New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

release-1.11: update to debian-base 0.3.2, debian-iptables v10.2 and hyperkube-base 0.10.2 #67460

Merged
merged 10 commits into from Oct 4, 2018

Conversation

@ixdy
Member

ixdy commented Aug 15, 2018

Cherry pick of #67026 #67222 #67283 #67365 #68764 #68769 #68801 on release-1.11.

#67026: Upgrade debian-base to 0.3.1 for CVEs
#67222: ensure qemu-ARCH-static binary is world readable and
#67283: Add missing tmpdir path to chmod
#67365: Update to debian-iptables v10.1 and hyperkube-base 0.10.1
#68764: Install netbase in debian-iptables and debian-hyperkube-base as it is needed by ipvs
#68769: Update to use debian-iptables v10.2 and debian-hyperkube-base
#68801: bazel: update debian-iptables and debian-hyperkube-base

Fixes #68703

Update to use debian-iptables v10.2 and debian-hyperkube-base 0.10.2 with upstream security fixes, and install netbase in these images, as it is needed by ipvs.
@k8s-merge-robot

This comment has been minimized.

Show comment
Hide comment
@k8s-merge-robot

k8s-merge-robot Aug 15, 2018

Contributor

This PR is not for the master branch but does not have the cherrypick-approved label. Adding the do-not-merge/cherry-pick-not-approved label.

Contributor

k8s-merge-robot commented Aug 15, 2018

This PR is not for the master branch but does not have the cherrypick-approved label. Adding the do-not-merge/cherry-pick-not-approved label.

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 15, 2018

Member

actually, I think I only want to cherry-pick ##67365.

/close

Member

ixdy commented Aug 15, 2018

actually, I think I only want to cherry-pick ##67365.

/close

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 15, 2018

Member

/reopen

nah, this still seems easiest, probably.

Member

ixdy commented Aug 15, 2018

/reopen

nah, this still seems easiest, probably.

@k8s-ci-robot k8s-ci-robot reopened this Aug 15, 2018

@ixdy ixdy changed the title from Automated cherry pick of #67026: Upgrade debian-base to 0.3.1 for CVEs #67222: ensure qemu-ARCH-static binary is world readable and #67283: Add missing tmpdir path to chmod #67365: Update to debian-iptables v10.1 and hyperkube-base 0.10.1 to release-1.11: update to debian-base 0.3.2, debian-iptables v10.1 and hyperkubebase 0.10.1 Aug 15, 2018

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 15, 2018

Member

/assign @tallclair
cc @satyasm

Member

ixdy commented Aug 15, 2018

/assign @tallclair
cc @satyasm

@tallclair

This comment has been minimized.

Show comment
Hide comment
@tallclair

tallclair Aug 15, 2018

Member

/lgtm
Thanks!

Member

tallclair commented Aug 15, 2018

/lgtm
Thanks!

@k8s-ci-robot k8s-ci-robot added the lgtm label Aug 15, 2018

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 20, 2018

Member

/retest

Member

ixdy commented Aug 20, 2018

/retest

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 20, 2018

Member

/retest

Member

ixdy commented Aug 20, 2018

/retest

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Aug 21, 2018

Member

/retest

Member

ixdy commented Aug 21, 2018

/retest

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Sep 18, 2018

Member

/hold cancel

Additional cherry-picks added to fix the linked issue.

Member

ixdy commented Sep 18, 2018

/hold cancel

Additional cherry-picks added to fix the linked issue.

@ixdy ixdy changed the title from release-1.11: update to debian-base 0.3.2, debian-iptables v10.1 and hyperkubebase 0.10.1 to release-1.11: update to debian-base 0.3.2, debian-iptables v10.2 and hyperkubebase 0.10.2 Sep 18, 2018

@ixdy ixdy changed the title from release-1.11: update to debian-base 0.3.2, debian-iptables v10.2 and hyperkubebase 0.10.2 to release-1.11: update to debian-base 0.3.2, debian-iptables v10.2 and hyperkube-base 0.10.2 Sep 18, 2018

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Sep 20, 2018

Member

PTAL? this needs re-LGTM

Member

ixdy commented Sep 20, 2018

PTAL? this needs re-LGTM

@tallclair

This comment has been minimized.

Show comment
Hide comment
@tallclair

tallclair Sep 20, 2018

Member

/lgtm

Member

tallclair commented Sep 20, 2018

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm label Sep 20, 2018

@k8s-ci-robot

This comment has been minimized.

Show comment
Hide comment
@k8s-ci-robot

k8s-ci-robot Sep 20, 2018

Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ixdy, tallclair

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Contributor

k8s-ci-robot commented Sep 20, 2018

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ixdy, tallclair

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@nikhita

This comment has been minimized.

Show comment
Hide comment
@nikhita

nikhita Sep 25, 2018

Member

/sig release
/kind bug

/assign @foxish
for cherry-pick approval

Member

nikhita commented Sep 25, 2018

/sig release
/kind bug

/assign @foxish
for cherry-pick approval

@nikhita

This comment has been minimized.

Show comment
Hide comment
@nikhita

nikhita Sep 25, 2018

Member

@ixdy looks like this needs a release note.

Member

nikhita commented Sep 25, 2018

@ixdy looks like this needs a release note.

@ixdy

This comment has been minimized.

Show comment
Hide comment
@ixdy

ixdy Oct 2, 2018

Member

added a release note. This fixes issue #68703 for 1.11.

Member

ixdy commented Oct 2, 2018

added a release note. This fixes issue #68703 for 1.11.

@fejta-bot

This comment has been minimized.

Show comment
Hide comment
@fejta-bot

fejta-bot Oct 4, 2018

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel comment for consistent failures.

fejta-bot commented Oct 4, 2018

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel comment for consistent failures.

@k8s-ci-robot k8s-ci-robot merged commit e920cf3 into kubernetes:release-1.11 Oct 4, 2018

18 checks passed

cla/linuxfoundation ixdy authorized
Details
pull-kubernetes-bazel-build Job succeeded.
Details
pull-kubernetes-bazel-test Job succeeded.
Details
pull-kubernetes-cross Job succeeded.
Details
pull-kubernetes-e2e-gce Job succeeded.
Details
pull-kubernetes-e2e-gce-100-performance Skipped
pull-kubernetes-e2e-gce-device-plugin-gpu Job succeeded.
Details
pull-kubernetes-e2e-gke Skipped
pull-kubernetes-e2e-kops-aws Job succeeded.
Details
pull-kubernetes-e2e-kubeadm-gce Skipped
pull-kubernetes-integration Job succeeded.
Details
pull-kubernetes-kubemark-e2e-gce-big Job succeeded.
Details
pull-kubernetes-local-e2e Skipped
pull-kubernetes-local-e2e-containerized Skipped
pull-kubernetes-node-e2e Job succeeded.
Details
pull-kubernetes-typecheck Job succeeded.
Details
pull-kubernetes-verify Job succeeded.
Details
tide In merge pool.
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment