Skip to content

main: Update docker.io/prom/prometheus Docker tag to v3.4.0 #1602

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 19, 2025
Merged

main: Update docker.io/prom/prometheus Docker tag to v3.4.0 #1602

merged 1 commit into from
May 19, 2025

Conversation

renovate-bot
Copy link
Collaborator

@renovate-bot renovate-bot commented May 17, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
docker.io/prom/prometheus minor v3.3.1 -> v3.4.0

Release Notes

prometheus/prometheus (docker.io/prom/prometheus)

v3.4.0

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-project-automation github-project-automation bot moved this to PRs In Progress in Basic Kanban Board May 17, 2025
@github-project-automation github-project-automation bot moved this from PRs In Progress to Ready to merge in Basic Kanban Board May 19, 2025
@snazy snazy merged commit f4ecb6c into apache:main May 19, 2025
6 checks passed
@github-project-automation github-project-automation bot moved this from Ready to merge to Done in Basic Kanban Board May 19, 2025
@renovate-bot renovate-bot deleted the renovate/main/docker.io-prom-prometheus-3.x branch May 19, 2025 09:17
snazy added a commit to snazy/polaris that referenced this pull request May 22, 2025
@snazy @renovate-bot
@flyrain @exceptionfactory @HonahX @XJDKC @dimas-b @MonkeyCanCode
Dremio merge 2025 05 21 09 39 (apache#72)
06c7187 
* main: Update docker.io/prom/prometheus Docker tag to v3.4.0 (apache#1602)

* Site: Update production configuration page (apache#1606)

* main: Update dependency com.google.cloud:google-cloud-storage-bom to v2.52.3 (apache#1623)

* main: Update dependency boto3 to v1.38.19 (apache#1622)

* Remove Bouncy Castle dependency usage from PemUtils (apache#1318)

- Added PEM format parsing in PemUtils
- Added unit test for PemUtils for empty file and multiple PEM objects
- Removed Bouncy Castle Provider dependency from service common module
- Removed Bouncy Castle Provider dependency from quarkus service module

* Site: Add a page for policy management (apache#1600)

* [Policy Store | Management Spec] Add policy privileges to spec and update admin service impl (apache#1529)

This PR adds new policy related privileges to polaris-management-api.yml and update PolarisAdminService to allow granting new privileges

* Spec: Add SigV4 Auth Support for Catalog Federation (apache#1506)

* Spec changes for SigV4 Auth Support for Catalog Federation

* Extract service identity info as a nested object

* nit: fix admin tool log level and comments (apache#1626)

The previous WARNING log levels seems to work, but WARN
aligns better with standard Quarkus log levels.

Fixes apache#1612

* Doc: switch to use iceberg-aws-bundle jar (apache#1609)

* main: Update dependency org.mockito:mockito-core to v5.18.0 (apache#1630)

* main: Update dependency boto3 to v1.38.20 (apache#1631)

* Require explicit user-consent to enable HadoopFileIO (apache#1532)

Using `HadoopFileIO` in Polaris can enable "hidden features" that users are likely not aware of. This change requires users to manually update the configuration to be able to use `HadoopFileIO` in way that highlights the consequences of enabling it.

This PR updates Polaris in multiple ways:
* The default of `SUPPORTED_CATALOG_STORAGE_TYPES` is changed to not include the `FILE` storage type.
* Respect the `ALLOW_SPECIFYING_FILE_IO_IMPL` configuration on namespaces, tables and views to prevent setting an `io-impl` value for anything but one of the configured, supported storage-types.
* Unify validation code in a new class `IcebergPropertiesValidation`.
* Using `FILE` or `HadoopFileIO` now _also_ requires the explicit configuration `ALLOW_INSECURE_STORAGE_TYPES_ACCEPTING_SECURITY_RISKS=true`.
* Added production readiness checks that trigger when `ALLOW_INSECURE_STORAGE_TYPES_ACCEPTING_SECURITY_RISKS` is `true` or `SUPPORTED_CATALOG_STORAGE_TYPES` contains `FILE` (defaults and per-realm).
* The two new readiness checks are considered _severe_. Severe readiness-errors prevent the server from starting up - unless the user explicitly configured `polaris.readiness.ignore-security-issues=true`.

Log messages and configuration options explicitly use "clear" phrases highlighting the consequences.

With these changes it is intentionally extremely difficult to start Polaris with HadoopFileIO. People who work around all these safety nets must have realized that what they are doing.

A lot of the test code relies on `FILE`/`HadoopFileIO`, those tests got all the configurations to let those tests continue to work as they are, bypassing the added security safeguards.

---------

Co-authored-by: Dmitri Bourlatchkov <dmitri.bourlatchkov@dremio.com>

---------

Co-authored-by: Mend Renovate <bot@renovateapp.com>
Co-authored-by: Yufei Gu <yufei@apache.org>
Co-authored-by: David Handermann <exceptionfactory@apache.org>
Co-authored-by: Honah (Jonas) J. <honahx@apache.org>
Co-authored-by: Rulin Xing <xjdkcsq3@gmail.com>
Co-authored-by: Dmitri Bourlatchkov <dmitri.bourlatchkov@dremio.com>
Co-authored-by: MonkeyCanCode <yongzheng0809@gmail.com>
adnanhemani pushed a commit to adnanhemani/polaris that referenced this pull request May 22, 2025
@renovate-bot @adnanhemani
main: Update docker.io/prom/prometheus Docker tag to v3.4.0 (apache#1602
3f1b8df 
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@snazy snazy snazy approved these changes

@adutra adutra Awaiting requested review from adutra adutra is a code owner

@ashvina ashvina Awaiting requested review from ashvina ashvina is a code owner

@dennishuo dennishuo Awaiting requested review from dennishuo dennishuo is a code owner

@dimas-b dimas-b Awaiting requested review from dimas-b dimas-b is a code owner

@eric-maynard eric-maynard Awaiting requested review from eric-maynard eric-maynard is a code owner

@jackye1995 jackye1995 Awaiting requested review from jackye1995 jackye1995 is a code owner

@jbonofre jbonofre Awaiting requested review from jbonofre jbonofre is a code owner

@vvcephei vvcephei Awaiting requested review from vvcephei vvcephei is a code owner

@collado-mike collado-mike Awaiting requested review from collado-mike collado-mike is a code owner

@RussellSpitzer RussellSpitzer Awaiting requested review from RussellSpitzer RussellSpitzer is a code owner

@takidau takidau Awaiting requested review from takidau takidau is a code owner

@MonkeyCanCode MonkeyCanCode Awaiting requested review from MonkeyCanCode MonkeyCanCode is a code owner

@flyrain flyrain Awaiting requested review from flyrain flyrain is a code owner

@ebyhr ebyhr Awaiting requested review from ebyhr ebyhr is a code owner

@HonahX HonahX Awaiting requested review from HonahX HonahX is a code owner

@singhpk234 singhpk234 Awaiting requested review from singhpk234 singhpk234 is a code owner

@pingtimeout pingtimeout Awaiting requested review from pingtimeout pingtimeout is a code owner

Assignees
No one assigned
Labels
renovate-polaris
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@renovate-bot @snazy