Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Base Images for Security Vulnerability #4223

Merged
merged 14 commits into from
Jan 14, 2021
Merged

Update Base Images for Security Vulnerability #4223

merged 14 commits into from
Jan 14, 2021

Conversation

yophilav
Copy link
Contributor

@yophilav yophilav commented Jan 13, 2021
edited

Updating Base Images for Security Vulnerability:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723

List of Update Base Images:

  • Linux AMD64 : 3.1.4-alpine3.11 --> 3.1.11-alpine3.12
  • Linux ARM32 & ARM64 : 3.1.10-bionic-arm* --> 3.1.11-bionic-arm*
  • Windows AMD64 : 3.1.10-nanoserver-1809 --> 3.1.11-nanoserver-1809
  • Windows ARM32 : nanoserver:1809-arm32v7 (latest)

Publishing ARM Base Images:
1.0.5.7-linux-arm*

Note to Reviewer:
Please feel free to pull the branch down to your local machine and use your favorite editor's regex to make sure the base images are updated correctly. (I wish there is an easier way to do this).

yophilav and others added 14 commits November 30, 2020 11:32
@yophilav
Fixing ValidateMetrics E2E (Azure#3767)
c724360 
Currently the `ValidateMetrics` parses [metric readme page](https://github.com/Azure/iotedge/blob/master/doc/BuiltInMetrics.md) to obtain all the metric keys. The test then deploy the system runtime modules and populate its metrics which then are compared against the parsed-document set.
There are a handful of not-so-positive metrics that are not being populated if the system modules operated on a happy path during the E2E test. These not-so-positive metrics are currently causing the `ValidateMetrics` to fail since they are not being populated.
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
5a4d3bd 
…o release/1.0.10
@yophilav
Update base image usage
68da169
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
19c2f3a 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
64f214c 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
c3f8b36 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
ae3b408 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
94bf850 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
3a3fe32 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
770df31 
…o release/1.0.10
@yophilav
Merge branch 'release/1.0.10' of https://github.com/azure/iotedge int…
1361f8c 
…o release/1.0.10
@yophilav
Update ARM Base Image to 3.1.11-bionic-arm
fae543e
@yophilav
Update Windows Base Images ARM32 & AMD64
57adc6b
@yophilav
Update Linux AMD64 Alpine3.11 to Alpine3.12
759a5e5
dylanbronson
dylanbronson approved these changes Jan 14, 2021
View reviewed changes
Copy link
Contributor

@dylanbronson dylanbronson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked out pr and didn't find old images. LGTM

@yophilav
Copy link
Contributor Author

Thank you for the approval. I'm waiting for the publication of WinIoT ARM32 to be done before I merge the PR.

@kodiakhq kodiakhq bot merged commit 8bd0ab5 into Azure:release/1.0.10 Jan 14, 2021
yophilav added a commit to yophilav/iotedge that referenced this pull request Jan 14, 2021
@yophilav
Update Base Images for Security Vulnerability (Azure#4223)
6147628 
Updating Base Images for Security Vulnerability:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723

List of Update Base Images:
- Linux AMD64 :  3.1.4-alpine3.11 --> 3.1.11-alpine3.12
- Linux ARM32 & ARM64 : 3.1.10-bionic-arm* --> 3.1.11-bionic-arm*
- Windows AMD64 : 3.1.10-nanoserver-1809 --> 3.1.11-nanoserver-1809
- Windows ARM32 : nanoserver:1809-arm32v7 (latest)

Publishing ARM Base Images:
1.0.5.7-linux-arm*

Note to Reviewer: 
Please feel free to pull the branch down to your local machine and use your favorite editor's regex to make sure the base images are updated correctly. (I wish there is an easier way to do this).
@vvv37912 vvv37912 mentioned this pull request Jan 14, 2021
Merged
kodiakhq bot pushed a commit that referenced this pull request Jan 14, 2021
@yophilav
Update Base Images for Security Vulnerability (#4223) (#4228)
4dbaa62 
Updating Base Images for Security Vulnerability:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723

List of Update Base Images:
- Linux AMD64 :  3.1.4-alpine3.11 --> 3.1.11-alpine3.12
- Linux ARM32 & ARM64 : 3.1.10-bionic-arm* --> 3.1.11-bionic-arm*
- Windows AMD64 : 3.1.10-nanoserver-1809 --> 3.1.11-nanoserver-1809
- Windows ARM32 : nanoserver:1809-arm32v7 (latest)

Publishing ARM Base Images:
1.0.5.7-linux-arm*

Note to Reviewer: 
Please feel free to pull the branch down to your local machine and use your favorite editor's regex to make sure the base images are updated correctly. (I wish there is an easier way to do this).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@damonbarry damonbarry damonbarry approved these changes

@dylanbronson dylanbronson dylanbronson approved these changes

@ancaantochi ancaantochi Awaiting requested review from ancaantochi

@and-rewsmith and-rewsmith Awaiting requested review from and-rewsmith

Assignees
No one assigned
Labels
ready-to-merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@yophilav @damonbarry @dylanbronson