merge from upstream #4
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update google.golang.org/grpc from v1.49.0 to v1.56.3 https://github.com/kserve/modelmesh-runtime-adapter/security/dependabot/20 --- Signed-off-by: Rafael Vasquez <[email protected]>
Signed-off-by: Spolti <[email protected]>
https://github.com/kserve/modelmesh-runtime-adapter/security/dependabot/16 --------- Signed-off-by: Spolti <[email protected]> Signed-off-by: Christian Kadner <[email protected]> Co-authored-by: Christian Kadner <[email protected]>
#### Motivation Each time running lint using the developer image, i.e. `make run fmt`, the `build.develop` Make target is executed, calling `scripts/build_docker.sh` which (re)builds the developer image each time, which despite using cached image layers takes extra time and clutters the terminal with Docker build output that is not relevant with respect to the actual make goal having been invoked. ``` [modelmesh-runtime-adapter] (main=)$ make run fmt Makefile:74: warning: overriding commands for target `fmt' Makefile:60: warning: ignoring old commands for target `fmt' ./scripts/build_docker.sh --target develop [+] Building 1.1s (15/15) FINISHED docker:colima => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 7.60kB 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 93B 0.0s => [internal] load metadata for registry.access.redhat.com/ubi8/go-toolset:1.17 1.0s => [develop 1/10] FROM registry.access.redhat.com/ubi8/go-toolset:1.17@sha256:db868166dd2ea38bdb8507e0cb1c9a295622fb6d8bdd70718af1405679ca0a19 0.0s => [internal] load build context 0.0s => => transferring context: 98B 0.0s => CACHED [develop 2/10] RUN --mount=type=cache,target=/root/.cache/dnf:rw dnf install --setopt=cachedir=/root/.cache/dnf -y --nodocs python3 p 0.0s => CACHED [develop 3/10] RUN --mount=type=cache,target=/root/.cache/pip pip3 install pre-commit 0.0s => CACHED [develop 4/10] RUN set -eux; amd64=x86_64; arm64=aarch_64; ppc64le=ppcle_64; s390x=s390_64; wget -qO protoc.zip "https://github.com/p 0.0s => CACHED [develop 5/10] WORKDIR /opt/app 0.0s => CACHED [develop 6/10] COPY go.mod go.sum ./ 0.0s => CACHED [develop 7/10] RUN true && go get google.golang.org/grpc/cmd/protoc-gen-go-grpc && go install google.golang.org/protobuf/cmd/protoc-gen-go 0.0s => CACHED [develop 8/10] COPY .pre-commit-config.yaml ./ 0.0s => CACHED [develop 9/10] RUN git init && pre-commit install-hooks && rm -rf .git 0.0s => CACHED [develop 10/10] RUN go mod download 0.0s => exporting to image 0.0s => => exporting layers 0.0s => => writing image sha256:feb1d14c1a753a7e4494b9b53f8132fec927c39e565eacede9ea2a460a78ebec 0.0s => => naming to docker.io/kserve/modelmesh-runtime-adapter-develop:reuse_existing_dev_image-20231027T220733PDT 0.0s => => naming to docker.io/kserve/modelmesh-runtime-adapter-develop:latest 0.0s ./scripts/develop.sh make fmt ./scripts/fmt.sh golangci-lint............................................................Passed prettier.................................................................Passed ``` #### Modifications - Add flag `--use-existing` to `scripts/build_docker.sh` to skip the Docker build it the image exists - Add internal Make target `use.develop` which call `scripts/build_docker.sh` with the new flag `--use-existing` - Add env vars `DOCKER_USER` and `IMAGE_TAG` to `scripts/develop.sh` to be consistent with `scripts/build_docker.sh` #### Result ``` [modelmesh-runtime-adapter_ckadner] (reuse_existing_dev_image=)$ make run fmt Makefile:74: warning: overriding commands for target `fmt' Makefile:60: warning: ignoring old commands for target `fmt' ./scripts/build_docker.sh --target develop --use-existing ./scripts/develop.sh make fmt ./scripts/fmt.sh golangci-lint............................................................Passed prettier.................................................................Passed ``` Signed-off-by: Christian Kadner <[email protected]> Signed-off-by: Rafael Vasquez <[email protected]> Co-authored-by: Rafael Vasquez <[email protected]>
Add CodeQL configuration file to enable code vulnerability scans. FYI @rafvasq @njhill --------- Signed-off-by: Christian Kadner <[email protected]> Signed-off-by: Rafael Vasquez <[email protected]> Co-authored-by: Rafael Vasquez <[email protected]>
Add function `GetEnvInt32` using `strconv.ParseInt` when `int32` is expected --------- Signed-off-by: Rafael Vasquez <[email protected]>
Specify and link python38 to fix build/test failures due to the wrong Python version (3.6) being used from base image. --------- Signed-off-by: Rafael Vasquez <[email protected]>
Update golang.org/x/crypto to v0.14.0 Update golang.org/x/net to v0.17.0 --------- Signed-off-by: Rafael Vasquez <[email protected]>
- Remove the linters for "deadcode", "structcheck", "varcheck" - Use "os" packages instead of deprecated "io/ioutil" (SA1019) - Capture pre-commit output in a local log file Fixes #64 --------- Signed-off-by: Spolti <[email protected]>
- elazarl/goproxy [CVE-2023-37788] Denial of Service (DoS) - emicklei/go-restful [CVE-2022-1996] Authorization Bypass Through User-Controlled Key - prometheus/client_golang [CWE-400] Denial of Service (DoS) ----- Signed-off-by: Spolti <[email protected]>
Address CVE-2023-48795 https://github.com/kserve/modelmesh-runtime-adapter/security/dependabot/22 --------- Signed-off-by: Christian Kadner <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
Modifications
Result