Open dave-tucker opened 1 month ago
@rootfs can you shed some light on what these are for?
They are showing up on PR as failing checks for $reasons. After I got access to see what is going on some of it was valid and some of it was utter nonsense. If they can't reliably pass/fail and give clear instructions on remediation they should be removed from the PR CI jobs. They could be run as part of a the scheduled build though.
Noting that Snyk is hallucinating hard on #1538
github.com/hashicorp/go-version
which is MPL-2.0. It is nowhere in our dependency tree.
Then its complaining about vulnerabilities in github.com/docker/docker/integration/network/macvlan
, github.com/docker/docker/integration/network/ipvlan
, github.com/docker/docker/integration/networking
, and github.com/docker/docker/libnetwork/osl
which also aren’t in our dependency treeI'm going to change the webhook to only run on main
for now until we can figure out what is up
What happened?
1438 failed CI on the Snyk checks.
There is no information available for:
What did you expect to happen?
If CI is failing, I expect to get some signal as to what is wrong and how it can be fixed.
How can we reproduce it (as minimally and precisely as possible)?
N/A
Anything else we need to know?
No response
Kepler image tag
Kubernetes version
Cloud provider or bare metal
OS version
Install tools
Kepler deployment config
Container runtime (CRI) and version (if applicable)
Related plugins (CNI, CSI, ...) and versions (if applicable)