Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: remove k8s.io/kubernetes replaces and adapt to v1.29.3 apis #1968

Merged
merged 1 commit into from
Apr 16, 2024
Merged

chore: remove k8s.io/kubernetes replaces and adapt to v1.29.3 apis #1968

merged 1 commit into from
Apr 16, 2024

Conversation

ajayk
Copy link
Contributor

@ajayk ajayk commented Apr 13, 2024

No description provided.

@ajayk
chore: remove k8s.io/kubernetes replaces and adapt to v1.29.3 apis
be700d1 
Signed-off-by: ajayk <ajaykemparaj@gmail.com>
@ajayk
Copy link
Contributor Author

ajayk commented Apr 13, 2024

/assign @vara-bonthu

@ajayk
Copy link
Contributor Author

ajayk commented Apr 13, 2024

cc @AndrewChubatiuk

@vara-bonthu
Copy link
Contributor

@ajayk, it looks like the PR description is missing. Could you please provide more details to help us review your changes effectively?

Purpose of the Change: Why is this change necessary?
Problem Addressed: What issue are you encountering that this change resolves?
Solution: How does this change solve the problem?
Impact of Not Merging: What would be the consequences if this PR is not merged?
Existing Workarounds: Is there a current workaround for this issue, and if so, what are its drawbacks?

Thank you for contributing, and we look forward to your detailed response!

@debasishbsws
Copy link

@vara-bonthu It seems to me that while upgrading the k8s.io/kubernetes module version in PR: #1630 the person missed removing the replace statement present in go.mod file for Kubernetes

spark-operator/go.mod

Line 161 in 6ded3ac

k8s.io/kubernetes => k8s.io/kubernetes v1.19.6

For this reason, even after Updating the module version in #1630 #1954, it is set to version 1.19.6, Which is 10 versions older than the current one 1.29.3 link. This older version of Kubernetes has multiple CVE present in it.

just removing the replace line doesn't fix as there is a version mismatch with some other go modules this PR try to fix those with minimal changes.

@vara-bonthu
Copy link
Contributor

/approve

Thanks for the details @debasishbsws ! It does make sense

@yuchaoran2011 Please review this

yuchaoran2011
yuchaoran2011 approved these changes Apr 16, 2024
View reviewed changes
Copy link
Contributor

@yuchaoran2011 yuchaoran2011 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! /lgtm

@google-oss-prow Google OSS Prow
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ajayk, vara-bonthu, yuchaoran2011

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [vara-bonthu,yuchaoran2011]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@yuchaoran2011
Copy link
Contributor

/lgtm

@google-oss-prow google-oss-prow bot added the lgtm label Apr 16, 2024
@google-oss-prow google-oss-prow bot merged commit 362b812 into kubeflow:master Apr 16, 2024
2 checks passed
@AndrewChubatiuk AndrewChubatiuk mentioned this pull request Apr 16, 2024
Merged
@YanivKunda YanivKunda mentioned this pull request May 21, 2024
Closed
1 task
sigmarkarl pushed a commit to spotinst/spark-on-k8s-operator that referenced this pull request Aug 7, 2024
@ajayk @sigmarkarl
chore: remove k8s.io/kubernetes replaces and adapt to v1.29.3 apis (k…
e9b9455 
…ubeflow#1968)

Signed-off-by: ajayk <ajaykemparaj@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuchaoran2011 yuchaoran2011 yuchaoran2011 approved these changes

@vara-bonthu vara-bonthu Awaiting requested review from vara-bonthu

Assignees

@yuchaoran2011 yuchaoran2011

@vara-bonthu vara-bonthu

Labels
approved lgtm size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ajayk @vara-bonthu @debasishbsws @yuchaoran2011