Update to fluentd-gcp:1.28.3, rebased on ubuntu-slim:0.8

[ixdy]

What this PR does / why we need it: similar to previous fixes here - rebasing the fluentd-gcp image to fix CVEs in upstream dependencies. #43927 is a parallel change for release-1.4.

Fixes the following CVEs:

• CVE-2016-5417 (MEDIUM)
• CVE-2016-6323 (MEDIUM)
• CVE-2016-1234 (MEDIUM)
• CVE-2016-4429 (HIGH)
• CVE-2016-3706 (MEDIUM)
• CVE-2017-6507 (MEDIUM)

Special notes for your reviewer:
fliuentd-gcp:1.28.3 is not yet pushed.

Release note:

/assign @mwielgus @crassirostris
/cc @timstclair

[k8s-reviewable]

This change is 

[ixdy]

It looks like there's already a 1.28.3 tag for fluentd-gcp, though I have no idea where it came from. :\

bdd3233f4460  1.28.3         2017-02-16T10:46:14

Looks like it was built by @crassirostris.

[crassirostris]

@ixdy Mmmm. It's not used anywhere, so please push over it. I can't remember how it got there, but I'm sure my mistake. Sorry for that!

[ixdy]

OK, new gcr.io/google-containers/fluentd-gcp:1.28.3 pushed.
@k8s-bot test this

[ixdy]

ping?

[crassirostris]

@ixdy Sorry for the late reply. You changed google_containers to google-containers in Makefile, but not in spec. Will it work?

[ixdy]

As far as the registry is concerned, google-containers and google_containers are equivalent. In old versions of docker, dashes were not supported, which is why we have used google_containers, but now some tools (like gcloud container images) don't recognize google_containers, only google-containers.

Modern versions of docker handle google-containers fine, so I've been slowly updating references to use it for consistency. I'm hesitant to update it in the specs for release branches, though, since I'm not entirely sure which version of docker runs in these clusters. (Though 1.5 would probably be safe to update.)

[crassirostris]

Awesome, thanks for the explanation!

/lgtm
/approve

[ixdy]

I just checked and docker 1.9.1 supports both google-containers and google_containers, so we'd probably be safe to switch all recent releases.

[mwielgus]

@ixdy This PR is missing an approval.

[ixdy]

indeed it is. @eparis @mikedanese @roberthbailey @zmerlynn can one of you help me out?

[eparis]

/approve

[k8s-github-robot]

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

[roberthbailey]

/lgtm
/approve

[k8s-github-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: crassirostris, eparis, ixdy, roberthbailey

Needs approval from an approver in each of these OWNERS Files:

• cluster/OWNERS [eparis,roberthbailey]

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

[k8s-github-robot]

Automatic merge from submit-queue

[k8s-cherrypick-bot]

Commit found in the "release-1.5" branch appears to be this PR. Removing the "cherrypick-candidate" label. If this is an error find help to get your PR picked.