Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies 2023-11-27 #5724

Closed
35 tasks
github-actions bot opened this issue Nov 27, 2023 · 1 comment
Closed
35 tasks

Upgrade dependencies 2023-11-27 #5724

github-actions bot opened this issue Nov 27, 2023 · 1 comment
Labels
debt [type] A defect incurring continued engineering cost duplicate [process] This issue or pull request already exists enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team

Comments

@github-actions
Copy link

  • Update PyCharm image
    • Bump base image tag, if possible
    • Bump upstream version, if possible
    • Bump internal version
    • Remove unused dependencies with high or critical CVEs
    • Build and test new image locally with Azul's make format
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Update Elasticsearch image
    • Bump base image tag (only minor and patch version)
    • Bump internal version
    • Remove unused dependencies with high or critical CVEs
    • Build and test new image locally with Azul's make test
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Create Azul PR, connected to this issue, with …
    • … changes to requirements*.txt from open Dependabot PRs, one commit per PR
    • … update to Python (only patch versions)
    • … Updates to Terraform (only patch versions)
    • … new PyCharm image
    • … new Elasticsearch image
    • … update to Docker images (only minor and patch versions)
    • … update to GitLab images
    • … update to ClamAV image
    • … update to GitLab AMI
  • Delete obsolete image tags from DockerHub (but consider that prod may not use the latest image) …
  • Created tickets for any deferred updates to …
    • … to next major or minor Python version
    • … to next major Docker version
    • … to next major or minor Terraform version
  • Post vulnerability report for anvilprod on this issue
@github-actions github-actions bot added debt [type] A defect incurring continued engineering cost enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator labels Nov 27, 2023
@hannes-ucsc
Copy link
Member

hannes-ucsc commented Nov 27, 2023
edited
Loading

Duplicate of #5723, created in error due to e5dbec0, fixed by 13382a9.

@hannes-ucsc hannes-ucsc added the duplicate [process] This issue or pull request already exists label Nov 27, 2023
@github-actions github-actions bot added the orange [process] Done by the Azul team label Nov 27, 2023
@dsotirho-ucsc dsotirho-ucsc closed this as not planned Won't fix, can't repro, duplicate, stale Nov 27, 2023
@hannes-ucsc hannes-ucsc mentioned this issue Nov 29, 2023
Closed
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
debt [type] A defect incurring continued engineering cost duplicate [process] This issue or pull request already exists enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hannes-ucsc @dsotirho-ucsc