Skip to content

Commit

Permalink
Merge pull request #8333 from gjtempleton/CoreDNS-1.6.6
Browse files Browse the repository at this point in the history 
CoreDNS default image bump to 1.6.6 to resolve CVE
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Jan 27, 2020
2 parents 82b3bd5 + d15971e commit 1860e40
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 12 deletions.
12 changes: 4 additions & 8 deletions upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.12.yaml.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,9 @@ data:
{{- else }}
.:53 {
errors
health
health {
lameduck 5s
}
kubernetes {{ KubeDNS.Domain }}. in-addr.arpa ip6.arpa {
pods insecure
upstream
Expand Down Expand Up @@ -165,7 +167,7 @@ spec:
beta.kubernetes.io/os: linux
containers:
- name: coredns
image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}k8s.gcr.io/coredns:1.3.1{{ end }}
image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}k8s.gcr.io/coredns:1.6.6{{ end }}
imagePullPolicy: IfNotPresent
resources:
limits:
Expand All @@ -175,9 +177,6 @@ spec:
memory: {{ KubeDNS.MemoryRequest }}
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
# Workaround for 1.3.1 bug, can be removed after bumping to 1.4+. See: https://github.com/coredns/coredns/pull/2529
- name: tmp
mountPath: /tmp
- name: config-volume
mountPath: /etc/coredns
readOnly: true
Expand Down Expand Up @@ -215,9 +214,6 @@ spec:
scheme: HTTP
dnsPolicy: Default
volumes:
# Workaround for 1.3.1 bug, can be removed after bumping to 1.4+. See: https://github.com/coredns/coredns/pull/2529
- name: tmp
emptyDir: {}
- name: config-volume
configMap:
name: coredns
Expand Down
6 changes: 4 additions & 2 deletions upup/models/cloudup/resources/addons/coredns.addons.k8s.io/k8s-1.6.yaml.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,9 @@ data:
{{- else }}
.:53 {
errors
health
health {
lameduck 5s
}
kubernetes {{ KubeDNS.Domain }}. in-addr.arpa ip6.arpa {
pods insecure
upstream
Expand Down Expand Up @@ -111,7 +113,7 @@ spec:
beta.kubernetes.io/os: linux
containers:
- name: coredns
image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}k8s.gcr.io/coredns:1.3.1{{ end }}
image: {{ if KubeDNS.CoreDNSImage }}{{ KubeDNS.CoreDNSImage }}{{ else }}k8s.gcr.io/coredns:1.6.6{{ end }}
imagePullPolicy: IfNotPresent
resources:
limits:
Expand Down
4 changes: 2 additions & 2 deletions upup/pkg/fi/cloudup/bootstrapchannelbuilder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -285,7 +285,7 @@ func (b *BootstrapChannelBuilder) buildAddons() *channelsapi.Addons {
if kubeDNS.Provider == "CoreDNS" {
{
key := "coredns.addons.k8s.io"
version := "1.3.1-kops.5"
version := "1.6.6-kops.1"

{
location := key + "/k8s-1.6.yaml"
Expand All @@ -304,7 +304,7 @@ func (b *BootstrapChannelBuilder) buildAddons() *channelsapi.Addons {

{
key := "coredns.addons.k8s.io"
version := "1.3.1-kops.5"
version := "1.6.6-kops.1"

{
location := key + "/k8s-1.12.yaml"
Expand Down

0 comments on commit 1860e40

Please sign in to comment.