mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 20:24:09 +00:00
Merge pull request #103235 from thejoycekung/debian-setcap-image-bump
Update debian, debian-iptables, setcap images to pick up CVE fixes
This commit is contained in:
commit
e974bcd471
@ -86,9 +86,9 @@ readonly KUBE_RSYNC_PORT="${KUBE_RSYNC_PORT:-}"
|
||||
readonly KUBE_CONTAINER_RSYNC_PORT=8730
|
||||
|
||||
# These are the default versions (image tags) for their respective base images.
|
||||
readonly __default_debian_iptables_version=buster-v1.6.2
|
||||
readonly __default_debian_iptables_version=buster-v1.6.5
|
||||
readonly __default_go_runner_version=v2.3.1-go1.16.5-buster.0
|
||||
readonly __default_setcap_version=buster-v2.0.1
|
||||
readonly __default_setcap_version=buster-v2.0.3
|
||||
|
||||
# These are the base images for the Docker-wrapped binaries.
|
||||
readonly KUBE_GORUNNER_IMAGE="${KUBE_GORUNNER_IMAGE:-$KUBE_BASE_IMAGE_REGISTRY/go-runner:$__default_go_runner_version}"
|
||||
|
@ -130,7 +130,7 @@ dependencies:
|
||||
|
||||
# Base images
|
||||
- name: "k8s.gcr.io/debian-base: dependents"
|
||||
version: buster-v1.7.1
|
||||
version: buster-v1.8.0
|
||||
refPaths:
|
||||
- path: cluster/images/etcd/Makefile
|
||||
match: BASEIMAGE\?\=k8s\.gcr\.io\/build-image\/debian-base:[a-zA-Z]+\-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)
|
||||
@ -144,7 +144,7 @@ dependencies:
|
||||
match: BASEIMAGE\?\=k8s\.gcr\.io\/build-image\/debian-base-s390x:[a-zA-Z]+\-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)
|
||||
|
||||
- name: "k8s.gcr.io/debian-iptables: dependents"
|
||||
version: buster-v1.6.2
|
||||
version: buster-v1.6.5
|
||||
refPaths:
|
||||
- path: build/common.sh
|
||||
match: __default_debian_iptables_version=
|
||||
@ -216,7 +216,7 @@ dependencies:
|
||||
match: configs\[Pause\] = Config{list\.GcRegistry, "pause", "\d+\.\d+(.\d+)?"}
|
||||
|
||||
- name: "k8s.gcr.io/setcap: dependents"
|
||||
version: buster-v2.0.1
|
||||
version: buster-v2.0.3
|
||||
refPaths:
|
||||
- path: build/common.sh
|
||||
match: __default_setcap_version=
|
||||
|
@ -67,19 +67,19 @@ GOARM?=7
|
||||
TEMP_DIR:=$(shell mktemp -d)
|
||||
|
||||
ifeq ($(ARCH),amd64)
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base:buster-v1.7.1
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base:buster-v1.8.0
|
||||
endif
|
||||
ifeq ($(ARCH),arm)
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-arm:buster-v1.7.1
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-arm:buster-v1.8.0
|
||||
endif
|
||||
ifeq ($(ARCH),arm64)
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-arm64:buster-v1.7.1
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-arm64:buster-v1.8.0
|
||||
endif
|
||||
ifeq ($(ARCH),ppc64le)
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-ppc64le:buster-v1.7.1
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-ppc64le:buster-v1.8.0
|
||||
endif
|
||||
ifeq ($(ARCH),s390x)
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-s390x:buster-v1.7.1
|
||||
BASEIMAGE?=k8s.gcr.io/build-image/debian-base-s390x:buster-v1.8.0
|
||||
endif
|
||||
|
||||
RUNNERIMAGE?=gcr.io/distroless/static:latest
|
||||
|
@ -214,7 +214,7 @@ func initImageConfigs(list RegistryList) (map[int]Config, map[int]Config) {
|
||||
configs[CheckMetadataConcealment] = Config{list.PromoterE2eRegistry, "metadata-concealment", "1.6"}
|
||||
configs[CudaVectorAdd] = Config{list.E2eRegistry, "cuda-vector-add", "1.0"}
|
||||
configs[CudaVectorAdd2] = Config{list.PromoterE2eRegistry, "cuda-vector-add", "2.2"}
|
||||
configs[DebianIptables] = Config{list.BuildImageRegistry, "debian-iptables", "buster-v1.6.2"}
|
||||
configs[DebianIptables] = Config{list.BuildImageRegistry, "debian-iptables", "buster-v1.6.5"}
|
||||
configs[EchoServer] = Config{list.PromoterE2eRegistry, "echoserver", "2.3"}
|
||||
configs[Etcd] = Config{list.GcEtcdRegistry, "etcd", "3.4.13-0"}
|
||||
configs[GlusterDynamicProvisioner] = Config{list.PromoterE2eRegistry, "glusterdynamic-provisioner", "v1.0"}
|
||||
|
Loading…
Reference in New Issue
Block a user