-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Security upgrade ubuntu from 16.04 to xenial-20210114 #117
base: master
Are you sure you want to change the base?
Conversation
…er/Dockerfile to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-1320131 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-1320131 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-1320131 - https://snyk.io/vuln/SNYK-UBUNTU1604-SYSTEMD-1320131 - https://snyk.io/vuln/SNYK-UBUNTU1604-BASH-542609
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Commit Checker results:
|
A set of new images have been built to help with testing out this PR: |
An OCP cluster where you are logged in as cluster admin is required. The Data Science Pipelines team recommends testing this using the Data Science Pipelines Operator. Check here for more information on using the DSPO. To use and deploy a DSP stack with these images (assuming the DSPO is deployed), first save the following YAML to a file named apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1
kind: DataSciencePipelinesApplication
metadata:
name: pr-117
spec:
dspVersion: v2
apiServer:
image: "quay.io/opendatahub/ds-pipelines-api-server:pr-117"
argoDriverImage: "quay.io/opendatahub/ds-pipelines-driver:pr-117"
argoLauncherImage: "quay.io/opendatahub/ds-pipelines-launcher:pr-117"
persistenceAgent:
image: "quay.io/opendatahub/ds-pipelines-persistenceagent:pr-117"
scheduledWorkflow:
image: "quay.io/opendatahub/ds-pipelines-scheduledworkflow:pr-117"
mlmd:
deploy: true # Optional component
grpc:
image: "quay.io/opendatahub/mlmd-grpc-server:latest"
envoy:
image: "registry.redhat.io/openshift-service-mesh/proxyv2-rhel8:2.3.9-2"
mlpipelineUI:
deploy: true # Optional component
image: "quay.io/opendatahub/ds-pipelines-frontend:pr-117"
objectStorage:
minio:
deploy: true
image: 'quay.io/opendatahub/minio:RELEASE.2019-08-14T20-37-41Z-license-compliance' Then run the following: cd $(mktemp -d)
git clone [email protected]:opendatahub-io/data-science-pipelines.git
cd data-science-pipelines/
git fetch origin pull/117/head
git checkout -b pullrequest fba1fa9a41a00a551abdb3580b1c88601f42a34e
oc apply -f dspa.pr-117.yaml More instructions here on how to deploy and test a Data Science Pipelines Application. |
Snyk has created this PR to fix 2 vulnerabilities in the dockerfile dependencies of this project.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Snyk changed the following file(s):
samples/contrib/nvidia-resnet/components/inference_server_launcher/Dockerfile
We recommend upgrading to
ubuntu:xenial-20210114
, as this image has only 92 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Vulnerabilities that will be fixed with an upgrade:
SNYK-UBUNTU1604-SYSTEMD-1320131
SNYK-UBUNTU1604-SYSTEMD-1320131
SNYK-UBUNTU1604-SYSTEMD-1320131
SNYK-UBUNTU1604-SYSTEMD-1320131
SNYK-UBUNTU1604-BASH-542609
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Allocation of Resources Without Limits or Throttling