search

kubernetes / cloud-provider-aws

Cloud provider for AWS
https://cloud-provider-aws.sigs.k8s.io/
Apache License 2.0
395 stars 302 forks source link

update the go version #709

Closed kmala closed 1 year ago

kmala commented 1 year ago

Bump the go version which contains the security fixes for CVE-2023-39325.

k8s-ci-robot commented 1 year ago

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 1 year ago

This issue is currently awaiting triage.

If cloud-provider-aws contributors determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 1 year ago

Hi @kmala. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 1 year ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign jaypipes for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes/cloud-provider-aws/blob/release-1.26/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
wongma7 commented 1 year ago

/ok-to-test

hakman commented 1 year ago

The correct way to do this is to create a PR in the main branch and then cherry-pick it. Also, there is another place to change: https://github.com/kubernetes/cloud-provider-aws/blob/351d1234e47bca89a92f0f5a3b574c9c02586aef/cloudbuild.yaml#L20 /hold

kmala commented 1 year ago

The correct way to do this is to create a PR in the main branch and then cherry-pick it.

Yes, i understand it but the master is not having issue as it is updated to 1.21 version and i don't think we want to update the minor version go for older versions. Even the upstream update is done in similar way https://github.com/kubernetes/kubernetes/pull/121151 https://github.com/kubernetes/cloud-provider-aws/blob/master/Dockerfile#L17

Also, there is another place to change:

this change is not in 1.26

cartermckinnon commented 1 year ago

i don't think we want to update the minor version go for older versions.

You've updated from 1.19 to 1.20 here, though; so why not just take everything to 1.21?

cartermckinnon commented 1 year ago

/close

k8s-ci-robot commented 1 year ago

@cartermckinnon: Closed this PR.

In response to [this](https://github.com/kubernetes/cloud-provider-aws/pull/709#issuecomment-1791063721): >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.