Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPTOOLS-525, OCPTOOLS-535, OCPTOOLS-527: Bump Jenkins and plugins #1878

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

OCPTOOLS-525, OCPTOOLS-535, OCPTOOLS-527: Bump Jenkins and plugins #1878

wants to merge 2 commits into from
+249 −243

Conversation

k37y
Copy link
Contributor

@k37y k37y commented Dec 19, 2024
edited
Loading

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Dec 19, 2024
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Dec 19, 2024
edited by openshift-ci bot
Loading

@k37y: This pull request references OCPTOOLS-525 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-535 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-527 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

In response to this:

  • Bump jenkins version from 2.462.3 to 2.479.2 to mitigate CVE-2024-47072
  • Bump workflow-cps to mitigate CVE-2024-52550
  • Bump pipeline-model-definition to mitigate CVE-2024-52551

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@prdhamdh
Copy link
Contributor

/test e2e-aws-jenkins-client-plugin

@prdhamdh
Copy link
Contributor

/retest

@k37y
OCPTOOLS-525: Bump jenkins version
01ab53f 
- Bump jenkins version from 2.462.3 to 2.479.3 to mitigate CVE-2024-47072

Signed-off-by: Vinu K [email protected]
@k37y k37y force-pushed the bump-jkns-and-plugins branch from 4ab6d59 to 5a7254e Compare January 28, 2025 06:54
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jan 28, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: k37y

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 28, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 28, 2025
edited by openshift-ci bot
Loading

@k37y: This pull request references OCPTOOLS-525 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-535 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-527 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

In response to this:

  • Bump jenkins version from 2.462.3 to 2.479.3 to mitigate CVE-2024-47072
  • Bump workflow-cps to mitigate CVE-2024-52550
  • Bump pipeline-model-definition to mitigate CVE-2024-52551

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@k37y
Copy link
Contributor Author

k37y commented Jan 29, 2025

/retest

@k37y
OCPTOOLS-535, OCPTOOLS-527: Bump plugins version
94a9d64 
- Bump workflow-cps to mitigate CVE-2024-52550
- Bump pipeline-model-definition to mitigate CVE-2024-52551
- Bump plugins to fix the compatibility issue of openshift/jenkins-sync-plugin/pull/490

Signed-off-by: Vinu K <[email protected]>
@k37y k37y force-pushed the bump-jkns-and-plugins branch from 5a7254e to 94a9d64 Compare January 29, 2025 11:06
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Jan 29, 2025
edited by openshift-ci bot
Loading

@k37y: This pull request references OCPTOOLS-525 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-535 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

This pull request references OCPTOOLS-527 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the vulnerability to target the "4.19.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@k37y
Copy link
Contributor Author

k37y commented Jan 29, 2025

/test e2e-aws-jenkins-sync-plugin

1 similar comment
@k37y
Copy link
Contributor Author

k37y commented Jan 30, 2025

/test e2e-aws-jenkins-sync-plugin

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jan 30, 2025

@k37y: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-aws-jenkins-sync-plugin 94a9d64 link true /test e2e-aws-jenkins-sync-plugin
ci/prow/security 94a9d64 link false /test security

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ayushsatyam146 ayushsatyam146 Awaiting requested review from ayushsatyam146

@divyansh42 divyansh42 Awaiting requested review from divyansh42

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@k37y @openshift-ci-robot @prdhamdh