Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842 #656

Merged
merged 1 commit into from
Feb 8, 2024
Merged

MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842 #656

merged 1 commit into from
Feb 8, 2024

Conversation

CrystalChun
Copy link
Contributor

https://issues.redhat.com/browse/MGMT-14226
Upgrades go dependency github.com/docker/docker to 20.10.24 to fix CVE. GHSA-33pg-m6jh-5237

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Feb 5, 2024
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 5, 2024
edited by openshift-ci bot
Loading

@CrystalChun: This pull request references MGMT-14226 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.16.0" version, but no target version was set.

In response to this:

https://issues.redhat.com/browse/MGMT-14226
Upgrades go dependency github.com/docker/docker to 20.10.24 to fix CVE. GHSA-33pg-m6jh-5237

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Feb 5, 2024
@codecov Codecov
Copy link

codecov bot commented Feb 5, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (1616af3) 60.54% compared to head (8254fe8) 60.48%.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #656      +/-   ##
==========================================
- Coverage   60.54%   60.48%   -0.06%     
==========================================
  Files          74       74              
  Lines        3662     3662              
==========================================
- Hits         2217     2215       -2     
- Misses       1289     1290       +1     
- Partials      156      157       +1

see 1 file with indirect coverage changes

@CrystalChun
Copy link
Contributor Author

/cc @gamli75

@openshift-ci openshift-ci bot requested a review from gamli75 February 5, 2024 22:18
@CrystalChun
Copy link
Contributor Author

/retest-required

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 5, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 5, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: CrystalChun, gamli75

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 5, 2024
@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 1616af3 and 2 for PR HEAD 8254fe8 in total

@eifrach
Copy link
Contributor

eifrach commented Feb 6, 2024

/test edge-subsystem-test

@gamli75
Copy link
Contributor

gamli75 commented Feb 7, 2024

/test e2e-agent-compact-ipv4

@CrystalChun
Copy link
Contributor Author

e2e-agent-compact-ipv4 is flaky and the agent team has said we could make it optional (slack thread) may the job be overridden?

@rccrdpccl
Copy link
Contributor

/override ci/prow/e2e-agent-compact-ipv4
irrelevant to this change

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 8, 2024

@rccrdpccl: Overrode contexts on behalf of rccrdpccl: ci/prow/e2e-agent-compact-ipv4

In response to this:

/override ci/prow/e2e-agent-compact-ipv4
irrelevant to this change

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 8, 2024

@CrystalChun: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-merge-bot openshift-merge-bot bot merged commit 9c1a371 into openshift:master Feb 8, 2024
10 checks passed
@openshift-bot
Copy link
Contributor

[ART PR BUILD NOTIFIER]

This PR has been included in build ose-agent-installer-node-agent-container-v4.16.0-202402081110.p0.g9c1a371.assembly.stream.el9 for distgit ose-agent-installer-node-agent.
All builds following this will include this PR.

@CrystalChun
Copy link
Contributor Author

/cherry-pick release-ocm-2.9

@openshift-cherrypick-robot
Copy link

@CrystalChun: #656 failed to apply on top of branch "release-ocm-2.9":

Applying: MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842
Using index info to reconstruct a base tree...
M	go.mod
M	go.sum
M	vendor/modules.txt
Falling back to patching base and 3-way merge...
Auto-merging vendor/modules.txt
CONFLICT (content): Merge conflict in vendor/modules.txt
Auto-merging go.sum
CONFLICT (content): Merge conflict in go.sum
Auto-merging go.mod
CONFLICT (content): Merge conflict in go.mod
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-ocm-2.9

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

CrystalChun added a commit to CrystalChun/assisted-installer-agent that referenced this pull request Feb 8, 2024
@CrystalChun
MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842 (openshift#656
556ca7d 
)

https://issues.redhat.com/browse/MGMT-14226
Upgrades go dependency github.com/docker/docker to 20.10.24 to fix CVE.
GHSA-33pg-m6jh-5237
@CrystalChun CrystalChun mentioned this pull request Feb 8, 2024
Merged
openshift-merge-bot bot pushed a commit that referenced this pull request Feb 9, 2024
@CrystalChun
MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842 (#656) (#657)
d1829a4 
https://issues.redhat.com/browse/MGMT-14226
Upgrades go dependency github.com/docker/docker to 20.10.24 to fix CVE.
GHSA-33pg-m6jh-5237
paul-maidment pushed a commit to paul-maidment/assisted-installer-agent that referenced this pull request Feb 14, 2024
@CrystalChun @paul-maidment
MGMT-14226: Upgrade docker to 20.10.24 for CVE-2023-28842 (openshift#656
6418673 
)

https://issues.redhat.com/browse/MGMT-14226
Upgrades go dependency github.com/docker/docker to 20.10.24 to fix CVE.
GHSA-33pg-m6jh-5237
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gamli75 gamli75 gamli75 approved these changes

@avishayt avishayt Awaiting requested review from avishayt

@paul-maidment paul-maidment Awaiting requested review from paul-maidment

Assignees

@gamli75 gamli75

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@CrystalChun @openshift-ci-robot @eifrach @gamli75 @rccrdpccl @openshift-bot @openshift-cherrypick-robot