search

medik8s / node-healthcheck-operator

K8s Node Health Check Operator
Apache License 2.0
91 stars 18 forks source link

Upgrade kube-rbac-proxy image to v0.15.0 and disable HTTP/2 #262

Closed slintes closed 12 months ago

slintes commented 12 months ago

The kube-rbac-proxy image was upgraded to version v0.15.0 in both manager_auth_proxy_patch.yaml and node-healthcheck-operator.clusterserviceversion.yaml. Additionally, a new argument was added to disable HTTP/2 to increase security levels following a recently discovered vulnerability.

openshift-ci[bot] commented 12 months ago

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

slintes commented 12 months ago

/cherry-pick release-0.6

don't merge it though yet, wait what we get downstream...

openshift-cherrypick-robot commented 12 months ago

@slintes: once the present PR merges, I will cherry-pick it on top of release-0.6 in a new PR and assign it to you.

In response to [this](https://github.com/medik8s/node-healthcheck-operator/pull/262#issuecomment-1775548371): >/cherry-pick release-0.6 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
slintes commented 12 months ago

/test 4.13-e2e

openshift-ci[bot] commented 12 months ago

@slintes: The specified target(s) for /test were not found. The following commands are available to trigger required jobs:

Use /test all to run all jobs.

In response to [this](https://github.com/medik8s/node-healthcheck-operator/pull/262#issuecomment-1775550307): >/test 4.13-e2e Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
slintes commented 12 months ago

/test 4.13-openshift-e2e

slintes commented 12 months ago

/override e2e-k8s

openshift-ci[bot] commented 12 months ago

@slintes: Overrode contexts on behalf of slintes: e2e-k8s

In response to [this](https://github.com/medik8s/node-healthcheck-operator/pull/262#issuecomment-1775700302): >/override e2e-k8s Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
slintes commented 12 months ago

/retest

openshift-ci[bot] commented 12 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: clobrano, slintes

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/medik8s/node-healthcheck-operator/blob/main/OWNERS)~~ [clobrano,slintes] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-cherrypick-robot commented 12 months ago

@slintes: new pull request created: #263

In response to [this](https://github.com/medik8s/node-healthcheck-operator/pull/262#issuecomment-1775548371): >/cherry-pick release-0.6 > >don't merge it though yet, wait what we get downstream... Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
slintes commented 12 months ago

/cherry-pick release-0.4

openshift-cherrypick-robot commented 12 months ago

@slintes: #262 failed to apply on top of branch "release-0.4":

Applying: Upgrade kube-rbac-proxy image to v0.15.0 and disable HTTP/2
Using index info to reconstruct a base tree...
M   bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
M   config/default/manager_auth_proxy_patch.yaml
Falling back to patching base and 3-way merge...
Auto-merging config/default/manager_auth_proxy_patch.yaml
CONFLICT (content): Merge conflict in config/default/manager_auth_proxy_patch.yaml
Auto-merging bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
CONFLICT (content): Merge conflict in bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Upgrade kube-rbac-proxy image to v0.15.0 and disable HTTP/2
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to [this](https://github.com/medik8s/node-healthcheck-operator/pull/262#issuecomment-1776868654): >/cherry-pick release-0.4 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.