Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: update image scanning snapshots #1592

Merged
merged 1 commit into from
Feb 9, 2025
Merged

test: update image scanning snapshots #1592

merged 1 commit into from
Feb 9, 2025

Conversation

G-Rath
Copy link
Collaborator

@G-Rath G-Rath commented Feb 9, 2025

I feel like ideally this shouldn't actually be in the Java test, but potentially eliminating it is out of my wheelhouse :)

@G-Rath G-Rath force-pushed the update-snapshots-again branch from dbb769d to 494107c Compare February 9, 2025 19:39
@codecov-commenter
Copy link

codecov-commenter commented Feb 9, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 69.30%. Comparing base (fd2ef0f) to head (494107c).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1592      +/-   ##
==========================================
- Coverage   69.31%   69.30%   -0.02%     
==========================================
  Files         200      200              
  Lines       19033    19033              
==========================================
- Hits        13193    13190       -3     
- Misses       5133     5135       +2     
- Partials      707      708       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@G-Rath G-Rath mentioned this pull request Feb 9, 2025
Merged
another-rex
another-rex approved these changes Feb 9, 2025
View reviewed changes
Copy link
Collaborator

@another-rex another-rex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think ideally I'll find a JRE image that I can pin this to. Installing the package in the lockfile causes changes to the image every build.

@another-rex another-rex merged commit c100a26 into google:main Feb 9, 2025
13 checks passed
@another-rex another-rex deleted the update-snapshots-again branch February 9, 2025 22:12
@G-Rath
Copy link
Collaborator Author

G-Rath commented Feb 9, 2025

Replying to:

          Hmm it looks like the container image is not consistent every build, I'll fix it in another PR.

Originally posted by @another-rex in #1579 (comment)

Not sure if I missed something in particular that made you think "inconsistent" rather than "new vulnerability just dropped", but fwiw I noticed the Java Dockerfile includes doing apt update and apk update` which could make things more "flakey" ...

I think ideally I'll find a JRE image that I can pin this to. Installing the package in the lockfile causes changes to the image every build.

Snap, that's where I was heading too (I think)

@another-rex
Copy link
Collaborator

Just looking here: https://osv.dev/list?q=openssl&ecosystem=Alpine The latest one published by alpine is published Jan 20th. Maybe a new affected version could have been added more recently though.

@another-rex another-rex mentioned this pull request Feb 10, 2025
Merged
another-rex added a commit that referenced this pull request Feb 10, 2025
@another-rex
chore: Pin the java image so that it can't change each build (#1599)
a2811d6 
As discussed here: #1592
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@another-rex another-rex another-rex approved these changes

@cuixq cuixq Awaiting requested review from cuixq

@hogo6002 hogo6002 Awaiting requested review from hogo6002

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@G-Rath @codecov-commenter @another-rex