Upgrade Alpine to 3.18 #5684
Merged
Upgrade Alpine to 3.18 #5684
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Daniel Sabsay <[email protected]>
Signed-off-by: Daniel Sabsay <[email protected]>
|
Hi @dsabsay, can you please add more description to the pr itself, what does this change fix? Thanks |
|
@yeya24 Added. |
|
LGTM |
alanprot
approved these changes
Nov 29, 2023
yeya24
approved these changes
Nov 30, 2023
yeya24
pushed a commit
to yeya24/cortex
that referenced
this pull request
Apr 23, 2024
* Upgrade Alpine to 3.18 Signed-off-by: Daniel Sabsay <[email protected]> * Update CHANGELOG.md Signed-off-by: Daniel Sabsay <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]>
friedrichg
added a commit
that referenced
this pull request
Apr 24, 2024
* Upgrade Alpine to 3.18 (#5684) * Upgrade Alpine to 3.18 Signed-off-by: Daniel Sabsay <[email protected]> * Update CHANGELOG.md Signed-off-by: Daniel Sabsay <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> * Upgrade to go 1.21.9 (#5879) * Upgrade to go 1.21.9 Signed-off-by: Friedrich Gonzalez <[email protected]> * Update changelog and workflows Signed-off-by: Friedrich Gonzalez <[email protected]> * Not use minor version for now. Needs more investigation Signed-off-by: Friedrich Gonzalez <[email protected]> * Update image again Signed-off-by: Friedrich Gonzalez <[email protected]> --------- Signed-off-by: Friedrich Gonzalez <[email protected]> * fix go version for integration tests (#5882) Signed-off-by: Friedrich Gonzalez <[email protected]> * include #5882 to changelog Signed-off-by: Ben Ye <[email protected]> try fixing lint Signed-off-by: Ben Ye <[email protected]> try again Signed-off-by: Ben Ye <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Signed-off-by: Friedrich Gonzalez <[email protected]> Signed-off-by: Ben Ye <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]>
yeya24
added a commit
that referenced
this pull request
Apr 25, 2024
* Cherrypick commits for 1.16.1 (#5885) * Upgrade Alpine to 3.18 (#5684) * Upgrade Alpine to 3.18 Signed-off-by: Daniel Sabsay <[email protected]> * Update CHANGELOG.md Signed-off-by: Daniel Sabsay <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> * Upgrade to go 1.21.9 (#5879) * Upgrade to go 1.21.9 Signed-off-by: Friedrich Gonzalez <[email protected]> * Update changelog and workflows Signed-off-by: Friedrich Gonzalez <[email protected]> * Not use minor version for now. Needs more investigation Signed-off-by: Friedrich Gonzalez <[email protected]> * Update image again Signed-off-by: Friedrich Gonzalez <[email protected]> --------- Signed-off-by: Friedrich Gonzalez <[email protected]> * fix go version for integration tests (#5882) Signed-off-by: Friedrich Gonzalez <[email protected]> * include #5882 to changelog Signed-off-by: Ben Ye <[email protected]> try fixing lint Signed-off-by: Ben Ye <[email protected]> try again Signed-off-by: Ben Ye <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Signed-off-by: Friedrich Gonzalez <[email protected]> Signed-off-by: Ben Ye <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]> * update changelog Signed-off-by: Ben Ye <[email protected]> --------- Signed-off-by: Daniel Sabsay <[email protected]> Signed-off-by: Friedrich Gonzalez <[email protected]> Signed-off-by: Ben Ye <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Daniel Sabsay <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does:
Upgrades Alpine to 3.18. Intended to fix several security vulnerabilities in alpine packages. In particular, Jfrog Xray is flagging
CVE-2022-48174. I'm unsure if it's correct, as the image has the latest busybox in 3.17. Regardless, it's much easier to upgrade to keep scans clean instead of tracking various false positives. I have some 3.18 images and this vuln does not show up.Which issue(s) this PR fixes:
None
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]