Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker: upgrade to 26.1.0 #2152

Merged
merged 8 commits into from
Aug 1, 2024
Merged

docker: upgrade to 26.1.0 #2152

merged 8 commits into from
Aug 1, 2024

Conversation

tormath1
Copy link
Contributor

@tormath1 tormath1 commented Jul 24, 2024
edited
Loading

In this PR we upgrade Docker from 24.0.9 to 26.1.0 and consequently we bump the Go version to 1.21.12

Notes for reviewers:

  • Why Docker 26.x and not Docker 25.x? To align on Gentoo releases

Testing done

CI (with SDK): http://jenkins.infra.kinvolk.io:8080/job/container/job/sdk/1597/cldsv/ - 🟢 except for docker.devicemapper-storage (see: flatcar/mantle#542)

core@localhost ~ $ docker version
Client:
 Version:           26.1.0
 API version:       1.45
 Go version:        go1.21.12
 Git commit:        9714adc6c797755f63053726c56bc1c17c0c9204
 Built:             Mon Jul 29 23:59:24 2024
 OS/Arch:           linux/amd64
 Context:           default

Server:
 Engine:
  Version:          26.1.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.12
  Git commit:       061aa95809be396a6b5542618d8a34b02a21ff77
  Built:            Tue Jul 30 00:55:25 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.7.20
  GitCommit:        8ccfc03e4e2b73c22899202ae09d0caf906d3863
 runc:
  Version:          1.1.13
  GitCommit:        58aa9203c123022138b22cf96540c284876a7910
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad007797e0dcd8b7126f27bb87401d224240

From the SDK:

sdk@flatcar-sdk-amd64-4041_0_0-nightly-20240724-2100_os-main-4041_0 ~/trunk/src/scripts $ go version
go version go1.21.12 linux/amd64
  • Changelog entries added in the respective changelog/ directory (user-facing change, bug fix, security fix, update)
  • Inspected CI output for image differences: /boot and /usr size, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.

Closes: flatcar/Flatcar#1387, flatcar/Flatcar#1382, flatcar/Flatcar#1405 and flatcar/Flatcar#1360

@tormath1 tormath1 self-assigned this Jul 24, 2024
@tormath1 tormath1 requested a review from a team July 24, 2024 07:50
@tormath1 tormath1 added the main label Jul 24, 2024
@tormath1 tormath1 mentioned this pull request Jul 24, 2024
Closed
4 tasks
@dongsupark dongsupark changed the title docker: ugrade to 26.1.0 docker: upgrade to 26.1.0 Jul 24, 2024
dongsupark
dongsupark reviewed Jul 24, 2024
View reviewed changes
...ird_party/coreos-overlay/app-emulation/amazon-ssm-agent/amazon-ssm-agent-3.2.985.0-r4.ebuild
@@ -3,7 +3,6 @@
EAPI=7

COREOS_GO_PACKAGE="${GITHUB_URI}"
COREOS_GO_VERSION="go1.19"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we start building amazon-ssm-agent with Go 1.21, we should probably either bump the version of amazon-ssm-agent to a fairly recent one coupled with Go 1.21, or at least run CI for AWS without updating amazon-ssm-agent.

Actually we should run a full CI for all cloud providers, not only qemu, because bumping Go version is one of the most invasive changes in Flatcar.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I checked to upgrade the SSM agent but even the main branch is still on Go 1.19 (https://github.com/aws/amazon-ssm-agent/blob/18ab50687adf4f9f3a7f8946f68c1f3e0a97629f/go.mod#L3) - I tried to build the version 3.2.985.0 locally and it worked.

Good to know for the CI, I will trigger a CI for all providers.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good on AWS: http://jenkins.infra.kinvolk.io:8080/job/container/job/packages_all_arches/4362/cldsv/ but it does not test the Amazon SSM agent IIRC.

@tormath1 tormath1 requested a review from a team July 30, 2024 07:44
dongsupark
dongsupark approved these changes Aug 1, 2024
View reviewed changes
Copy link
Member

@dongsupark dongsupark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks.

changelog/security/2024-07-24-go.md Outdated
@@ -0,0 +1 @@
- go ([CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288), [CVE-2023-45289](https://nvd.nist.gov/vuln/detail/CVE-2023-45289), [CVE-2023-45290](https://nvd.nist.gov/vuln/detail/CVE-2023-45290), [CVE-2024-24783](https://nvd.nist.gov/vuln/detail/CVE-2024-24783), [CVE-2024-24784](https://nvd.nist.gov/vuln/detail/CVE-2024-24784), [CVE-2024-24785](https://nvd.nist.gov/vuln/detail/CVE-2024-24785), [CVE-2024-24788](https://nvd.nist.gov/vuln/detail/CVE-2024-24788), [CVE-2024-24789](https://nvd.nist.gov/vuln/detail/CVE-2024-24789), [CVE-2024-24790](https://nvd.nist.gov/vuln/detail/CVE-2024-24790),[CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing space between 24790 and 24791. It should be:

- go ([CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288), [CVE-2023-45289](https://nvd.nist.gov/vuln/detail/CVE-2023-45289), [CVE-2023-45290](https://nvd.nist.gov/vuln/detail/CVE-2023-45290), [CVE-2024-24783](https://nvd.nist.gov/vuln/detail/CVE-2024-24783), [CVE-2024-24784](https://nvd.nist.gov/vuln/detail/CVE-2024-24784), [CVE-2024-24785](https://nvd.nist.gov/vuln/detail/CVE-2024-24785), [CVE-2024-24788](https://nvd.nist.gov/vuln/detail/CVE-2024-24788), [CVE-2024-24789](https://nvd.nist.gov/vuln/detail/CVE-2024-24789), [CVE-2024-24790](https://nvd.nist.gov/vuln/detail/CVE-2024-24790), [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791))

@tormath1
changelog: add entries
3f05c8f 
Signed-off-by: Mathieu Tortuyaux <[email protected]>
@tormath1
overlay profiles: remove useless device-mapper use flag for Docker
3f8b4a0 
This is not supported anymore

Signed-off-by: Mathieu Tortuyaux <[email protected]>
@tormath1 tormath1 merged commit 05b0fee into main Aug 1, 2024
1 check failed
@tormath1 tormath1 deleted the tormath1/docker branch August 1, 2024 09:48
This was referenced Aug 1, 2024
Closed
Closed
@tormath1 tormath1 mentioned this pull request Aug 1, 2024
Merged
@github-actions github-actions bot mentioned this pull request Aug 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dongsupark dongsupark dongsupark approved these changes

Assignees

@tormath1 tormath1

Labels
main
Projects
Flatcar tactical, release planning, and roadmap
Status: Implemented
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

update: go
2 participants
@tormath1 @dongsupark