Bump prometheus to v2.48.0 #11633
Merged
Bump prometheus to v2.48.0 #11633
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This gets rids of most CVEs: ```bash $ grype -q prom/prometheus:v2.47.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.4+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium github.com/prometheus/alertmanager v0.25.0 0.25.1 go-module GHSA-v86x-5fm3-5p7j Medium github.com/prometheus/alertmanager v0.25.0 go-module CVE-2023-40577 Medium go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 0.44.0 go-module GHSA-rcjv-mgp8-qvmr High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-4374-p667-p6c8 High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-qppj-fm5r-hxr3 Medium golang.org/x/net v0.12.0 0.13.0 go-module GHSA-2wrh-6pvc-2jm9 Medium google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-m425-mq94-257g High google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-qppj-fm5r-hxr3 Medium $ grype -q prom/prometheus:v2.48.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.6+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium ```
olix0r
approved these changes
Nov 17, 2023
adleong
approved these changes
Nov 18, 2023
Merged
hawkw
added a commit
that referenced
this pull request
Nov 22, 2023
## edge-23.11.4 This edge release introduces support for the native sidecar containers entering beta support in Kubernetes 1.29. This improves the startup and shutdown ordering for the proxy relative to other containers, fixing the long-standing shutdown issue with injected `Job`s. Furthermore, traffic from other `initContainer`s can now be proxied by Linkerd. In addition, this edge release includes Helm chart improvements, and improvements to the multicluster extension. * Added a new `config.alpha.linkerd.io/proxy-enable-native-sidecar` annotation and `Proxy.NativeSidecar` Helm option that causes the proxy container to run as an init-container (thanks @teejaded!) (#11465; fixes #11461) * Fixed broken affinity rules for the multicluster `service-mirror` when running in HA mode (#11609; fixes #11603) * Added a new check to `linkerd check` that ensures all extension namespaces are configured properly (#11629; fixes #11509) * Updated the Prometheus Docker image used by the `linkerd-viz` extension to v2.48.0, resolving a number of CVEs in older Prometheus versions (#11633) * Added `nodeAffinity` to `deployment` templates in the `linkerd-viz` and `linkerd-jaeger` Helm charts (thanks @naing2victor!) (#11464; fixes #10680)
olix0r
pushed a commit
that referenced
this pull request
Dec 6, 2023
* Bump prometheus to v2.48.0 This gets rids of most CVEs: ```bash $ grype -q prom/prometheus:v2.47.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.4+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium github.com/prometheus/alertmanager v0.25.0 0.25.1 go-module GHSA-v86x-5fm3-5p7j Medium github.com/prometheus/alertmanager v0.25.0 go-module CVE-2023-40577 Medium go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 0.44.0 go-module GHSA-rcjv-mgp8-qvmr High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-4374-p667-p6c8 High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-qppj-fm5r-hxr3 Medium golang.org/x/net v0.12.0 0.13.0 go-module GHSA-2wrh-6pvc-2jm9 Medium google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-m425-mq94-257g High google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-qppj-fm5r-hxr3 Medium $ grype -q prom/prometheus:v2.48.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.6+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium ```
olix0r
pushed a commit
that referenced
this pull request
Dec 7, 2023
* Bump prometheus to v2.48.0 This gets rids of most CVEs: ```bash $ grype -q prom/prometheus:v2.47.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.4+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium github.com/prometheus/alertmanager v0.25.0 0.25.1 go-module GHSA-v86x-5fm3-5p7j Medium github.com/prometheus/alertmanager v0.25.0 go-module CVE-2023-40577 Medium go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 0.44.0 go-module GHSA-rcjv-mgp8-qvmr High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-4374-p667-p6c8 High golang.org/x/net v0.12.0 0.17.0 go-module GHSA-qppj-fm5r-hxr3 Medium golang.org/x/net v0.12.0 0.13.0 go-module GHSA-2wrh-6pvc-2jm9 Medium google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-m425-mq94-257g High google.golang.org/grpc v1.56.2 1.56.3 go-module GHSA-qppj-fm5r-hxr3 Medium $ grype -q prom/prometheus:v2.48.0 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY github.com/docker/docker v24.0.6+incompatible 24.0.7 go-module GHSA-jq35-85cj-fj4p Medium ```
olix0r
added a commit
that referenced
this pull request
Dec 7, 2023
* 0a72f1f Add imagePullSecrets to the multicluster chart. (#11287) * 284d76b service-mirror: support gateway resolving to multiple addresses (#11499) * 64bccd9 Improve klog (client-go logs) handling (#11632) * 6a07e2c Add ability to configure client-go's `QPS` and `Burst` settings (#11644) * e294c78 Bump prometheus to v2.48.0 (#11633) * b24b0e97c stable-2.14.6
olix0r
added a commit
that referenced
this pull request
Dec 7, 2023
* 0a72f1f Add imagePullSecrets to the multicluster chart. (#11287) * 284d76b service-mirror: support gateway resolving to multiple addresses (#11499) * 64bccd9 Improve klog (client-go logs) handling (#11632) * 6a07e2c Add ability to configure client-go's `QPS` and `Burst` settings (#11644) * e294c78 Bump prometheus to v2.48.0 (#11633) * b24b0e97c stable-2.14.6
Merged
olix0r
added a commit
that referenced
this pull request
Dec 7, 2023
stable-2.14.6 * 0a72f1f Add imagePullSecrets to the multicluster chart. (#11287) * 284d76b service-mirror: support gateway resolving to multiple addresses (#11499) * 64bccd9 Improve klog (client-go logs) handling (#11632) * 6a07e2c Add ability to configure client-go's `QPS` and `Burst` settings (#11644) * e294c78 Bump prometheus to v2.48.0 (#11633)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This gets rids of most CVEs: