Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies 2024-04-15 #6164

Closed
29 of 34 tasks
github-actions bot opened this issue Apr 15, 2024 · 2 comments
Closed
29 of 34 tasks

Upgrade dependencies 2024-04-15 #6164

github-actions bot opened this issue Apr 15, 2024 · 2 comments
Assignees
@achave11-ucsc
Labels
- [priority] Medium debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team

Comments

@github-actions
Copy link

github-actions bot commented Apr 15, 2024
edited by achave11-ucsc
Loading

  • Update PyCharm image
    • Bump base image tag (only same Debian release), if possible
    • Bump upstream version, if possible
    • Bump internal version
    • Build and test new image locally with Azul's make format
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Update Elasticsearch image
    • Bump base image tag (only minor and patch versions), if possible
    • Bump internal version
    • Build and test new image locally with Azul's make test
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Create Azul PR, connected to this issue, with …
  • Delete obsolete image tags from DockerHub (but consider that prod may not use the latest image)
  • Created tickets for any deferred updates to …
    • … to next major or minor Python version or such ticket already exists
    • … to next major Docker version or such ticket already exists
    • … to next major or minor Terraform version or such ticket already exists
@github-actions github-actions bot added debt [type] A defect incurring continued engineering cost enh infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team labels Apr 15, 2024
@achave11-ucsc achave11-ucsc self-assigned this Apr 16, 2024
@achave11-ucsc achave11-ucsc added the - [priority] Medium label Apr 16, 2024
achave11-ucsc added a commit to DataBiosphere/azul-docker-pycharm that referenced this issue Apr 17, 2024
@achave11-ucsc
Upgrade dependencies 2024-04-15 (DataBiosphere/azul#6164)
755e39a
achave11-ucsc added a commit that referenced this issue Apr 18, 2024
@achave11-ucsc
Update Python to 3.11.9 (#6164)
660f0a9
achave11-ucsc added a commit that referenced this issue Apr 18, 2024
@achave11-ucsc
Update PyCharm to 2023.3.5-20 (#6164)
86b3437
achave11-ucsc added a commit that referenced this issue Apr 18, 2024
@achave11-ucsc
Update Elasticsearch to 7.17.20-16 (#6164)
c79dcd9
achave11-ucsc added a commit that referenced this issue Apr 18, 2024
@achave11-ucsc
Update GitLab to v16.10.3 (#6164)
844d8b9
@achave11-ucsc achave11-ucsc mentioned this issue Apr 18, 2024
Merged
69 tasks
achave11-ucsc added a commit that referenced this issue Apr 19, 2024
@achave11-ucsc
Update Python to 3.11.9 (#6164)
72f0296
achave11-ucsc added a commit that referenced this issue Apr 19, 2024
@achave11-ucsc
Update PyCharm to 2023.3.5-20 (#6164)
d568411
achave11-ucsc added a commit that referenced this issue Apr 19, 2024
@achave11-ucsc
Update Elasticsearch to 7.17.20-16 (#6164)
a9faf4b
achave11-ucsc added a commit that referenced this issue Apr 19, 2024
@achave11-ucsc
Update GitLab to v16.11.0 (#6164)
9a6ff2c
achave11-ucsc added a commit to DataBiosphere/azul-docker-pycharm that referenced this issue Apr 26, 2024
@achave11-ucsc
Upgrade dependencies 2024-04-15 (DataBiosphere/azul#6164)
e666d31
achave11-ucsc added a commit that referenced this issue Apr 26, 2024
@achave11-ucsc
Update Python to 3.11.9 (#6164)
483f3a2
achave11-ucsc added a commit that referenced this issue Apr 26, 2024
@achave11-ucsc
Update PyCharm to 2023.3.5-20 (#6164)
5ba7213
achave11-ucsc added a commit that referenced this issue Apr 26, 2024
@achave11-ucsc
Update Elasticsearch to 7.17.20-16 (#6164)
d3dd0cc
achave11-ucsc added a commit that referenced this issue Apr 26, 2024
@achave11-ucsc
Update GitLab to v16.11.1 (#6164)
fbf38e9
@hannes-ucsc hannes-ucsc added the no demo [process] Not to be demonstrated at the end of the sprint label Apr 26, 2024
achave11-ucsc added a commit that referenced this issue Apr 27, 2024
@achave11-ucsc
[R] Upgrade dependencies 2024-04-15 (#6164, PR #6174)
1f02765
@achave11-ucsc
Copy link
Member

achave11-ucsc commented Apr 29, 2024
edited
Loading

Relevant findings for these upgrades,

[EDIT @achave11-ucsc] the previously posted screenshot was incorrect, here's an amended version:

Screenshot 2024-05-03 at 10 39 09 AM

@hannes-ucsc
Copy link
Member

hannes-ucsc commented May 6, 2024
edited
Loading

New H findings:

Containers launched from the affected images are not exposed at the security boundary. No immediate action needs to be taken.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@achave11-ucsc achave11-ucsc

Labels
- [priority] Medium debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hannes-ucsc @achave11-ucsc