Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update golang crypto to 0.31.0 #3825

Merged
merged 1 commit into from
Dec 13, 2024
Merged

update golang crypto to 0.31.0 #3825

merged 1 commit into from
Dec 13, 2024

Conversation

kannon92
Copy link
Contributor

What type of PR is this?

/kind bug

What this PR does / why we need it:

CVE scanners are flagging this now.

golang/go#70779

CVE-2024-45337

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

NONE

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/bug Categorizes issue or PR as related to a bug. labels Dec 12, 2024
@k8s-ci-robot k8s-ci-robot requested review from mimowo and trasc December 12, 2024 20:34
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Dec 12, 2024
@netlify Netlify
Copy link

netlify bot commented Dec 12, 2024
edited
Loading

Deploy Preview for kubernetes-sigs-kueue ready!

Name Link
🔨 Latest commit da61f77
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-sigs-kueue/deploys/675b48cee65bd700086eaefa
😎 Deploy Preview https://deploy-preview-3825--kubernetes-sigs-kueue.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@kannon92
Copy link
Contributor Author

/hold

Going to test kueue-viz first.

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 12, 2024
@kannon92
Copy link
Contributor Author

hmm. I am having trouble getting kueue-viz to work without this PR on latest main.

@kannon92
Copy link
Contributor Author

okay. I think that was just user error.

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 12, 2024
@mimowo
Copy link
Contributor

mimowo commented Dec 13, 2024

/lgtm
/approve
Thank you!

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 13, 2024
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 8bf99a50663b7d1e2811fa927717bf424bf8201a

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kannon92, mimowo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 13, 2024
@mimowo
Copy link
Contributor

mimowo commented Dec 13, 2024

/cherry-pick release-0.9 release-0.8
As a security fix I'm including it on both release branches.

@k8s-infra-cherrypick-robot
Copy link
Contributor

@mimowo: once the present PR merges, I will cherry-pick it on top of release-0.9 in a new PR and assign it to you.

In response to this:

/cherry-pick release-0.9 release-0.8
As a security fix I'm including it on both release branches.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot merged commit cc65f7e into kubernetes-sigs:main Dec 13, 2024
16 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v0.10 milestone Dec 13, 2024
@k8s-infra-cherrypick-robot
Copy link
Contributor

@mimowo: #3825 failed to apply on top of branch "release-0.9":

Applying: update golang crypto to 0.31.0
Using index info to reconstruct a base tree...
A	cmd/experimental/kueue-viz/backend/go.mod
A	cmd/experimental/kueue-viz/backend/go.sum
M	go.mod
M	go.sum
M	hack/internal/tools/go.mod
M	hack/internal/tools/go.sum
M	vendor/modules.txt
Falling back to patching base and 3-way merge...
Auto-merging vendor/modules.txt
Auto-merging hack/internal/tools/go.sum
CONFLICT (content): Merge conflict in hack/internal/tools/go.sum
Auto-merging hack/internal/tools/go.mod
CONFLICT (content): Merge conflict in hack/internal/tools/go.mod
Auto-merging go.sum
CONFLICT (content): Merge conflict in go.sum
Auto-merging go.mod
CONFLICT (content): Merge conflict in go.mod
CONFLICT (modify/delete): cmd/experimental/kueue-viz/backend/go.sum deleted in HEAD and modified in update golang crypto to 0.31.0. Version update golang crypto to 0.31.0 of cmd/experimental/kueue-viz/backend/go.sum left in tree.
CONFLICT (modify/delete): cmd/experimental/kueue-viz/backend/go.mod deleted in HEAD and modified in update golang crypto to 0.31.0. Version update golang crypto to 0.31.0 of cmd/experimental/kueue-viz/backend/go.mod left in tree.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 update golang crypto to 0.31.0

In response to this:

/cherry-pick release-0.9 release-0.8
As a security fix I'm including it on both release branches.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@mimowo
Copy link
Contributor

mimowo commented Dec 13, 2024

@kannon92 please prepare the cherry-picks

kannon92 added a commit to openshift/kubernetes-sigs-kueue that referenced this pull request Dec 13, 2024
@kannon92 @mykysha
@mbobrovskyi @dgrove-oss @mimowo @dependabot @PBundyra @TusharMohapatra07 @yaroslava-serdiuk @mszadkow @dweineha @mmolisch @akram @troychiu @KPostOffice @7h3-3mp7y-m4n @tenzen-y
Sync with main - Dec 13th (#22)
3f80cb0 
* chore: use variadic function to set levels in TopologyWrapper (kubernetes-sigs#3744)

* Use QueueNameForObject in StatefulSet Webhook. (kubernetes-sigs#3752)

* TAS: Support rank-based ordering for StatefulSet. (kubernetes-sigs#3751)

* TAS: Support rank-based ordering for StatefulSet.

* Review remarks.

* Sort labels and annotations. (kubernetes-sigs#3753)

* document manageJobsNamespaceSelector (kubernetes-sigs#3748)

* document manageJobsNamespaceSelector

* Apply suggestions from code review

Co-authored-by: Michał Woźniak <[email protected]>

* use full name for queue-name label

---------

Co-authored-by: Michał Woźniak <[email protected]>

* performance optimization: only copy back when changes are made (kubernetes-sigs#3766)

* managedJobsNamespaceSelector for Deployment, StatefulSets, and Pods (kubernetes-sigs#3765)

* managedJobsNamespaceSelector for deployment and statefulset

* normalize manageJobsWithoutQueueName logic in pod webhook

* refactor to use common helper function

* unit tests for WorkloadShouldBeSuspended

* linter fixes

* add test for job owned by kueue managed parent

* bug fix in deployment/statefulset webhooks

* Bump github.com/mikefarah/yq/v4 in /hack/internal/tools (kubernetes-sigs#3768)

Bumps [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) from 4.44.5 to 4.44.6.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.44.5...v4.44.6)

---
updated-dependencies:
- dependency-name: github.com/mikefarah/yq/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove Denkensk from Kueue reviewers (kubernetes-sigs#3771)

* Replace time.Now() with clock.Now() in pkg/core (kubernetes-sigs#3773)

* add clock field to ClusterQueueReconciler
and propagate clock into it

* replace time.Now with Now() in ClusterQueueReconciler

* fix lint errors

* Implement default LocalQueue (kubernetes-sigs#3610)

* Make sure test does not flake. (kubernetes-sigs#3734)

* Refresh Kueue roadmap on the main page for 2025 (kubernetes-sigs#3763)

* Refresh Kueue roadmap on the main page

* Graduate the API to v1

* Review remarks

* use node 22 instead of node 16 (kubernetes-sigs#3777)

* README.md: Fix some minor typos (kubernetes-sigs#3781)

Fix some minor typos in README.md.

Signed-off-by: David Weinehall <[email protected]>

* Add documentation for ProvReqRetry mechanism (kubernetes-sigs#3774)

* Add doc for ProvReqRetry mechanism

* Fix formula

* Delete feature gate note as it's deprecated

* Configure dependabot for kueue-viz. (kubernetes-sigs#3780)

* Bump node from 22 to 23 in /cmd/experimental/kueue-viz/frontend (kubernetes-sigs#3784)

Bumps node from 22 to 23.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/onsi/gomega from 1.36.0 to 1.36.1 (kubernetes-sigs#3786)

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.36.0 to 1.36.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.36.0...v1.36.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-toastify in /cmd/experimental/kueue-viz/frontend (kubernetes-sigs#3787)

Bumps [react-toastify](https://github.com/fkhadra/react-toastify) from 9.1.3 to 10.0.6.
- [Release notes](https://github.com/fkhadra/react-toastify/releases)
- [Commits](fkhadra/react-toastify@v9.1.3...v10.0.6)

---
updated-dependencies:
- dependency-name: react-toastify
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react-chartjs-2 in /cmd/experimental/kueue-viz/frontend (kubernetes-sigs#3788)

Bumps [react-chartjs-2](https://github.com/reactchartjs/react-chartjs-2) from 4.3.1 to 5.0.0.
- [Release notes](https://github.com/reactchartjs/react-chartjs-2/releases)
- [Changelog](https://github.com/reactchartjs/react-chartjs-2/blob/master/CHANGELOG.md)
- [Commits](reactchartjs/react-chartjs-2@v4.3.1...v5.0.0)

---
updated-dependencies:
- dependency-name: react-chartjs-2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/gohugoio/hugo in /hack/internal/tools (kubernetes-sigs#3789)

Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.139.3 to 0.139.4.
- [Release notes](https://github.com/gohugoio/hugo/releases)
- [Changelog](https://github.com/gohugoio/hugo/blob/master/hugoreleaser.toml)
- [Commits](gohugoio/hugo@v0.139.3...v0.139.4)

---
updated-dependencies:
- dependency-name: github.com/gohugoio/hugo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump axios from 0.27.2 to 1.7.9 in /cmd/experimental/kueue-viz/frontend (kubernetes-sigs#3790)

Bumps [axios](https://github.com/axios/axios) from 0.27.2 to 1.7.9.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.27.2...v1.7.9)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump react from 18.3.1 to 19.0.0 in /cmd/experimental/kueue-viz/frontend (kubernetes-sigs#3791)

Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 18.3.1 to 19.0.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.0.0/packages/react)

---
updated-dependencies:
- dependency-name: react
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump babel/plugin-proposal-private-property-in-object (kubernetes-sigs#3793)

Bumps the all group in /cmd/experimental/kueue-viz/frontend with 1 update: [babel/plugin-proposal-private-property-in-object](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-private-property-in-object).

Updates `babel/plugin-proposal-private-property-in-object` from 7.18.6 to 7.21.11
- [Release notes](https://github.com/babel/babel/releases)
- [Commits](https://github.com/babel/babel/commits/HEAD/packages/babel-plugin-proposal-private-property-in-object)

---
updated-dependencies:
- dependency-name: "babel/plugin-proposal-private-property-in-object"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* [website] Add Innovatrics adopter (kubernetes-sigs#3800)

* Migrate to React 19 (kubernetes-sigs#3799)

* Update resource group example (kubernetes-sigs#3806)

Signed-off-by: Troy Chiu <[email protected]>

* Do not default the queue-name for jobs with kueue managed owners (kubernetes-sigs#3795)

* chore: add default topologies for tests (kubernetes-sigs#3769)

* Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group (kubernetes-sigs#3808)

Bumps the all group with 1 update: [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/setup-go` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@41dfa10...3041bf5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add configuration for setting feature gates (kubernetes-sigs#3805)

* generate should generate kueuectl and apiref rather than verify (kubernetes-sigs#3810)

* update kuberbac proxy defaults (kubernetes-sigs#3811)

* fix default suspension of Deployment/StatefulSet with Kueue-managed owners (kubernetes-sigs#3803)

* fix deployment and statefulset setup so ownership works

* enable deployment/statefulset to be recognized as child jobs

* fix typo in rbacs

* adjust podwebhook warning for forced suspension

* redesign special pod/deployment/statefulset ownership logic

* revert trivial change

* linter fix

* nit: grammar

* Deactivate ClusterQueue if there is no Topology (kubernetes-sigs#3770)

* Deactivate ClusterQueue if there is no Topology

* Review remarks

* Use lock when accessing IsIntegrationEnabled (kubernetes-sigs#3814)

* Add kueue.x-k8s.io/pod-suspending-parent to the documentation page. (kubernetes-sigs#3816)

* Use annotation rather than label for serving workloads (kubernetes-sigs#3815)

* Documentation for LocalQueueDefaulting (kubernetes-sigs#3783)

Update site/content/en/docs/reference/labels-and-annotations.md

Co-authored-by: Michał Woźniak <[email protected]>

* avoid hardcoding framework names in pod wehook  (kubernetes-sigs#3817)

* remove hardcoding in pod webhook using GVK to look up framework

* add unit tests

* typo: match function name in comment

* update Pod integration docs to prefer managedJobsNamespaceSelector (kubernetes-sigs#3828)

* add section to metrics with (alpha) LQ metrics (kubernetes-sigs#3826)

Signed-off-by: Kevin <[email protected]>

* Added Log output for LocalQueue and ClusterQueue (kubernetes-sigs#3605)

* Added Log output for LocalQueue and ClusterQueue

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* Added changes

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* added println

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* updated the log output using default error

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* Added test case

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* Added changes

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* Adding return statements for ci-lint

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* removed comments

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

---------

Signed-off-by: 7h3-3mp7y-m4n <[email protected]>

* update golang crypto to 0.31.0 (kubernetes-sigs#3825)

* drop pod taints toleration from kueue repo (kubernetes-sigs#3834)

* Check if unexpected errors did not occur in queue unit testings (kubernetes-sigs#3838)

Signed-off-by: Yuki Iwai <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: David Weinehall <[email protected]>
Signed-off-by: Troy Chiu <[email protected]>
Signed-off-by: Kevin <[email protected]>
Signed-off-by: 7h3-3mp7y-m4n <[email protected]>
Signed-off-by: Yuki Iwai <[email protected]>
Co-authored-by: Mykyta Derhunov <[email protected]>
Co-authored-by: Mykhailo Bobrovskyi <[email protected]>
Co-authored-by: David Grove <[email protected]>
Co-authored-by: Michał Woźniak <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patryk Bundyra <[email protected]>
Co-authored-by: Tushar Mohapatra <[email protected]>
Co-authored-by: Yaroslava Serdiuk <[email protected]>
Co-authored-by: Michał Szadkowski <[email protected]>
Co-authored-by: David Weinehall <[email protected]>
Co-authored-by: mmolisch <[email protected]>
Co-authored-by: Akram Ben Aissi <[email protected]>
Co-authored-by: Troy Chiu <[email protected]>
Co-authored-by: Kevin Postlethwait <[email protected]>
Co-authored-by: 7h3-3mp7y-m4n <[email protected]>
Co-authored-by: Yuki Iwai <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mimowo mimowo Awaiting requested review from mimowo

@trasc trasc Awaiting requested review from trasc

Assignees

@mimowo mimowo

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
v0.10
Development

Successfully merging this pull request may close these issues.
4 participants
@kannon92 @mimowo @k8s-ci-robot @k8s-infra-cherrypick-robot