[release-1.10] Rebuild using Go 1.20.10 (to address CVEs) #14501
Conversation
knative-prow
bot
added
the
do-not-merge/hold
knative-prow
bot
added
the
size/XS
Codecov ReportAll modified lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release-1.10 #14501 +/- ##
================================================
+ Coverage 86.20% 86.21% +0.01%
================================================
Files 199 199
Lines 14766 14766
================================================
+ Hits 12729 12731 +2
+ Misses 1735 1733 -2
Partials 302 302 ☔ View full report in Codecov by Sentry. |
|
/retest |
knative-prow
bot
removed
the
do-not-merge/hold
|
/retest |
|
/override "test (v1.24.7, kourier-tls, e2e)" /lgtm |
|
@dprotaso: Overrode contexts on behalf of dprotaso: test (v1.24.7, kourier-tls, e2e), test (v1.25.3, kourier-tls, e2e), test (v1.26.0, kourier-tls, e2e) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dprotaso, ReToCode The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow
bot
added
the
approved
|
/override "test (v1.25.3, contour, e2e)" |
|
@dprotaso: Overrode contexts on behalf of dprotaso: test (v1.25.3, contour, e2e) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
knative-prow
bot
merged commit 1c0fa5d
into
knative:release-1.10
* Min TLS for tag to digest defaults to 1.2 again and is configurable (knative#13963) quay.io only supports 1.2 Co-authored-by: dprotaso <[email protected]> * drop safe to evict annotations (knative#14051) this prevents nodes from draining Co-authored-by: dprotaso <[email protected]> * [release-1.10] RandomChoice 2 policy wasn't random when the number of targets is 2 (with equal weight) (knative#14052) * RandomChoice 2 policy wasn't random when the number of targets is 2 * fix linting --------- Co-authored-by: dprotaso <[email protected]> * [release-1.10] fix securityContext for Knative Service Pod (user-container and queue-proxy) (knative#14377) * add seccompProfile to queue container security context * run as non root by default * update tests to expect new default run as nonroot * fix perms --------- Co-authored-by: Clay Kauzlaric <[email protected]> Co-authored-by: Dave Protasowski <[email protected]> * Leave a comment which will trigger a new dot release (knative#14501) * [release-1.10] bump x/net to v0.17 (knative#14517) * [release-1.10] bump x/net to v0.17 * Re-generate test/config/tls/cert-secret.yaml (knative#14324) * Run hack/upgrade * Update secure-pod-defaults patch * Use a static value for S-O branch --------- Co-authored-by: Knative Prow Robot <[email protected]> Co-authored-by: dprotaso <[email protected]> Co-authored-by: Clay Kauzlaric <[email protected]> Co-authored-by: Kenjiro Nakayama <[email protected]>
* Min TLS for tag to digest defaults to 1.2 again and is configurable (knative#13963) quay.io only supports 1.2 Co-authored-by: dprotaso <[email protected]> * drop safe to evict annotations (knative#14051) this prevents nodes from draining Co-authored-by: dprotaso <[email protected]> * [release-1.10] RandomChoice 2 policy wasn't random when the number of targets is 2 (with equal weight) (knative#14052) * RandomChoice 2 policy wasn't random when the number of targets is 2 * fix linting --------- Co-authored-by: dprotaso <[email protected]> * [release-1.10] fix securityContext for Knative Service Pod (user-container and queue-proxy) (knative#14377) * add seccompProfile to queue container security context * run as non root by default * update tests to expect new default run as nonroot * fix perms --------- Co-authored-by: Clay Kauzlaric <[email protected]> Co-authored-by: Dave Protasowski <[email protected]> * Leave a comment which will trigger a new dot release (knative#14501) * [release-1.10] bump x/net to v0.17 (knative#14517) * [release-1.10] bump x/net to v0.17 * Re-generate test/config/tls/cert-secret.yaml (knative#14324) * Run hack/upgrade * Bound buffer for reading stats (knative#14541) Co-authored-by: Evan Anderson <[email protected]> --------- Co-authored-by: Knative Prow Robot <[email protected]> Co-authored-by: dprotaso <[email protected]> Co-authored-by: Clay Kauzlaric <[email protected]> Co-authored-by: Kenjiro Nakayama <[email protected]> Co-authored-by: Evan Anderson <[email protected]>
https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
/hold for the new CI images to be there knative/infra#232