RHOAIENG-16520, RHOAIENG-11807, RHOAIENG-16955: update setuptools to 70.0.0 for CVE fixes #807
Conversation
/lgtm |
|
This is a true positive CI fail, but Intel images are known to have been unusable for like forever, so still lgtm from me. We should just delete Intel images from the repo.
https://github.com/opendatahub-io/notebooks/actions/runs/12301804205/job/34333232116#step:18:6130 |
We were testing out the update_library_version.sh located https://github.com/dibryant/notebooks/tree/main/scripts thats why it shows as testing. |
jiridanek
added
the
tide/merge-method-squash
|
/retitle RHOAIENG-16520, RHOAIENG-11807, RHOAIENG-16955: update setuptools to 70.0.0 for CVE fixes |
openshift-ci
bot
changed the title
|
LGTM in general. I am just thinking - since you are not able to generate/update all Pipfile.lock files anyway... I'm wondering whether the approach discussed yesterday shouldn't be applied here - remove your Pipfile.lock updates from this PR/commit. Rebase this and apply the GHA that Adriana prepared and merged today so that the Pipfile.lock files are generated for you by the GHA into your branch. Just a proposal that will make sure all pipfiles are updated directly with this change and also that changes to the pipfiles are appropriate based on our GHA env and not with some local computer quirks as discussed yesterday. |
|
Hey Diamond, since this #805 is already merged do the following to generate the pipfile.locks correctly. Create a token from your git account https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic (COPY THE GENERATED TOKEN SOMEWHERE TO USE IT ON THE NEXT STEP) Assign a secret with the token that you created on the previous step following this instructions use explicit secret name Then just run the Piplock renewal Action: https://github.com/opendatahub-io/notebooks/actions/workflows/piplock-renewal.yaml by using the this branch Another comment on this PR is please ensure that you apply the update to all pipfiles (i saw that in some directories there are no updates) |
|
It seems concerning that Pipfile.lock cannot be generated for some notebooks—it suggests potential incompatibilities. This issue should be resolved before merging /hold |
dibryant
force-pushed
the
RHOAIENG-16520-us
branch
from
aeebdf6 to
140c71c
Compare
dibryant
force-pushed
the
RHOAIENG-16520-us
branch
from
7cf9114 to
92a1e1a
Compare
|
forgot to ask about the intel issues on standup
@atheo89 do we care? |
|
Hey Diamond, seems that you trigger the GHA only for the 3.9 (based on the image below), could you update also the 3.11
|
@jiridanek Since we don't support Intel images on tier0, I suggest not prioritizing them at this point. Additionally, the Intel images in their imagestreams were last updated 9 months ago, indicating they don't follow a frequent update cadence. |
|
/retest |
|
/lgtm |
|
Great Diamond! For sanity check i did a search on your branch for https://github.com/search?q=repo%3Adibryant%2Fnotebooks%20setuptools&type=code |
That's not searching in the PR branch, it's searching it the default branch of the fork
|
Seems you are right, In my search I had chosen the PR branch, but seems git presents results from its default branch. Anyway, looks that many pipfiles have the updated version of setuptols. /unhold |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: atheo89 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/override baf |
|
@jiridanek: /override requires failed status contexts, check run or a prowjob name to operate on.
Only the following failed contexts/checkruns were expected:
If you are trying to override a checkrun that has a space in it, you must put a double quote on the context. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/override "build (cuda-jupyter-tensorflow-ubi9-python-3.11) / build" |
|
@jiridanek: Overrode contexts on behalf of jiridanek: build (cuda-jupyter-tensorflow-ubi9-python-3.11) / build, build (intel-runtime-pytorch-ubi9-python-3.9) / build, build (jupyter-intel-pytorch-ubi9-python-3.9) / build, build (rocm-jupyter-pytorch-ubi9-python-3.9) / build, build (rocm-jupyter-tensorflow-ubi9-python-3.11) / build, ci/prow/codeserver-notebook-e2e-tests, ci/prow/images, ci/prow/notebook-base-c9s-python-3-11-pr-image-mirror, ci/prow/notebook-base-c9s-python-3-9-pr-image-mirror, ci/prow/notebook-base-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-codeserver-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-codeserver-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-c9s-python-3-11-pr-image-mirror, ci/prow/notebook-cuda-c9s-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-jupyter-ds-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-cuda-jupyter-ds-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-jupyter-min-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-cuda-jupyter-minimal-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-jupyter-tf-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-cuda-jupyter-tf-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-rstudio-c9s-python-3-11-pr-image-mirror, ci/prow/notebook-cuda-rstudio-c9s-python-3-9-pr-image-mirror, ci/prow/notebook-cuda-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-datascience-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-jupyter-datascience-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-intel-ml-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-jupyter-intel-ml-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-intel-pyt-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-intel-tf-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-minimal-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-jupyter-minimal-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-pytorch-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-jupyter-pytorch-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-jupyter-trustyai-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-jupyter-trustyai-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-rocm-jupyter-minimal-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-rocm-jupyter-pyt-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-rocm-jupyter-pyt-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-rocm-jupyter-tf-ubi9-python-3-11-pr-image-mirror, ci/prow/notebook-rocm-jupyter-tf-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-rocm-ubi9-python-3-9-pr-image-mirror, ci/prow/notebook-rstudio-c9s-python-3-11-pr-image-mirror, ci/prow/notebook-rstudio-c9s-python-3-9-pr-image-mirror, ci/prow/notebooks-ubi9-e2e-tests, ci/prow/rocm-notebooks-e2e-tests, ci/prow/rocm-runtimes-ubi9-e2e-tests, ci/prow/rstudio-notebook-e2e-tests, ci/prow/runtime-cuda-tensorflow-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-cuda-tensorflow-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-datascience-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-datascience-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-intel-ml-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-intel-ml-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-intel-pyt-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-intel-tf-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-minimal-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-minimal-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-pytorch-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-pytorch-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-rocm-pytorch-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-rocm-pytorch-ubi9-python-3-9-pr-image-mirror, ci/prow/runtime-rocm-tensorflow-ubi9-python-3-11-pr-image-mirror, ci/prow/runtime-rocm-tensorflow-ubi9-python-3-9-pr-image-mirror, ci/prow/runtimes-ubi9-e2e-tests In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
openshift-merge-bot
bot
merged commit a33d66a
into
opendatahub-io:main
…70.0.0 for CVE fixes (opendatahub-io#807) * updated setuptools to 70.0.0 for CVE fixes * Update Pipfile.lock files by piplock-renewal.yaml action * Update Pipfile.lock files by piplock-renewal.yaml action --------- Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
…70.0.0 for CVE fixes (opendatahub-io#807) * updated setuptools to 70.0.0 for CVE fixes * Update Pipfile.lock files by piplock-renewal.yaml action * Update Pipfile.lock files by piplock-renewal.yaml action --------- Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
Fixes for https://issues.redhat.com/browse/RHOAIENG-16520 , https://issues.redhat.com/browse/RHOAIENG-11807 & https://issues.redhat.com/browse/RHOAIENG-16955
Description
Updated setuptools to 70.0.0 for CVE fixes( (unable to update those pipfile.locks that are missing))
How Has This Been Tested?
Merge criteria: