Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auto-refreshing Official CVE Feed #3203

Open
8 tasks done
PushkarJ opened this issue Feb 1, 2022 · 14 comments
Open
8 tasks done

Auto-refreshing Official CVE Feed #3203

PushkarJ opened this issue Feb 1, 2022 · 14 comments
Labels
sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/security Categorizes an issue or PR as relevant to SIG Security. tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team
Milestone

Comments

@PushkarJ
Copy link
Member

PushkarJ commented Feb 1, 2022

Enhancement Description

Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.

@k8s-ci-robot k8s-ci-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Feb 1, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Feb 1, 2022

/sig security docs

@k8s-ci-robot k8s-ci-robot added sig/security Categorizes an issue or PR as relevant to SIG Security. sig/docs Categorizes an issue or PR as relevant to SIG Docs. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Feb 1, 2022
@PushkarJ PushkarJ added this to In Progress in sig-security-tracker Feb 11, 2022
@k8s-triage-robot
Copy link

k8s-triage-robot commented May 2, 2022

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 2, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented May 2, 2022

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 2, 2022
@jasonbraganza
Copy link
Member

jasonbraganza commented Jun 13, 2022

Hello @PushkarJ, @nehaLohia27 👋, 1.25 Enhancements team here.

Just checking in as we approach enhancements freeze on 18:00 PST on Thursday June 16, 2022.

For note, This enhancement is targeting for stage alpha for 1.25 (correct me, if otherwise)

Here's where this enhancement currently stands:

  • KEP file using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable
  • KEP has a updated detailed test plan section filled out
  • KEP has up to date graduation criteria
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

Looks like for this one, we would need to update the open PR #3204 with the following:

  • Update the kep.yaml file to reflect the latest milestone information
  • Please update the Test plan section, so that it incorporates the updated detailed test plan section requirements
  • Please update the Graduation criteria section with appropriate details.

For note, the status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@jasonbraganza jasonbraganza added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Jun 13, 2022
@jasonbraganza jasonbraganza added this to the v1.25 milestone Jun 13, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Jun 16, 2022

Thank you for the detailed feedback @jasonbraganza . I believe the latest updates to PR #3204 should resolve the pending items. Please let us know if anything else is missing!

@jasonbraganza
Copy link
Member

jasonbraganza commented Jun 16, 2022

Thank you so much, @PushkarJ! I’ll update the KEP in our enhancements sheet to tracked

@Atharva-Shinde
Copy link

Atharva-Shinde commented Jul 25, 2022

Hi @PushkarJ, Enhancements team here again 👋

Checking in as we approach Code Freeze at 01:00 UTC on Wednesday, 3rd August 2022.

Please ensure that the following items are completed before the code-freeze:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
  • All PRs are fully merged by the code freeze deadline.

Currently, the status of the enhancement is marked as at-risk

Thanks :)

@PushkarJ
Copy link
Member Author

PushkarJ commented Jul 26, 2022

Thanks for the reminder @Atharva-Shinde. Added all the relevant PRs in the issue description now :)

@cici37
Copy link
Contributor

cici37 commented Jul 28, 2022

The relevant PRs against this KEP:

@Priyankasaggu11929
Copy link
Member

Priyankasaggu11929 commented Jul 29, 2022

@PushkarJ I have marked this enhancement as tracked. 🙂

@PushkarJ
Copy link
Member Author

PushkarJ commented Jul 29, 2022

Thank you @Priyankasaggu11929 and @cici37

@PushkarJ
Copy link
Member Author

PushkarJ commented Aug 2, 2022

@Priyankasaggu11929 @cici37 all PRs except kubernetes/website#35228 are now merged !!!

@PushkarJ PushkarJ moved this from In Progress to Ready for Co-Chair Review in sig-security-tracker Aug 5, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Aug 8, 2022

All PRs are merged! Working on feature blog now: kubernetes/website#35608

@PushkarJ PushkarJ moved this from Ready for Co-Chair Review to Umbrella issues in sig-security-tracker Aug 11, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Aug 23, 2022

Kubernetes v1.25 is live

What that means is that the official CVE feed built as part of KEP-3203 is live too. You can find it here:

Upcoming blog posts to be published on Sept 12 will cover more details

@rhockenbury rhockenbury added tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team and removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels Sep 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/security Categorizes an issue or PR as relevant to SIG Security. tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team
Projects
sig-security-tracker
Umbrella issues
Development

No branches or pull requests

8 participants