Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade golang to 1.22.5 #8600

Merged
merged 3 commits into from
Jul 4, 2024
Merged

Upgrade golang to 1.22.5 #8600

merged 3 commits into from
Jul 4, 2024

Conversation

dimitarvdimitrov
Copy link
Contributor

@dimitarvdimitrov dimitarvdimitrov commented Jul 4, 2024
edited
Loading

What this PR does

This addresses CVE-2024-24791. Golang release.

Checklist

  • Tests updated.
  • Documentation added.
  • CHANGELOG.md updated - the order of entries should be [CHANGE], [FEATURE], [ENHANCEMENT], [BUGFIX].
  • about-versioning.md updated with experimental features.

@dimitarvdimitrov dimitarvdimitrov requested a review from a team as a code owner July 4, 2024 09:29
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 4, 2024

Building new version of mimir-build-image. After image is built and pushed to Docker Hub, a new commit will automatically be added to this PR with new image version grafana/mimir-build-image:pr8600-8a8fd767c7. This can take up to 1 hour.

ying-jeanne
ying-jeanne approved these changes Jul 4, 2024
View reviewed changes
Copy link
Contributor

@ying-jeanne ying-jeanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. we already have golang-ci at latest 1.59.1, giving a pre-approve. during build image is pushed and commit appended.

aknuds1
aknuds1 reviewed Jul 4, 2024
View reviewed changes
Copy link
Contributor

@aknuds1 aknuds1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we note this in the changelog also? I see we've omitted that since Go 1.22.2.

@dimitarvdimitrov
Add CHANGELOG.md entry
c03971e 
Signed-off-by: Dimitar Dimitrov <[email protected]>
@dimitarvdimitrov
Copy link
Contributor Author

Should we note this in the changelog also? I see we've omitted that since Go 1.22.2.

pushed now 👍 I was waiting for CI to pass before pushing the entry as to not interrupt the process. Is it safe to push a commit while the build is ongoing

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 4, 2024

Not building new version of mimir-build-image. This PR modifies mimir-build-image/Dockerfile, but the image grafana/mimir-build-image:pr8600-8a8fd767c7 already exists.

@dimitarvdimitrov dimitarvdimitrov enabled auto-merge (squash) July 4, 2024 11:08
@aknuds1
Copy link
Contributor

aknuds1 commented Jul 4, 2024

Is it safe to push a commit while the build is ongoing

GitHub Actions just cancels the outdated build.

@dimitarvdimitrov dimitarvdimitrov merged commit ddea70b into main Jul 4, 2024
30 checks passed
@dimitarvdimitrov dimitarvdimitrov deleted the dimitar/update-to-go-1.22.5 branch July 4, 2024 11:24
@grafanabot
Copy link
Contributor

The backport to release-2.13 failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new branch
git switch --create backport-8600-to-release-2.13 origin/release-2.13
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x ddea70bd87fa40ad8654154280276de631fccea6
# Push it to GitHub
git push --set-upstream origin backport-8600-to-release-2.13
git switch main
# Remove the local backport branch
git branch -D backport-8600-to-release-2.13

Then, create a pull request where the base branch is release-2.13 and the compare/head branch is backport-8600-to-release-2.13.

dimitarvdimitrov added a commit that referenced this pull request Jul 4, 2024
@dimitarvdimitrov
Upgrade golang to 1.22.5 (#8600)
094d54b 
* Upgrade golang to 1.22.5

This addresses [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791)

Signed-off-by: Dimitar Dimitrov <[email protected]>

* Update build image version to pr8600-8a8fd767c7

* Add CHANGELOG.md entry

Signed-off-by: Dimitar Dimitrov <[email protected]>

---------

Signed-off-by: Dimitar Dimitrov <[email protected]>
Co-authored-by: dimitarvdimitrov <[email protected]>
(cherry picked from commit ddea70b)
@dimitarvdimitrov dimitarvdimitrov mentioned this pull request Jul 4, 2024
Merged
dimitarvdimitrov added a commit that referenced this pull request Jul 4, 2024
@dimitarvdimitrov
[release-2.13] Upgrade golang to 1.22.5 (#8604)
ed2ab67 
* Upgrade golang to 1.22.5 (#8600)

* Upgrade golang to 1.22.5

This addresses [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791)

Signed-off-by: Dimitar Dimitrov <[email protected]>

* Update build image version to pr8600-8a8fd767c7

* Add CHANGELOG.md entry

Signed-off-by: Dimitar Dimitrov <[email protected]>

---------

Signed-off-by: Dimitar Dimitrov <[email protected]>
Co-authored-by: dimitarvdimitrov <[email protected]>
(cherry picked from commit ddea70b)

* Update Makefile

* Update build image version to pr8604-40bd216be4

---------

Co-authored-by: dimitarvdimitrov <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ying-jeanne ying-jeanne ying-jeanne approved these changes

@aknuds1 aknuds1 aknuds1 approved these changes

@wilfriedroset wilfriedroset Awaiting requested review from wilfriedroset wilfriedroset is a code owner

@vaxvms vaxvms Awaiting requested review from vaxvms vaxvms is a code owner

@bubu11e bubu11e Awaiting requested review from bubu11e bubu11e is a code owner

Assignees
No one assigned
Labels
backport release-2.13 backport-failed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dimitarvdimitrov @aknuds1 @grafanabot @ying-jeanne