Update Go images to 1.12.10 #74
Conversation
Update from 1.12.6. There have been several security fixes since that version.
k8s-ci-robot
added
the
cncf-cla: yes
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: codenrhoden The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
size/XS
|
One question I have around this... We specify an explicit patch verserion (1.12.10) instead of just the minor (1.12). I think we do this for repeatability. 1.12 is a moving tag that always points to the latest release in that minor stream. How important is that in this scenario? The downside is that we stay on old versions when security fixes come out. And that has happened a few times with 1.12.x. Thoughts @dvonthenen and @divyenpatel ? @frapposelli pinging you too, because we have the same issue in the CPI. |
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
|
So after thinking about this a bit more, surveying other projects, and talking to other folks involved in release, I think we should stick with the patch version. That way it doesn't slide without us knowing and we are left wondering "what changed?" if our program behavior suddenly changes. /hold cancel |
k8s-ci-robot
removed
the
do-not-merge/hold
|
/lgtm |
k8s-ci-robot
added
the
lgtm
…ncy-openshift-4.14-vmware-vsphere-syncer Updating vmware-vsphere-syncer images to be consistent with ART
What this PR does / why we need it:
Update from 1.12.6. There have been several security fixes since that
version.
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close that issue when PR gets merged): fixes #Special notes for your reviewer:
Release note: