Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go version in images doesn't match local builds #6397

Closed
pit1sIBM opened this issue Apr 17, 2023 · 5 comments · Fixed by #6398
Closed

go version in images doesn't match local builds #6397

pit1sIBM opened this issue Apr 17, 2023 · 5 comments · Fixed by #6398
Assignees
@OchiengEd
Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
Milestone
v1.29.0

Comments

@pit1sIBM
Copy link
Contributor

Type of question

Open question

Question

What did you do?

Hello 👋 I was checking Go version used in the latest tags on quay.io when I noticed master is still using go 1.18.10

❯ docker run --rm -it --entrypoint ansible-operator quay.io/operator-framework/ansible-operator:master version
Unable to find image 'quay.io/operator-framework/ansible-operator:master' locally
master: Pulling from operator-framework/ansible-operator
...
Digest: sha256:8f06dbdd9f3dbcd8c6adca5ae2ddb22f74c906d35e7fcdfe55f2ff4ff7f46d2d
Status: Downloaded newer image for quay.io/operator-framework/ansible-operator:master
ansible-operator version: "v1.28.0-4-g82b28e85", commit: "82b28e85707d2448e1cdd385ce0444ea16e5eb75", kubernetes version: "v1.26.0", go version: "go1.18.10", GOOS: "linux", GOARCH: "amd64"

What did you expect to see?

I expected to see the same as when built locally, which is version 1.19.8

root@84c4c93d83ad:/tmp/operator-sdk# go version $(which ansible-operator)
/go/bin/ansible-operator: go1.19.8
root@84c4c93d83ad:/tmp/operator-sdk# ansible-operator version
ansible-operator version: "82b28e85", commit: "82b28e85707d2448e1cdd385ce0444ea16e5eb75", kubernetes version: "v1.26.0", go version: "go1.19.8", GOOS: "linux", GOARCH: "amd64"

What did you see instead? Under which circumstances?

Expected to see the same Go version used, however I see that the golang image in the Dockerfiles were not updated when the go.mod was updated

First time opening an issue and wasn't sure if this was intentional or not. I can update the images and docs if not.

Environment

Operator type:

Kubernetes cluster type:

$ operator-sdk version

$ go version (if language is Go)

$ kubectl version

Additional context

Go 1.18.10 has some CVEs tied to it that are resolved in the 1.19 stream so there may be an additional benefit to updating
@kensipe kensipe added the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Apr 17, 2023
@kensipe kensipe added this to the v1.30.0 milestone Apr 17, 2023
pit1sIBM added a commit to pit1sIBM/operator-sdk that referenced this issue Apr 17, 2023
@pit1sIBM
images: Bump golang to 1.19 for ansible-operator images
588263e 
Project uses 1.19 when building locally but still use 1.18 for images
pushed to Quay

Resolves operator-framework#6397
pit1sIBM added a commit to pit1sIBM/operator-sdk that referenced this issue Apr 17, 2023
@pit1sIBM
images: Bump golang base image to 1.19 for ansible-operator images
10ffac8 
Project uses 1.19 when building locally but still use 1.18 for images
pushed to Quay

Resolves operator-framework#6397
@pit1sIBM pit1sIBM mentioned this issue Apr 17, 2023
Merged
2 tasks
pit1sIBM added a commit to pit1sIBM/operator-sdk that referenced this issue Apr 17, 2023
@pit1sIBM
images: Bump golang base image to 1.19 for ansible-operator images
ebe1b6f 
Project uses 1.19 when building locally but still use 1.18 for images
pushed to Quay

Resolves operator-framework#6397

Signed-off-by: Zac Pitones <zac.pitones@ibm.com>
@pit1sIBM
Copy link
Contributor Author

@OchiengEd I opened a PR here (if it helps): #6398

@OchiengEd
Copy link
Contributor

@pit1sIBM Thank you for the heads up on the PR. Definitely helps

@simararneja
Copy link
Contributor

May I know what is blocking to deliver the PR connected to this issue ? There are lot of known vulnerabilities with Golang 1.18.

@OchiengEd
Copy link
Contributor

@simararneja I have changed the milestone to v1.30.0. I will try to get some eyes on this as well.

@varshaprasad96 varshaprasad96 modified the milestones: v1.30.0, v1.29.0 May 22, 2023
@pit1sIBM
Copy link
Contributor Author

Thanks all for taking a look, had a quick question that may require a separate issue. Should the images built using the golang image use the registry.redhat.io/rhel8/go-toolset image instead? AFAIK the golang image isn't FIPS-compliant, where the go-toolset image is.

I know previously a workaround was required for FIPS (see #5723) and that was resolved, but perhaps using the toolset image going forward (or tagging a separate image) would be beneficial?

@pit1sIBM pit1sIBM mentioned this issue May 31, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@OchiengEd OchiengEd

Labels
help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
Projects
None yet
Milestone
v1.29.0
Development

Successfully merging a pull request may close this issue.

Bump Golang version in ansible-operator images to 1.19 pit1sIBM/operator-sdk
5 participants
@kensipe @OchiengEd @simararneja @varshaprasad96 @pit1sIBM