-
Notifications
You must be signed in to change notification settings - Fork 893
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kserve/models-web-app v0.10.0 using kubeflow/kubeflow#2b4cc42e (not v1.7.0) #2433
Comments
Is this still relevant for Kubeflow 1.8 ? |
On the current master kserve/models-web-app/frontend/COMMIT we have 3649e7e61 which has been merged on Mar 23 which is before release date 1.7.0 (Mar 29), so I guess yes the kserve is not up to date |
@axel7083 then please provide a PR such that @kimwnasptd can review. |
@kromanow94 can you investigate whether this is still relevant? We also need to update to kserve 0.11.2 anyway due to #2572 and #2553 |
Sure, I can have a look. I'll try to do it next week.
|
We probably need a new home for the web application https://kubeflow.slack.com/archives/C9V2WT2KV/p1709142634280649?thread_ts=1708948152.539709&cid=C9V2WT2KV |
/assign @Ayush9026 |
@kimwnasptd |
@Ayush9026 are you still working on this, or do we need additional help? |
When I try to 1.9.0-rc.0 with minikube on a mac M3, I am stuck at
|
@tiansiyuan yes @rimolive and others are working on rebuilding the image. Can you help with the frontend? If yes please reach out to Ricardo. |
I'd be glad if I could help. Please let me know what I need to do. An update, I tried installing of 1.9.0-rc.1 with Minikube 1.33.1 (K8s 1.29.4) on a Mac M3 and got the same issue, image docker.io/kserve/models-web-app:v0.10.0 (for arm) is not available. |
I managed to build the image based on the Dockerfile at https://github.com/kserve/models-web-app/blob/master/Dockerfile without any change. (any changes needed?) As I have some difficulty to access docker.io directly, then I pushed it to the local registry of Minikube and referred it in the image definition since the Any more testing needed? |
We need to fix the CVE issues in the code. If you run In advance, thank you both for contributing in this! |
@rimolive it is very likely that we wont be able to remove all the CVEs without a lot of reworking (not sure all packages can be updated in place). We might be able to at least update the node version from 12 to 16, like I did in the central dashboard kubeflow/kubeflow#7578, but this is less important for the web apps because they dont actually run node in the final container (like the dashboard). For example, we still build with Node 12 in Jupyter Web App (but we would like to update if anyone has some spare time). |
As a side note @tiansiyuan is correct, we need to stop using |
@thesuperzapper as far is i know always means "It's worth noting regardless of what others are saying, imagePullPolicy: Always just redownloads the digest, not the layers if they match the contents of the digest." But mabye that differs between Kubernetes distributions. Yes, just rebuilding with a few fast fixes is already enough. |
there are 19 high and 6 critical vulnerabilities, which needs addressing. Some of the fixes which requires upgrade are breaking changes. I am going to deal with them at the end |
Please check https://github.com/kubeflow/manifests/actions/runs/9491962409/job/26158322115 for the trivy image scanning results. @vikas-saxena02 please check whether you have the same numbers for the kserve-models-web-application image.
|
Hi guys, I am down to just 11 moderate vulnerabilities.... do we need to fix only high and critical or all of them.... also how do I ensure that I am not breaking anything? |
pull request kserve/models-web-app#81 |
Description
In the readme of the manifest repository, the 1.7.0 Kubeflow release stated that the KServe Models Web App used is tag v0.10.0. But it is using a very old version of the kubeflow/kubeflow repository for using the components/crud-web-apps/common shared code.
As it is visible in kserve/models-web-app/v0.10.0/Dockerfile#L9, the commit used is 2b4cc42e, and has been committed the Nov 25, 2022 between the tag v1.6.1 (Oct 10, 2022) and v1.7.0-rc.0 (Feb 2, 2023)
This make the compilation of kserve/models-web-app not compatible with 1.7.0
Reproduce
Current state
The current master does not have a hardcoded commit in the Dockerfile but instead use a file containing the commit. See kserve/models-web-app#65.
All of this is very confusing for maintaining versioning among app, especially when upgrading components. Synchronizing this new "COMMIT" file with tags would be a great way to keep consistency for components depending on code in the kubeflow/kubeflow repository.
Edit
Currently the master is checking out the kubeflow/kubeflow commit 046c6d3c8 (on Feb 13, 2023) so still not compatible with 1.7.0 commit (on March 29, 2023).
The text was updated successfully, but these errors were encountered: