[EUWE] Update the azure-armrest dependency to 0.7.3 #15239
Conversation
|
@miq-bot add_label darga/yes |
miq-bot
changed the title
Update nokogiri gem to 1.7.2.
|
Checked commit https://github.com/djberg96/manageiq/commit/c248aecbf7bd3ebea46ce4e1d2212c6dac77a3a1 with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0 |
|
@simaishi Note on the labeling...this is direct to euwe, but also requested for darga. |
|
As long as we can bundle on darga with the newer nokogiri, we should be ok. They're pretty good at not breaking us. |
|
@jrafanie - Can you approve the upgrade of nokogiri (on Euwe)? Thanks. |
|
@bronaghs @djberg96 While I think it's ok to upgrade nokogiri on euwe, darga would be riskier. It's unclear why a patch release would require a minor nokogiri upgrade when nokogiri usually backports CVEs to older versions like 1.6.x. I want my gems on the latest versions of things but we shouldn't force upgrades when they're not required. |
|
'master' branch has nokogiri version set to |
|
@miq-bot remove_label darga/yes |
|
@djberg96 I'm going to merge this. When you have a PR to bump Nokogiri for master, please link the PR here. |
|
@simaishi ManageIQ/manageiq-gems-pending#204 Do you want a PR for Fine as well? |
|
@djberg96 thanks - I'll backport the 'master' PR to Fine once merged |
This PR upgrades the azure-armrest gem to 0.7.3. The latest version includes some enhancements to the method that gathers private image data which prevents the refresh parser from failing due to sporadic ECONNREFUSED and TimeoutException's.
In conjunction with ManageIQ/manageiq-providers-azure#74, it keeps the branches in sync, too.
Note that I also updated the nokogiri gem dependency. Not only does the azure-armrest gem depend on the newer version, we should update anyway because there was a CVE. See https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md for details.
https://bugzilla.redhat.com/show_bug.cgi?id=1456044