search

openshift / origin-aggregated-logging

139 stars 230 forks source link

Updating kibana build to replace old version of handlebars with 4.7.7 #2120

Closed ewolinetz closed 3 years ago

ewolinetz commented 3 years ago

Description

Addresses CVEs found for Kibana6 container -- will link bz to 4.6 cherrypick version

/cc @jcantrill

/cherry-pick release-5.1

Links

jcantrill commented 3 years ago

I'm betting cpaas will not be able to accommodate this change. Can we vendor the new over the old?

jcantrill commented 3 years ago

The other option is longer and learn how to build in PNC

ewolinetz commented 3 years ago

/hold

ewolinetz commented 3 years ago

/test elastic-operator-e2e

ewolinetz commented 3 years ago

/retest

ewolinetz commented 3 years ago

I'm betting cpaas will not be able to accommodate this change. Can we vendor the new over the old?

@jcantrill can you expand on this?

jcantrill commented 3 years ago

I'm betting cpaas will not be able to accommodate this change. Can we vendor the new over the old?

@jcantrill can you expand on this?

This is attempting to install the dependency using npm which will inherently try to access the web. CPaaS and brew generally lock down pulling content from external sources so my expectation is this install step will fail.

ewolinetz commented 3 years ago

@jcantrill ack, i'll pull it down locally and then vendor it in as well

ewolinetz commented 3 years ago

@jcantrill thoughts on this latest approach, will CPaaS and brew work with this?

ewolinetz commented 3 years ago

/retest

ewolinetz commented 3 years ago

/refresh

openshift-ci-robot commented 3 years ago

@ewolinetz: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/clo-functional a898d1bb27fe6a382a02b49d792e03329b3f161d link /test clo-functional

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
jcantrill commented 3 years ago

/retest

openshift-ci[bot] commented 3 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ewolinetz, jcantrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/origin-aggregated-logging/blob/master/OWNERS)~~ [ewolinetz,jcantrill] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
ewolinetz commented 3 years ago

/hold cancel

ewolinetz commented 3 years ago

/cherry-pick release-5.1

ewolinetz commented 3 years ago

/cherry-pick release-4.6

openshift-cherrypick-robot commented 3 years ago

@ewolinetz: new pull request created: #2124

In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2120#issuecomment-847291357): >/cherry-pick release-5.1 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
openshift-cherrypick-robot commented 3 years ago

@ewolinetz: #2120 failed to apply on top of branch "release-4.6":

Applying: Updating kibana build to replace old version of handlebars with 4.7.7
.git/rebase-apply/patch:28414: trailing whitespace.
case 1: return $$[$0-1]; 
.git/rebase-apply/patch:28437: trailing whitespace.

.git/rebase-apply/patch:28446: trailing whitespace.

.git/rebase-apply/patch:28470: trailing whitespace.

.git/rebase-apply/patch:28490: trailing whitespace.

warning: squelched 387 whitespace errors
warning: 392 lines add whitespace errors.
Using index info to reconstruct a base tree...
M   kibana/Dockerfile
A   kibana/Dockerfile.in
M   kibana/module_list.sh
Falling back to patching base and 3-way merge...
Auto-merging kibana/module_list.sh
CONFLICT (modify/delete): kibana/Dockerfile.in deleted in HEAD and modified in Updating kibana build to replace old version of handlebars with 4.7.7. Version Updating kibana build to replace old version of handlebars with 4.7.7 of kibana/Dockerfile.in left in tree.
Auto-merging kibana/Dockerfile
CONFLICT (content): Merge conflict in kibana/Dockerfile
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Updating kibana build to replace old version of handlebars with 4.7.7
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2120#issuecomment-847291451): >/cherry-pick release-4.6 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.