Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies 2024-03-04 #6007

Closed
29 of 34 tasks
github-actions bot opened this issue Mar 4, 2024 · 2 comments
Closed
29 of 34 tasks

Upgrade dependencies 2024-03-04 #6007

github-actions bot opened this issue Mar 4, 2024 · 2 comments
Assignees
@dsotirho-ucsc
Labels
debt [type] A defect incurring continued engineering cost enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team

Comments

@github-actions
Copy link

github-actions bot commented Mar 4, 2024
edited by dsotirho-ucsc
Loading

  • Update PyCharm image
    • Bump base image tag (only same Debian release), if possible
    • Bump upstream version, if possible
    • Bump internal version
    • Build and test new image locally with Azul's make format
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Update Elasticsearch image
    • Bump base image tag (only minor and patch versions), if possible
    • Bump internal version
    • Build and test new image locally with Azul's make test
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Create Azul PR, connected to this issue, with …
  • Delete obsolete image tags from DockerHub (but consider that prod may not use the latest image) … (This is now done by System administrator during prod promotion)
  • Created tickets for any deferred updates to …
    • … to next major or minor Python version or such ticket already exists
    • … to next major Docker version or such ticket already exists
    • … to next major or minor Terraform version or such ticket already exists
@github-actions github-actions bot added debt [type] A defect incurring continued engineering cost enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team labels Mar 4, 2024
@dsotirho-ucsc dsotirho-ucsc self-assigned this Mar 4, 2024
dsotirho-ucsc added a commit to DataBiosphere/azul-docker-pycharm that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Upgrade dependencies 2024-03-04 (DataBiosphere/azul#6007)
24cfe34
dsotirho-ucsc added a commit to DataBiosphere/azul-docker-elasticsearch that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Upgrade dependencies 2024-03-04 (DataBiosphere/azul#6007)
ab4ad2e
@dsotirho-ucsc dsotirho-ucsc added the deploy:shared [process] PR requires deploying `shared` component label Mar 6, 2024
dsotirho-ucsc added a commit that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Update Pycharm to 2023.3.4-15 (#6007)
91be20a
dsotirho-ucsc added a commit that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Update Elasticsearch to 7.17.18-13 (#6007)
7e5f734
dsotirho-ucsc added a commit that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Update ClamAV to 1.3.0-41 (#6007)
316bb46
@dsotirho-ucsc dsotirho-ucsc mentioned this issue Mar 6, 2024
Merged
78 tasks
@dsotirho-ucsc dsotirho-ucsc removed the deploy:shared [process] PR requires deploying `shared` component label Mar 6, 2024
dsotirho-ucsc added a commit that referenced this issue Mar 6, 2024
@dsotirho-ucsc
Ran make image_manifests.json (#6007)
b21cd7b
@hannes-ucsc hannes-ucsc added the no demo [process] Not to be demonstrated at the end of the sprint label Mar 6, 2024
dsotirho-ucsc added a commit that referenced this issue Mar 7, 2024
@dsotirho-ucsc
Update Pycharm to 2023.3.4-15 (#6007)
98c4606
dsotirho-ucsc added a commit that referenced this issue Mar 7, 2024
@dsotirho-ucsc
Update Elasticsearch to 7.17.18-13 (#6007)
e1e58d4
dsotirho-ucsc added a commit that referenced this issue Mar 7, 2024
@dsotirho-ucsc
Update ClamAV to 1.3.0-41 (#6007)
433e3af
dsotirho-ucsc added a commit that referenced this issue Mar 8, 2024
@dsotirho-ucsc
[R] Upgrade dependencies 2024-03-04 (#6007, PR #6019)
78fda93
@dsotirho-ucsc
Copy link
Contributor

Google sheet updated (tab: 2024-03-08)

Screenshot 2024-03-08 at 9 22 20 AM

@hannes-ucsc
Copy link
Member

CVE-2024-23653
CVE-2024-23652

Our options are to upgrade to Docker 25.x or to wait until the fix is backported. There is a backport PR but it's been dormant for a month. Seem like we can't wait any longer.

@hannes-ucsc hannes-ucsc mentioned this issue Mar 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dsotirho-ucsc dsotirho-ucsc

Labels
debt [type] A defect incurring continued engineering cost enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hannes-ucsc @dsotirho-ucsc