-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump to Kubernetes 1.30 #262
Conversation
edd89ad Merge pull request kubernetes-csi#251 from jsafrane/add-logcheck 043fd09 Add test-logcheck target d7535ae Merge pull request kubernetes-csi#250 from jsafrane/go-1.22 b52e7ad Update go to 1.22.2 14fdb6f Merge pull request kubernetes-csi#247 from msau42/prow 9b4352e Update release playbook c7bb972 Fix release notes script to use fixed tags 463a0e9 Add script to update specific go modules git-subtree-dir: release-tools git-subtree-split: edd89ad58509b16d1a1fbdfe1d2d935beb36c67a
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jsafrane The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@jsafrane Would you mind reviewing this PR? This PR bumps the Go version to 1.22.3 due to vulnerabilities in Go 1.22.2 identified by the Trivy vulnerability scanner. |
release-tools/prow.sh
Outdated
@@ -86,7 +86,7 @@ configvar CSI_PROW_BUILD_PLATFORMS "linux amd64 amd64; linux ppc64le ppc64le -pp | |||
# which is disabled with GOFLAGS=-mod=vendor). | |||
configvar GOFLAGS_VENDOR "$( [ -d vendor ] && echo '-mod=vendor' )" "Go flags for using the vendor directory" | |||
|
|||
configvar CSI_PROW_GO_VERSION_BUILD "1.21.5" "Go version for building the component" # depends on component's source code | |||
configvar CSI_PROW_GO_VERSION_BUILD "1.22.2" "Go version for building the component" # depends on component's source code |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Go 1.22.3 was released on 5/7 [1]. Is it possible to include that update in this release?
Note: updating should resolve the Trivy gate failure, too.
[1] https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Regarding this matter, I believe it will be necessary to update the csi-release-tools submodule in this repository after merging the following PR:
kubernetes-csi/csi-release-tools#252
@jsafrane Would you please update the csi-release-tools again, as the PR mentioned below has been merged? |
adb3af9d Merge pull request kubernetes-csi#252 from bells17/update-go-version b82ee388 Merge pull request kubernetes-csi#253 from bells17/fix-typo c3174562 Fix typo 0a785056 Bump to Go 1.22.3 git-subtree-dir: release-tools git-subtree-split: adb3af9dfa3ed4d1a922cd839bb48e0b73918617
Add ctx to the Connect call.
@bells17 Thanks for the go bump in release-tools repo. I included it in this PR. |
/lgtm |
What type of PR is this?
/kind feature
What this PR does / why we need it:
Update to go 1.22.3, Kubernetes 1.20, csi-lib-utils 0.18 and the latest release-tools.
Fixes CVE-2024-24788.
Does this PR introduce a user-facing change?: