Skip to content

chore: update release build script to support internal scanning#8834

Merged
ericzzzzzzz merged 1 commit intoGoogleContainerTools:mainfrom
ericzzzzzzz:tagging-skaffold-image-with-prefix
Jun 1, 2023
Merged

chore: update release build script to support internal scanning#8834
ericzzzzzzz merged 1 commit intoGoogleContainerTools:mainfrom
ericzzzzzzz:tagging-skaffold-image-with-prefix

Conversation

@ericzzzzzzz
Copy link
Copy Markdown
Contributor

@ericzzzzzzz ericzzzzzzz commented May 31, 2023
edited
Loading

Fixes: #7169
Related: Need to do the same for v1.39, v2.0, v2.3,

Description

  • bug filing works as expected. b/285167256
  • Add another tag in release process for vulnerabilities scanning
  • the tag used for scanning marker purposed is in minor version level, which means for only one patch release(the latest one) within the same minor version will possesses the tag. For example, if 1.39.10 is the latest patch release for v1.39 version, the corresponding lts image will have the public-image-v1.39-lts tag, if we release a new patch version for v1.39 later, the tag will be moved to the corresponding 1.39.11 lts image.

@codecov
Copy link
Copy Markdown

codecov bot commented May 31, 2023
edited
Loading

Codecov Report

Merging #8834 (84f12b5) into main (290280e) will decrease coverage by 6.54%.
The diff coverage is 50.00%.

@@            Coverage Diff             @@
##             main    #8834      +/-   ##
==========================================
- Coverage   70.48%   63.94%   -6.54%     
==========================================
  Files         515      620     +105     
  Lines       23150    31455    +8305     
==========================================
+ Hits        16317    20115    +3798     
- Misses       5776     9836    +4060     
- Partials     1057     1504     +447
Impacted Files Coverage Δ
cmd/skaffold/app/cmd/completion.go 13.04% <0.00%> (-1.25%) ⬇️
cmd/skaffold/app/cmd/config/list.go 65.21% <ø> (ø)
cmd/skaffold/app/cmd/config/set.go 88.72% <ø> (ø)
cmd/skaffold/app/cmd/config/util.go 54.28% <ø> (ø)
cmd/skaffold/app/cmd/credits.go 100.00% <ø> (ø)
cmd/skaffold/app/cmd/credits/export.go 0.00% <0.00%> (ø)
cmd/skaffold/app/cmd/deploy.go 40.90% <0.00%> (-12.94%) ⬇️
cmd/skaffold/app/cmd/generate_pipeline.go 60.00% <ø> (ø)
cmd/skaffold/app/cmd/inspect_modules.go 65.00% <ø> (ø)
cmd/skaffold/app/cmd/inspect_profiles.go 66.66% <ø> (ø)
... and 40 more

... and 410 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@ericzzzzzzz ericzzzzzzz requested review from a team, plumpy and renzodavid9 and removed request for a team May 31, 2023 20:35
@ericzzzzzzz ericzzzzzzz marked this pull request as ready for review May 31, 2023 20:36
plumpy
plumpy reviewed Jun 1, 2023
View reviewed changes
deploy/cloudbuild-release-lts.yaml
- 'make'
- 'release-lts'
- 'VERSION=$TAG_NAME'
- 'SCANNING_MARKER=$_SCANNING_MARKER'
Copy link
Copy Markdown
Contributor

@plumpy plumpy Jun 1, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think $_SCANNING_MARKER is defined anywhere?

Copy link
Copy Markdown
Contributor Author

@ericzzzzzzz ericzzzzzzz Jun 1, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can be defined in cloud build trigger, i just did it thanks!
Screenshot 2023-06-01 at 9 23 37 AM

@ericzzzzzzz ericzzzzzzz merged commit 3c6ed45 into GoogleContainerTools:main Jun 1, 2023
ericzzzzzzz added a commit to ericzzzzzzz/skaffold that referenced this pull request Jun 1, 2023
@ericzzzzzzz
chore: update release build script to support internal scanning (Goog…
6f6db31 
…leContainerTools#8834)
This was referenced Jun 1, 2023
Merged
Merged
Merged
ericzzzzzzz added a commit that referenced this pull request Jun 2, 2023
@ericzzzzzzz
chore: cherry-pick scanning marker change to release/v2.3 (#8842)
8469fea 
* chore: update release build script to support internal scanning (#8834)

* chore: fix test

* chore: change schema check against v2.3

* chore: change schema check against v2.3

* chore: update example version
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@plumpy plumpy plumpy approved these changes

@renzodavid9 renzodavid9 Awaiting requested review from renzodavid9 renzodavid9 is a code owner automatically assigned from GoogleContainerTools/skaffold-team

Assignees

No one assigned

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: Create internal bugs when Skaffold scanners find vulnerabilities in LTS images

2 participants

@ericzzzzzzz @plumpy