Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Containerise Makefile using Dockerfile #218

Merged
merged 2 commits into from
Oct 11, 2023
Merged

Containerise Makefile using Dockerfile #218

merged 2 commits into from
Oct 11, 2023

Conversation

aishwarya9404
Copy link
Contributor

  • Update vendor files
  • Add Dockerfile to build the Makefile
  • Updated README.md with the command to regenerate the client libraries
  • Updated staticcheck to remove usage of io/ioutil as it is deprecated

@github-actions
Copy link

OSS Scan Results:

Title Severity Package Name CVEs Fix version Introduced
Improper Input Validation high sigs.k8s.io/aws-iam-authenticator/pkg/token ['CVE-2022-2385'] ['0.5.9'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 1

@github-actions
Copy link

License Evaluation Results:

Title Package Name Package Version Severity License Info Introduced Dependency Type

Total License Issues: 0

prashanthpx
prashanthpx reviewed Oct 11, 2023
View reviewed changes
Dockerfile Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
@github-actions
Copy link

OSS Scan Results:

Title Severity Package Name CVEs Fix version Introduced
Improper Input Validation high sigs.k8s.io/aws-iam-authenticator/pkg/token ['CVE-2022-2385'] ['0.5.9'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 1

@github-actions
Copy link

License Evaluation Results:

Title Package Name Package Version Severity License Info Introduced Dependency Type

Total License Issues: 0

@github-actions
Copy link

OSS Scan Results:

Title Severity Package Name CVEs Fix version Introduced
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high google.golang.org/grpc ['CVE-2023-44487'] ['1.58.3'] ['github.com/portworx/[email protected]', 'google.golang.org/[email protected]']
Improper Input Validation high sigs.k8s.io/aws-iam-authenticator/pkg/token ['CVE-2022-2385'] ['0.5.9'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 12

@github-actions
Copy link

License Evaluation Results:

Title Package Name Package Version Severity License Info Introduced Dependency Type

Total License Issues: 0

@aishwarya9404
Add updated vendor files
91bf42b 
Update vendor file to remove deprecated libraries
@aishwarya9404
Push changes to containerise Makefile
b6b40fd 
Update go version to 1.20

Push changes for path change and start-build-container option

Update image name
@github-actions
Copy link

OSS Scan Results:

Title Severity Package Name CVEs Fix version Introduced
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'google.golang.org/[email protected]', 'google.golang.org/grpc/internal/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/cli-runtime/pkg/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'github.com/portworx/sched-ops/k8s/core@#2e0ef25efadd', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/transport/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/client-go/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]', 'k8s.io/client-go/pkg/apis/clientauthentication/[email protected]', 'k8s.io/client-go/pkg/apis/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high golang.org/x/net/http2 ['CVE-2023-44487'] ['0.17.0'] ['github.com/portworx/[email protected]', 'k8s.io/client-go/tools/[email protected]', 'k8s.io/client-go/tools/clientcmd/api/[email protected]', 'k8s.io/apimachinery/pkg/runtime/serializer/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/v1/[email protected]', 'k8s.io/apimachinery/pkg/apis/meta/[email protected]', 'k8s.io/apimachinery/pkg/[email protected]', 'k8s.io/apimachinery/pkg/util/[email protected]', 'golang.org/x/net/[email protected]']
Denial of Service (DoS) high google.golang.org/grpc ['CVE-2023-44487'] ['1.56.3', '1.57.1', '1.58.3'] ['github.com/portworx/[email protected]', 'google.golang.org/[email protected]']
Improper Input Validation high sigs.k8s.io/aws-iam-authenticator/pkg/token ['CVE-2022-2385'] ['0.5.9'] ['github.com/portworx/[email protected]', 'sigs.k8s.io/aws-iam-authenticator/pkg/[email protected]']

Total issues: 12

@github-actions
Copy link

License Evaluation Results:

Title Package Name Package Version Severity License Info Introduced Dependency Type

Total License Issues: 0

@prashanthpx prashanthpx merged commit 812370c into master Oct 11, 2023
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prashanthpx prashanthpx prashanthpx approved these changes

@siva-portworx siva-portworx Awaiting requested review from siva-portworx

@px-kesavan px-kesavan Awaiting requested review from px-kesavan

@lalat-das lalat-das Awaiting requested review from lalat-das

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aishwarya9404 @prashanthpx