chore(): Release 1.19.0 prep #7036
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* fix: operator CVEs * CVE fixes * fix tests * fix setup env * test against all supported k8s versions * fix executor CVEs * fix linter * fix downgrade of controller-gen * lint
* test locally built img * fix action * fix env var * docker file context * docker file context * remove comments * fail when issues found * change env var * fix potential colliding env var * typo * test old vulnerable image * test remove docker file * test no level check * test disable sarif * fall on all * run via CLI * test exit 1 fails pipeline * test latest version * fail on all * run from executor dir * fail on everything * re-instate snyk action * wip * Test building base python image and scanning image w/o pushing to repo * fix tag * fix tag * fix tag * fix tag * fix tag * scan sklearn * fix build * fix env var * fix env var rclone * fix tag * fix tag * fix perms * run as root * fix: run as root * comment out to speed up * fix root * revert * clean up images to fix out of disk space * remove tox to fix out of space * upload images to artifactory * v4 * fix tag * reduce docker image size * check scan results and scan conda image * run PR actions against temp branch, should revert before merging to master * TODO * trigger build * check rclone failure explicitly * remove obsolete file * fail on all * fix not reporting failure * fix not reporting failure Removed file argument from Snyk scan command. * Fix indentation in security_tests_v1.yml * Enhance Snyk scan with SARIF output and upload Added SARIF output option for Snyk scan results and upload step. * Refactor RCLONE_IMAGE_TAG and Snyk scan options Updated RCLONE_IMAGE_TAG format and modified Snyk scan arguments. * run docker directly to fix mis-reporting Replaced snyk/actions/docker with direct Snyk CLI usage for container scanning. * Log return code after Snyk container test Added echo statement to log return code after Snyk container test. * Add debug flag to Snyk container test command * Change Snyk command from container test to test * Update Snyk command for container testing * fix rclone not reporting fixable CVEs Updated Snyk action for Docker image scanning. * Fix syntax error in security_tests_v1.yml * Fix syntax error in security_tests_v1.yml * Fix CVE rclone
* Fixed link to the E2E tests page in the CONTRIBUTING.MD page * Fix page title for the Source-to-image page
…, regenerate protos and licenses, format code and licenses (#6929)
* Upgrade xgboost to 1.7.6 so it's easy to install on macOS as well * Upgrade tf, tf-keras, protobuf, grpcio-tools in alibi-explain server * upgrade python version to 3.12, update deps, fix tests, regenerate protos, format code, update dockerfile, remove several CVEs --------- Co-authored-by: Antanina Vertsinskaya <antanina.vertsinskaya@seldon.io>
* Temporaryly remove failing commands n testing/scripts/Makefile * Upgrade mlserver and grpcio-tools in the testing/scripts/dev_requirements.txt * Upgrade tensorflow in the testing/scripts dev_requirements * Remove building alibi-detect-server for now * Run notebook with ipython by default * Fixing keda-operator failing pod * Fix applying keda manifest * replace seldon-core python sdk docker image in several places, update deps * Revert temporary changes --------- Co-authored-by: Antanina Vertsinskaya <antanina.vertsinskaya@seldon.io>
… SDK with Python 3.12 (#6941) * Change base image python for few models for tests * replace seldon-core-s2i-python38 image with python 3.12 for another model --------- Co-authored-by: Antanina Vertsinskaya <antanina.vertsinskaya@seldon.io>
…6942) * Fixing nbconvert upgrade * Hacky fix for missing get_ipython with new nbconvert --------- Co-authored-by: Antanina Vertsinskaya <antanina.vertsinskaya@seldon.io>
… image from 9 to 10 (#6947) * Update protobuf version to 5.29.5 to resolve a High CVE * update redhat ubi image from 9 to 10 to resolve multiple CVEs
…ified (#6963) * add webhook validation when SeldonDeployments created/modified * Update operator/utils/k8s/initializer.go Co-authored-by: Viktor Taskov <viktor.taskov@seldon.io> --------- Co-authored-by: Viktor Taskov <viktor.taskov@seldon.io>
* Fix building `core-builder` image (without anaconda migration) * Remove Jenkins x configuration files * Remove paths to unexisting images in the `release.py` script * Fix failing core-builder image WITHOUT conda migration and image update (tested on release script and helms generation for operator) * Download conda from conda-forge instead of anaconda repo in `seldonio/core-builder` image * Add TODO comments for places that need core-builder image version update * Fix and execute Java S2i example (leave comments as well) * Remove jx (jenkins), argo and gcloud CLIs from core-builder image + test on release, helm generation scripts and Java s2i examples * Refactor few bash scripts and makefiles to be able to easily run them on non‑x86_64 hosts (to always build images for linux/amd64) * Run create command from the `operator/helm` on top of new `core-builder` image * Upgrade `python` (to python 3.12), `miniforge` and `conda` versions in the `core-builder` Dockerfile * Fix warnings and pin new `core-builder` version in the release script * Pin new `core-builder` version in the wrappers/s2i/java dockerfile * Use new target version of `core-builder` in the root Makefile commands * Migrate `core-builder` base image to `eclipse-temurin:17-jdk
…condaforge/miniforge3` + upgrade to Python 3.12 (#6882) * Run `python_tests` workflow on push to any branch (for testing purposes) * replaced image with community-based one without upgrades * Update docker image version * Build the new image inside the GH runner and run tests for the testing purpose * Revert "Build the new image inside the GH runner and run tests for the testing purpose" This reverts commit 564446f. * Change commands sequence before running tests * Upgrade miniforge, python and poetry in the python-builder Dockerfile * Fix high CVE by pinning brotli version * Pin few dependencies in the `python-builder` image based on dependencies in the `/python` folder * Use new python-builder tag everywhere (CI would be failing - that's ok) * Update python_tests.yml * Update python_lint.yml
…6935) * Fix `get_local_repo` to make it work on macOS * Update python and lock * Update numpy to "1.26.4" * remove `extras=["all"]` from alibi-detect dependency definition and pin update dependencies for correct installation * Fix build seldonio/conda-ubi9 image * Upgrade pip-licenses = "5.5.0" * Fix building `alibi-detect-server` image * Fix invoking `make test` * Upgrade tensorflow to fix some tests * skip if rclone is unavailable * Updated poetry.lock * Update GH action for alibi detect tests * Minor packages upgrades * Fix minor image warnings * Remove fix for the solved `pystan` issue * Added missing "tensorflow-probability" and "tf-keras" dependencies to run alibi detect server * Upgrade rclone to v1.71.2 to fix CVEs * Fix poetry installation after conda base image is changed; Introduced fix for the CVE in the same way as it's introduced in the `alibi-explain-server` image * Fix alibidetect_tests workflow * Try to run workflow in a fork (expect to be failing) * Upgrade `black` to fix lint job * upgrade protobuf, tf, tf-keras, grpcio-tools * Upgrade protobuf patch version to move from yanked version * Use ubi9 base image for the alibi-detect-server image * Return missing option -p for mkdir command in Dockerfile * Return type check stage before tests execution and fix one error * Testing with alibi-detect rc * Upgraded mypy to fix type_check action * Pass TF_USE_LEGACY_KERAS to fix alibi-detect e2e tests on top of the new `alibi-detect` rc * Update readme and mark GPU image as deprecated (only repo * Fixed helper commands to run quick sanity checks and updated readme * Try to clean up disk space to fix ci for alibi-detect-server * Clean up * Deprecate components/drift-detection/nvidia-triton-cifar10/cifar10_drift.ipynb notebook * Added a note about rclone setup to readme * Update lint command to use `poetry`; Committing formatted files * Revert a code to build conda base image on mac
…annel is used (#6969) * Deleted wrappers/s2i/python/test/pytorch-env test as it haven’t been properly maintained and doesn't seem to be executed anywhere * Upgrade seldon-core-analytics charts * Upgrade "MLFlow Pre-packaged Model Server AB Test Deployment" notebook to ensure it's working with conda-forge channel * Move to conda-forge channgel for elasticnet_wine model * Mention that `seldon-core-analytics` is deprecated in the mlflow ab test notebook * Deprecate `seldon-core-analytics` chart
* Update triggers for a few workflows that don't have to be run so frequently * Replace old base branch with new one
* Recheck helm_examples notebook - working when running manually * Recheck istio_examples notebook - working when running manually * `max_grpc_msg_size` works when running manually * `protocol_examples` works when run manually * Few updates for the `server_examples` notebook (partial refactor) * `ambassador_headers` notebook works when run manually * `ambassador_shadow` notebook works locally * Fixed 3 tests executing them successfully in pytest * Move helping function to the separate file for now, introduce TEST_MODE variable to the notebook * Fix & refactor istio_example and max_grps_msg_size notebooks * Do not ignore notebooks/wait_for_seldon_client_predict method * Fixing conflices in processed notebooks + protocol_examples notebooke * Delete pushed files that shouldn't be commited * Minor improvements for the metadata notebook * Fix graph_metadata notebook * refactor for metadata_grpc (not working yet) * fix skearn_iris_jsondata notebook * Fix sklearn_iris notebook flakiness * fix feedback/metrics-server test * Clean up openvino-squeezenet notebook and uncomment it * Clean up openvino_imagenet_ensemble notebook * use retry from tenacity instead custom solution * Use retry from tenacity for istio_example notebook * use retry from tenacity in max_grpc_msg_size notebook * use retry from tenacity for the protocol_examples notebook + remove custom retry solution * Fix rolling_updates notebook * Removed generated .py file from examples/models/distruption_budgets and added it to gitignore * Improve autoscaling_examle flakiness * Just new lines at the end of the yaml files * Fixing keda autoscaling notebook (missing label for pod-monitor) * Ignored .py file generate from `keda_prom_auto_scale` notebook for executing as tese * Fix metadata_grpc notebook * ambassador_canary: Add sleeps and retries to ensure correct test execution * Fixed ambassador_headers notebook - add retry and sleeps * Improved ambassador_shadow notebook flakiness - added sleeps and retries * Remove rolling_updates notebook as there is a test in testing/scripts/test_rolling_updates * Uncomment fixed notebooks * Remove openvino tests as this project is deprecated * Clean up notebooks: ensure latest version of mock_classifier is used, context is not set by default * Clean up * Clean up invalid description for the step inside ambassador_headers notebook * Revert "Clean up openvino-squeezenet notebook and uncomment it" This reverts commit 1beb5ff. * Revert "Clean up openvino_imagenet_ensemble notebook" This reverts commit 3b48d70. * Increate timeout for triton model readiness * Delete LICENSE file in `executor/proto` (it shouldn't be generated in this PR)
* Bump mlserver to 1.7.1 * upgrade and pin mlflow to 3.1.1 in the mlflowserver * Upgrade elasticnet_wine model env, pin mlserver and uvloop * Fix mlflow tests in test_prepackaged_servers file * Fixing server_examples (in progress) * Fix server_examples notebook * Uncomment fixed notebook
…mages (#6983) * Bump minor version for ubi9 from 9.6 to 9.7 only for both executor and operator images since rclone passes * Bump minor version for ubi9 from 9.6 to 9.7 only for rclone Docker image - observing the Snyk report
…rsions - older ones are present in the legacy path (#6982)
…6904) * Removed Jenkins Classic & Jenkins X tutorials in Gitbook documentation * Remove Jenkins classic and Jenkins x examples
…ry for testing purposes (+ remove references in docs) (#6998)
…7013) * Add workflow for building and pushing the python-builder image, it's used in other workflows * Add on push to trigger it once * Temporarily tag it with 0.9 and push, since cannot be manually triggered yet * Use tag instead of hardcoded one * Remove forgotten on push condition * Remove defaut value
…es for Snyk (#7002) * Remove security scans for v1 and v2; v1 will be split into 2 files * Add Snyk scans for python images * Add Snyk scans for go images + Rclone * Add Snyk scan for go.mod operator and executor, and the python package
* Fix 1 lint error * Fix more lint errors * Remove old conda version dev dep in python folder * Add git diff to understand why diffing the licensing fails * Disable otherworkflows white investingating * Add pwd and ls * Make licenses for python * Tweak makefile to correctly point to git repo root * Attempt to make the git folder discoverable after checkout in container * Add 'and' operator for all commands in make lint * notebooks lint * make lint: run black only * make lint: run isort only * make lint: run flake8 only * make lint: run nbqa black only * make lint: run nbqa isort only * make lint: run git diff only * Print git version in workflow * lint workflow: downgrade checkout action from 4 to 2 * Set fetch-depth to 0 when cloning repo * Resolve repo root in a different way * add steps for the workflow to commit changes in licenses * Mark dir as safe * Add git push * resolve branch * push if push event * Turn on the rest of the workflows * Manually commit licenses
* Change prepackaged servers tags in tests * Uncomment * Change configmap image tags to latest in tests to signify that those are not relevant * Add rclone-related files to the release script to change the tag
…ibi-detect-server` references (#7014) * Remove copy of the minio_setup notebook * Upgrade `minio_setup` notebook * Upgraded `components/drift-detection/cifar10/cifar10_drift.ipynb` notebook * Update links in the `components/drift-detection/cifar10/cifar10_drift.ipynb` example * Upgrade `components/outlier-detection/cifar10/cifar10_outlier.ipynb` example and eliminate direct call of `alibi-detect` outlier cluster as additional cluster setup is needed for that * Fix links to docs in the cifar10_outlier notebooks * Add warning that notebooks wasn't tested to multiple notebooks using `alibi-detect-server` * Remove unused file with alibi-detect-server reference * Generate updated pages from notebooks and remove unused README.md files * Update minio setup Gitbook page * Update deprecation notice for the notebooks
…6977) * Fixed links to the Core setup doc page in the notebooks * Get rid of README.md for feedback/metrics-server as another this file (`docs-gb/notebooks/feedback_reward_custom_metrics.md`) is used instead * Update docs pages generated from the notebooks
…elm-charts/seldon-core-operator/values.yaml (#7024)
* [alibi-detect-server] Fixing SNYK-PYTHON-URLLIB3-14192442 CVE * Skip few job in CI to save resources * Upgrade urrlib3 in alibi-explain-server component * Remove spacy tests to eliminate the CVE-2024-6345 vulnerability in setuptools dependency * Pin urllib3 in mlflowserver to get rid of CVE-2025-66471 * pin urllib3 for `tfserving_proxy` * Print deps tree to debug * Fix broken workflow after adding another `if` * Pin setuptools again to check deps tree * Try to manually add snyk ignore * Fix `--policy-path` arg * Try `--exclude-base-image-vulns` arg as well * Add pip freeze for server images * Make .snyk `ignore` section more specific * Enable all jobs in the python security tests * Upgrade tornado minor version in alibi-explain, alibi-detect * pin setuptools to exact version in tfserving_proxy
* Stop updating `seldon-core-analytics` in the release.py script as it's deprecated * Fix log content for version updates of the models * (release script) overhaul files where sklearn/iris is used; removed unused README.md files generated from the notebooks * Add "components/rclone-storage-initializer/Dockerfile" so version could be updated through the script * Remove unused .yaml files * Overhaul files referencing mlflow/elasticnet_wine model * Replace older versions of versioned iris model with 1.19.0-dev version * Remove irrelevant comments * add missing pathes for files where newest alibi-detect-server image should be used * Update echo-model version everywhere and run `metrics` notebook * Ensure `alibi-detect-server` version is updated everywhere * ensure pyproject.toml files are updated in release script for alibi-explain/alibi-detect servers * ensure script correctly replaces version for custom_init_container notebook, where minio is used * Clean up
* chore(docs): Mistype & link fix for Core 1 docs (#6915) * Fixed link to the E2E tests page in the CONTRIBUTING.MD page * Fix page title for the Source-to-image page * GitBook: No commit message * Fix some mistypes / return previous version after gitbook bot commit * clean up --------- Co-authored-by: Hiten Kacha <hiten.kacha@seldon.io>
|
Check out this pull request on See visual diffs & provide feedback on Jupyter Notebooks. Powered by ReviewNB |
|
|
…#7038) * Fully remove examples/models/resnet as it hasn't been maintained for a long time and not referenced anywhere * Delete examples/explainers/imagenet/ folder as it hasn't been maintained for a long time + it's not referenced in the repo * Deleted examples/feedback/reward-accuracy as it hasn't been maintained, it's referencing seldon-core-analytics which is deprecated, and it's not referenced anywhere else * Deprecate the rest of notebooks where `seldon-core-s2i-python3*.:1.19`. is used * Regenerate markfowns from notebooks * Use variables in docs for python version and tag instead of specific numbers
tyndria
approved these changes
Dec 18, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.