIPS support
#@follow_tag(registry.redhat.io/ubi9/ubi-minimal:latest)
FROM registry.access.redhat.com/ubi9-minimal:9.3-1475 AS runtime
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you probably want to update the FROM images to the latest here too

Copy link
Member Author

@kim-tsao kim-tsao Feb 21, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need to since the update command will pull in the latest required rpm updates. The only time we would need to do so is if the major version is EOL

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

true but at some point 9.4 will be out and this might NOT work as intended. Would you prefer to just pull from latest instead of a pinned :9.3-zzz tag?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what if we enabled renovate on this repo? #216

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should update minor versions, I've tested this before. Here's an example:
Our dockerfile specified an 8.6-751 version which was then upgraded to 8.7.

I agree with having renovate update the images as well just so we are covered on all aspects. You can also configure Renovate to update EOL images

RUN microdnf install -y openssl; microdnf clean -y all
RUN microdnf update --setopt=install_weak_deps=0 -y && microdnf install -y openssl; microdnf clean -y all

# Upstream sources
# Downstream comment
Expand Down