-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: update KubectlLayer with the latest security patches for Helm and remove deprecated python3.7 and nodejs14.x runtimes #623
feat: update KubectlLayer with the latest security patches for Helm and remove deprecated python3.7 and nodejs14.x runtimes #623
Conversation
LGTM
…On Sun, Mar 24, 2024 at 9:55 AM Vivek V. ***@***.***> wrote:
@pahud <https://github.com/pahud> @kaizencc <https://github.com/kaizencc>
@robertd <https://github.com/robertd> @udaypant
<https://github.com/udaypant> @cgarvis <https://github.com/cgarvis> can
you please review and approve this one ? The nodejs14 in aws-cdk-lib 2.28.0
is causing errors due to EOL when installing kubectl utility
—
Reply to this email directly, view it on GitHub
<#623 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAHWNZV5YZ4ZFFVQBUP5QTYZ4AQHAVCNFSM6AAAAABENCXKEKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBWGAYTSMBQHA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for making this change!
test/kubectl-layer.integ.snapshot/lambda-layer-kubectl-integ-stack.template.json
Outdated
Show resolved
Hide resolved
@pahud @kaizencc #566 - This was missed in previous release for v.129 -The golang bindings have not been published for 1.29. Appreciate if it can be published with this PR. https://github.com/cdklabs/awscdk-asset-kubectl/blob/kubectl-v29/main/CONTRIBUTING.md?plain=1#L55 If we decide to support the requested version, a maintainer will open a new branch, kubectl-vY/main |
this is something my team is running into right now with our GO cdk app, and we're following this closely. our stack uses an EKS construct and we set it up with k8s 1.29 but any stack updates we try to apply against that eks resource fails to update because of the kubectl layer differences, as the latest kubectl layer provided to go cdk is 1.21. This is causing our self-mutates to fail and the only way we can really update the stack when we touch the EKS resources is to do a destroy/deploy. If we could fix the kubectl layer bindings for go cdk... this would solve a big problem for us. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for making this change. Apologize for the delayed response.
Thanks @GavinZZ can you advise on this o "::error::Files were changed during build (see build log). If this was triggered from a fork, you will need to update your branch." |
Similar to #546, this PR adds kubectl 1.29.4 and Helm 3.14.4 security patch
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#changelog-since-v1293
https://github.com/helm/helm/releases/tag/v3.14.4
Fixes #588.
Fixes #752.
Removes the EOL python3.7 runtime in the integ test and upgrade nodejs14.0 to nodejs16.0 used in custom resource provider by upgrading aws-cdk-lib from 2.28.0 to 2.85.0 in the current branch, which addresses the usage of node 14 #25995