Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auto-refreshing Official CVE Feed #3203

Open
12 of 14 tasks
PushkarJ opened this issue Feb 1, 2022 · 31 comments
Open
12 of 14 tasks

Auto-refreshing Official CVE Feed #3203

PushkarJ opened this issue Feb 1, 2022 · 31 comments
Assignees
Labels
sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/security Categorizes an issue or PR as relevant to SIG Security. stage/beta Denotes an issue tracking an enhancement targeted for Beta status tracked/out-of-tree Denotes an out-of-tree enhancement issue, which does not need to be tracked by the Release Team

Comments

@PushkarJ
Copy link
Member

PushkarJ commented Feb 1, 2022

Enhancement Description

Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.

@k8s-ci-robot k8s-ci-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Feb 1, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Feb 1, 2022

/sig security docs

@k8s-ci-robot k8s-ci-robot added sig/security Categorizes an issue or PR as relevant to SIG Security. sig/docs Categorizes an issue or PR as relevant to SIG Docs. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Feb 1, 2022
@PushkarJ PushkarJ added this to In Progress in sig-security-tracker Feb 11, 2022
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 2, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented May 2, 2022

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 2, 2022
@jasonbraganza
Copy link
Member

Hello @PushkarJ, @nehaLohia27 👋, 1.25 Enhancements team here.

Just checking in as we approach enhancements freeze on 18:00 PST on Thursday June 16, 2022.

For note, This enhancement is targeting for stage alpha for 1.25 (correct me, if otherwise)

Here's where this enhancement currently stands:

  • KEP file using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable
  • KEP has a updated detailed test plan section filled out
  • KEP has up to date graduation criteria
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

Looks like for this one, we would need to update the open PR #3204 with the following:

  • Update the kep.yaml file to reflect the latest milestone information
  • Please update the Test plan section, so that it incorporates the updated detailed test plan section requirements
  • Please update the Graduation criteria section with appropriate details.

For note, the status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@jasonbraganza jasonbraganza added the tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team label Jun 13, 2022
@jasonbraganza jasonbraganza added this to the v1.25 milestone Jun 13, 2022
@PushkarJ
Copy link
Member Author

Thank you for the detailed feedback @jasonbraganza . I believe the latest updates to PR #3204 should resolve the pending items. Please let us know if anything else is missing!

@jasonbraganza
Copy link
Member

Thank you so much, @PushkarJ! I’ll update the KEP in our enhancements sheet to tracked

@Atharva-Shinde
Copy link
Contributor

Hi @PushkarJ, Enhancements team here again 👋

Checking in as we approach Code Freeze at 01:00 UTC on Wednesday, 3rd August 2022.

Please ensure that the following items are completed before the code-freeze:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
  • All PRs are fully merged by the code freeze deadline.

Currently, the status of the enhancement is marked as at-risk

Thanks :)

@PushkarJ
Copy link
Member Author

Thanks for the reminder @Atharva-Shinde. Added all the relevant PRs in the issue description now :)

@cici37
Copy link
Contributor

cici37 commented Jul 28, 2022

The relevant PRs against this KEP:

@Priyankasaggu11929
Copy link
Member

@PushkarJ I have marked this enhancement as tracked. 🙂

@PushkarJ
Copy link
Member Author

Thank you @Priyankasaggu11929 and @cici37

@jeremyrickard jeremyrickard added the lead-opted-in Denotes that an issue has been opted in to a release label Feb 2, 2023
@jeremyrickard
Copy link
Contributor

/milestone v1.27

@Atharva-Shinde
Copy link
Contributor

Hello @PushkarJ 👋, Enhancements team here.

Just checking in as we approach Enhancements freeze on 18:00 PDT Thursday 9th February 2023.

This enhancement is targeting for stage beta for 1.27 (correct me, if otherwise)

Here's where this enhancement currently stands:

  • KEP readme using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable for latest-milestone: 1.27
  • KEP readme has a updated detailed test plan section filled out
  • KEP readme has up to date graduation criteria
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

For this KEP, we would just need to update the following:

The status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@PushkarJ
Copy link
Member Author

PushkarJ commented Feb 8, 2023

Update it's test plan section to be in compliance with the latest KEP readme template
Add response for this question in the Scalability questionnaire of the KEP readme

@Atharva-Shinde thank you for the highlight on next steps. The testplan updates and the scalability question won't apply here as this is an out of tree enhancement i.e. we are not making changes to k/k

I am working on addressing others as part of #3828 Let me know if this PR needs any update to conform with latest template of README

@Atharva-Shinde
Copy link
Contributor

Hey again @PushkarJ
Please try to get the KEP PR #3828 (addressing the changes required), merged before tomorrow's Enhancement Freeze :)
The status of this enhancement is still marked as at risk

@Atharva-Shinde
Copy link
Contributor

Atharva-Shinde commented Feb 8, 2023

@Atharva-Shinde thank you for the highlight on next steps. The testplan updates and the scalability question won't apply here as this is an out of tree enhancement i.e. we are not making changes to k/k

I am working on addressing others as part of #3828 Let me know if this PR needs any update to conform with latest template of README

ack 👍

@marosset
Copy link
Contributor

marosset commented Feb 10, 2023

With #3828 merged this enhancement meets all the requirements to be tracked for v1.27
Thanks @PushkarJ!

@marosset marosset added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team tracked/out-of-tree Denotes an out-of-tree enhancement issue, which does not need to be tracked by the Release Team and removed tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team labels Feb 10, 2023
@sftim
Copy link
Contributor

sftim commented Feb 21, 2023

💭 we can - if we're sure we want to - publish our advisories to https://github.com/kubernetes/kubernetes/security/advisories

it's not as simple because we have lots of repos but only one official CVE ID list.

@sftim
Copy link
Contributor

sftim commented Feb 27, 2023

The CVE feed is now a valid JSON feed. See https://kubernetes.io/docs/reference/issues-security/official-cve-feed/

@PushkarJ
Copy link
Member Author

Yes @sftim !! Big 👍 to @mtardy

To clarify the feed was a valid JSON before too but didn't conform to JSONFeed Spec.

Now it is indeed valid: https://validator.jsonfeed.org/?url=https%3A%2F%2Fkubernetes.io%2Fdocs%2Freference%2Fissues-security%2Fofficial-cve-feed%2Findex.json

@Atharva-Shinde
Copy link
Contributor

Atharva-Shinde commented Mar 13, 2023

Hey again @PushkarJ 👋 Enhancements team here,
Just checking in as we approach 1.27 code freeze at 17:00 PDT on Tuesday 14th March 2023.
As this is an out of tree enhancement please ensure that all the PRs related to this KEP are linked in the Issue description.
And as always, we are here to help if any questions come up. Thanks!

@PushkarJ
Copy link
Member Author

Thank you @Atharva-Shinde. Updated the description to include all relevant PRs.

@mickeyboxell
Copy link

@PushkarJ was there a Docs PR opened against dev-1.27 branch in the k/website repo?

If not, please take a look at Documenting for a release - PR Ready for Review to get your PR ready for review as soon as possible. 01:00 UTC Wednesday 22nd March 2023 / 17:00 PDT Tuesday 21st March 2023 is the official deadline.

This PR will need a doc review by Tuesday 4th April 2023 to get this into the release. Please reach out to required SIGs to get their review. Thank you!

@mickeyboxell
Copy link

As discussed in Slack, this does not need a 1.27 Docs PR because its Docs PRs are targeted to master / main branch.

@Atharva-Shinde Atharva-Shinde removed this from the v1.27 milestone May 14, 2023
@Atharva-Shinde Atharva-Shinde removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team lead-opted-in Denotes that an issue has been opted in to a release labels May 14, 2023
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 20, 2024
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Feb 19, 2024
@tabbysable
Copy link
Member

/remove-lifecycle rotten

@k8s-ci-robot k8s-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Feb 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/security Categorizes an issue or PR as relevant to SIG Security. stage/beta Denotes an issue tracking an enhancement targeted for Beta status tracked/out-of-tree Denotes an out-of-tree enhancement issue, which does not need to be tracked by the Release Team
Projects
Status: Tracked
sig-security-tracker
Umbrella issues
Development

No branches or pull requests