Skip to content

Update go version in build image to 1.16.6 #4362

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 13, 2021
Merged

Update go version in build image to 1.16.6 #4362

merged 3 commits into from
Jul 13, 2021

Conversation

simonswine
Copy link
Contributor

What this PR does:

Update go version in build image to 1.16.6. This addresses CVE-2021-34558.

golang/go#47143

This now needs a maintainer to push a build image and update references (see https://cortexmetrics.io/docs/contributing/how-to-update-the-build-image/)

@simonswine simonswine force-pushed the 20210713_update-go-1.16.6 branch 2 times, most recently from 4591f03 to 9f23346 Compare July 13, 2021 10:28
@simonswine
Update go version in build image to 1.16.6
178ab0c 
This addresses CVE-2021-34558.

golang/go#47143

Signed-off-by: Christian Simon <simon@swine.de>
@simonswine simonswine force-pushed the 20210713_update-go-1.16.6 branch from 9f23346 to 178ab0c Compare July 13, 2021 10:29
gouthamve
gouthamve approved these changes Jul 13, 2021
View reviewed changes
Copy link
Contributor

@gouthamve gouthamve left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pracucci
Copy link
Contributor

I'm going to build and publish the updated image.

@pracucci
Update build image and golang version in CI
5107740 
Signed-off-by: Marco Pracucci <marco@pracucci.com>
@simonswine
Copy link
Contributor Author

@pracucci I think there is also a reference in the Makefile:

cortex/Makefile

Line 122 in 03911b6

LATEST_BUILD_IMAGE_TAG ?= build-image-multiarch-1d2497ff6

@pracucci
Copy link
Contributor

@pracucci I think there is also a reference in the Makefile:

cortex/Makefile

Line 122 in 03911b6

LATEST_BUILD_IMAGE_TAG ?= build-image-multiarch-1d2497ff6

Right. Can you fix it and also update the doc at docs/contributing/how-to-upgrade-golang-version.md, please?

@simonswine
Update LATEST_BUILD_IMAGE_TAG in makefile
53d087c 
Signed-off-by: Christian Simon <simon@swine.de>
@pracucci pracucci enabled auto-merge (squash) July 13, 2021 14:25
@pracucci pracucci merged commit e49102c into cortexproject:master Jul 13, 2021
alvinlin123 pushed a commit to ac1214/cortex that referenced this pull request Jan 14, 2022
@simonswine @pracucci @alvinlin123
Update go version in build image to 1.16.6 (cortexproject#4362)
f1f3642 
* Update go version in build image to 1.16.6

This addresses CVE-2021-34558.

golang/go#47143

Signed-off-by: Christian Simon <simon@swine.de>

* Update build image and golang version in CI

Signed-off-by: Marco Pracucci <marco@pracucci.com>

* Update LATEST_BUILD_IMAGE_TAG in makefile

Signed-off-by: Christian Simon <simon@swine.de>

Co-authored-by: Marco Pracucci <marco@pracucci.com>
Signed-off-by: Alvin Lin <alvinlin@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

3 more reviewers

@aknuds1 aknuds1 aknuds1 approved these changes

@pracucci pracucci pracucci approved these changes

@gouthamve gouthamve gouthamve approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/S

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@simonswine @pracucci @aknuds1 @gouthamve