Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(helm): bump nginx-unprivilege to fix CVE #10754

Merged
merged 3 commits into from
Oct 9, 2023
Merged

fix(helm): bump nginx-unprivilege to fix CVE #10754

merged 3 commits into from
Oct 9, 2023

Conversation

hainenber
Copy link
Contributor

@hainenber hainenber commented Oct 1, 2023
edited
Loading

What this PR does / why we need it:

Which issue(s) this PR fixes:
Fixes #10746

Special notes for your reviewer:

Checklist

  • Reviewed the CONTRIBUTING.md guide (required)
  • Documentation added
  • Tests updated
  • CHANGELOG.md updated
    • If the change is worth mentioning in the release notes, add add-to-release-notes label
  • Changes that require user attention or interaction to upgrade are documented in docs/sources/setup/upgrade/_index.md
  • For Helm chart changes bump the Helm chart version in production/helm/loki/Chart.yaml and update production/helm/loki/CHANGELOG.md and production/helm/loki/README.md. Example PR

@hainenber hainenber requested a review from a team as a code owner October 1, 2023 07:30
slim-bean
slim-bean approved these changes Oct 2, 2023
View reviewed changes
Copy link
Collaborator

@slim-bean slim-bean left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you!!

@slim-bean
Copy link
Collaborator

sorry for one more ask @hainenber , but CI is grumping about the docs, would you be able to run

Please generate Helm Chart reference by running 'make -C docs sources/setup/install/helm/reference.md'

@MichelHollands
Copy link
Contributor

@hainenber A few PR have been merged so now please use 5.27.0 as the version. Once that is done and you've run the comment provided by Ed I'll merge this.

@github-actions github-actions bot added sig/operator type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories labels Oct 5, 2023
@hainenber
Copy link
Contributor Author

Thank you all folks, I've done the proposed steps. Please have a look, thanks!

@github-actions github-actions bot removed sig/operator type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories labels Oct 5, 2023
@MichelHollands
Copy link
Contributor

@hainenber It's still missing the change to /docs/sources/setup/install/helm/reference.md. See the CI output
in https://drone.grafana.net/grafana/loki/28423/5/2 for the command to run to fix it.

@MichelHollands
Copy link
Contributor

In case you don't have access to the CI:

0.29.4: Pulling from grafana/loki-build-image
Digest: sha256:36aff4f65f0d949b1f3e1642141cb02ff4739c2309915ac5fb9f85a37ad0b479
Status: Image is up to date for grafana/loki-build-image:0.29.4
+ make BUILD_IN_CONTAINER=false documentation-helm-reference-check
Checking diff
make -BC docs sources/setup/install/helm/reference.md
make[1]: Entering directory '/src/loki/docs'
helm-docs -c ../production/helm/ -t reference.md.gotmpl -o reference.md
mv "../production/helm/loki/reference.md" "sources/setup/install/helm/reference.md"
time="2023-10-06T07:39:57Z" level=info msg="Found Chart directories [loki]"
time="2023-10-06T07:39:57Z" level=info msg="Generating README Documentation for chart ../production/helm/loki"
make[1]: Leaving directory '/src/loki/docs'
diff --git a/docs/sources/setup/install/helm/reference.md b/docs/sources/setup/install/helm/reference.md
index 7a6009d3d..cf20e1486 100644
--- a/docs/sources/setup/install/helm/reference.md
+++ b/docs/sources/setup/install/helm/reference.md
@@ -1116,7 +1116,7 @@ null
 			<td>string</td>
 			<td>The gateway image tag</td>
 			<td><pre lang="json">
-"1.23-alpine"
+"1.24-alpine"
 </pre>
 </td>
 		</tr>
Please generate Helm Chart reference by running 'make -C docs sources/setup/install/helm/reference.md'
make: *** [Makefile:650: documentation-helm-reference-check] Error 1

@pull-request-size pull-request-size bot added size/S and removed size/XS labels Oct 7, 2023
@github-actions github-actions bot added the type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories label Oct 7, 2023
@hainenber
Copy link
Contributor Author

hi folks, I've run the necessary command. Sorry for the inconvenience and please have look, thanks!

@MichelHollands MichelHollands merged commit dbf7dd4 into grafana:main Oct 9, 2023
7 checks passed
@hainenber hainenber deleted the fix-CVE-2023-4863 branch October 10, 2023 02:18
@github-actions github-actions bot mentioned this pull request Jan 26, 2024
Closed
@grafanabot grafanabot mentioned this pull request Feb 13, 2024
Closed
@loki-gh-app loki-gh-app bot mentioned this pull request Feb 28, 2024
Closed
This was referenced Mar 25, 2024
Closed
Closed
Closed
Closed
This was referenced Apr 1, 2024
Closed
Closed
Closed
@loki-gh-app loki-gh-app bot mentioned this pull request Apr 8, 2024
Merged
@grafanabot grafanabot mentioned this pull request Apr 8, 2024
Merged
rhnasc pushed a commit to inloco/loki that referenced this pull request Apr 12, 2024
@hainenber @rhnasc
fix(helm): bump nginx-unprivilege to fix CVE (grafana#10754)
66940bc 
**What this PR does / why we need it**:

**Which issue(s) this PR fixes**:
Fixes grafana#10746 

**Special notes for your reviewer**:

**Checklist**
- [x] Reviewed the
[`CONTRIBUTING.md`](https://github.com/grafana/loki/blob/main/CONTRIBUTING.md)
guide (**required**)
- [ ] Documentation added
- [ ] Tests updated
- [x] `CHANGELOG.md` updated
- [ ] If the change is worth mentioning in the release notes, add
`add-to-release-notes` label
- [ ] Changes that require user attention or interaction to upgrade are
documented in `docs/sources/setup/upgrade/_index.md`
- [x] For Helm chart changes bump the Helm chart version in
`production/helm/loki/Chart.yaml` and update
`production/helm/loki/CHANGELOG.md` and
`production/helm/loki/README.md`. [Example
PR](grafana@d10549e)
mraboosk pushed a commit to mraboosk/loki that referenced this pull request Oct 7, 2024
@hainenber
fix(helm): bump nginx-unprivilege to fix CVE (grafana#10754)
37669f2 
**What this PR does / why we need it**:

**Which issue(s) this PR fixes**:
Fixes grafana#10746 

**Special notes for your reviewer**:

**Checklist**
- [x] Reviewed the
[`CONTRIBUTING.md`](https://github.com/grafana/loki/blob/main/CONTRIBUTING.md)
guide (**required**)
- [ ] Documentation added
- [ ] Tests updated
- [x] `CHANGELOG.md` updated
- [ ] If the change is worth mentioning in the release notes, add
`add-to-release-notes` label
- [ ] Changes that require user attention or interaction to upgrade are
documented in `docs/sources/setup/upgrade/_index.md`
- [x] For Helm chart changes bump the Helm chart version in
`production/helm/loki/Chart.yaml` and update
`production/helm/loki/CHANGELOG.md` and
`production/helm/loki/README.md`. [Example
PR](grafana@2cef71e)
@loki-gh-app loki-gh-app bot mentioned this pull request Nov 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MichelHollands MichelHollands MichelHollands approved these changes

@slim-bean slim-bean slim-bean approved these changes

Assignees
No one assigned
Labels
area/helm size/S type/docs Issues related to technical documentation; the Docs Squad uses this label across many repositories
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Deprecated tag for nginxinc/nginx-unprivileged (incl. CVE-2023-4863)
3 participants
@hainenber @slim-bean @MichelHollands