Bump odh 0.12.rc0 to rhoai main branch #32
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Address code scanning alerts 1, 2, 3: - https://github.com/kserve/modelmesh-serving/security/code-scanning/1 - https://github.com/kserve/modelmesh-serving/security/code-scanning/2 - https://github.com/kserve/modelmesh-serving/security/code-scanning/3 Signed-off-by: Christian Kadner <[email protected]>
- Add doc link to MM_PAYLOAD_PROCESSORS variable in modelmesh repo - Update defunct links for OpenVINO docs - Update example inference responses - CamelCase Modelmesh - Add create namespace command to FVT setup instructions - Add command to delete namespace in Quickstart cleanup instructions --------- Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
- Transform the current FVT workflow into a reusable workflow: fvt-base.yml - Create 2 separate new workflows fvt-ns.yaml and fvt-cs.yaml that call the FVT Base workflow with namespace-scope-mode input parameter Resolves kserve#436 --------- Signed-off-by: Christian Kadner <[email protected]>
* Use config/ as the manifests source for ODH operator v2 Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> * move all changes into an overlay Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> * restructure manifests so that kustomize does not need LoadRestrictorNone flag Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> * correct label mismatch Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> * final modifications Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> * remove openvino variable as it is unused Signed-off-by: Vedant Mahabaleshwarkar <[email protected]> --------- Signed-off-by: Vedant Mahabaleshwarkar <[email protected]>
Signed-off-by: Spolti <[email protected]>
Update [golang.org/x/net](https://github.com/golang/net) from v0.14.0 to v0.17.0. - https://github.com/kserve/modelmesh-serving/security/dependabot/8 - https://github.com/kserve/modelmesh-serving/security/dependabot/9 Signed-off-by: Christian Kadner <[email protected]>
Update google.golang.org/grpc from v1.55.0 to v1.56.3 https://github.com/kserve/modelmesh-serving/security/dependabot/10 --- Signed-off-by: Rafael Vasquez <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
Specify and link python38 to fix build/test failures due to the wrong Python version (3.6) being used from base image. --------- Signed-off-by: Rafael Vasquez <[email protected]>
…ve#459) Fix the following CVEs: - [CVE-2023-37788] github.com/elazarl/goproxy Denial of Service (DoS) - [CVE-2022-21698, CVE-2023-45142] Allocation of Resources Without Limits or Throttling ----- Signed-off-by: Spolti <[email protected]>
Specify and link python38 to fix build/test failures due to the wrong Python version (3.6) being used from base image. Signed-off-by: Spolti <[email protected]>
Sync community with ODH
chore: This commit fixes the following CVEs: - [CVE-2023-37788](https://www.cve.org/CVERecord?id=CVE-2023-37788): github.com/elazarl/goproxy Denial of Service (DoS) - [CVE-2022-21698](https://www.cve.org/CVERecord?id=CVE-2022-21698) / [CVE-2023-45142](https://www.cve.org/CVERecord?id=CVE-2023-45142): Allocation of Resources Without Limits or Throttling Signed-off-by: Spolti <[email protected]>
vulnerabilities fixes
Signed-off-by: Rafael Vasquez <[email protected]>
To address security vulnerabilities: - CVE-2022-27191 - CVE-2021-43565 - CVE-2020-29652 - CVE-2023-48795 --------- Signed-off-by: Christian Kadner <[email protected]>
Updating dependencies for the v0.11.2 release: - Go: 1.19 -> 1.20 - UBI: 8.7 -> 8.9 - OCP: 4.9 -> 4.12 - kserve: v0.11.1 -> v0.11.2 - K8s: 1.23 -> 1.26 --- Signed-off-by: Christian Kadner <[email protected]>
- Add paragraph on security fixes - Clarify release branch requirement - Correct repo links - Show linting changes --------- Signed-off-by: Christian Kadner <[email protected]>
Updating the E2E and performance test toolchain running nightly on IKS --------- Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
- docs/install/install-script.md - docs/component-versions.md - docs/quickstart.md - scripts/setup_user_namespaces.sh --------- Signed-off-by: Christian Kadner <[email protected]>
Wrap commit short hash in quotes Resolves kserve#472 --------- Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Vaibhav Jain <[email protected]>
Apply patch to remove empty string of caBundle
If template parsing fails, the "foo" string would appear in pod logs. This should be very hard to happen, since the template is built-in. Changing, simply, to have more meaningful logs. Fixes opendatahub-io#114 Signed-off-by: Edgar Hernández <[email protected]>
Fix https://security.snyk.io/vuln/SNYK-GOLANG-GOOGLEGOLANGORGPROTOBUFENCODINGPROTOJSON-6137908 Signed-off-by: jooho <[email protected]> Co-authored-by: jooho <[email protected]>
Address DoS vulnerability in github.com/pkg/sftp https://app.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPKGSFTP-569475 --------- Signed-off-by: jooho <[email protected]> Signed-off-by: Davide Salerno <[email protected]> Co-authored-by: Signed-off-by: Davide Salerno <[email protected]>
Mitigate CVE-2023-48713 --------- Signed-off-by: Christian Kadner <[email protected]>
…serve#487) * Rebase dev image from ubi8/go-toolset to ubi8/ubi-minimal * Add new build stage to install Go and CLI tools that previously were available with the ubi/go-toolset image * Update Go version from 1.20 to 1.21 (Dockerfile, go.mod) --------- Signed-off-by: Christian Kadner <[email protected]>
#### Motivation https://github.com/kserve/modelmesh-serving/security > **Code scanning configuration error** > CodeQL is reporting errors. Check the [tool status](https://github.com/kserve/modelmesh-serving/security/code-scanning/tools/CodeQL/status/configurations/actions-FZTWS5DIOVRC653POJVWM3DPO5ZS6Y3PMRSXC3BOPFWWY/b3dc626bc1db336b4a359feba12ef6c0998163ba0ab6e63305c9bc82567d61c9) for help. <img width="683" alt="image" src="https://github.com/kserve/modelmesh-serving/assets/12246093/d97338cd-8288-43c1-ba58-4c328780debe"> #### Modifications - update Go version for build/test/lint workflow(s) - update versions of (all) GitHub actions #### Result TBD Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Selbi Nuryyeva <[email protected]>
Update OWNERS in main branch
#### Motivation Followed the quickstart and ran into "jq not found" when running the following command. [Quickstart link](https://github.com/kserve/modelmesh-serving/blob/91b610bd1bcd8d5264dcd696db4e2b65730f7468/scripts/self-signed-ca.sh#L136-L139) ```./scripts/install.sh --namespace modelmesh-serving --quickstart --enable-self-signed-ca``` The following change made jq a necessary dependency: https://github.com/kserve/modelmesh-serving/blob/91b610bd1bcd8d5264dcd696db4e2b65730f7468/scripts/self-signed-ca.sh#L136-L139 #### Modifications Modified the list under the following link to point to where jq can be downloaded or installed https://github.com/kserve/modelmesh-serving/blob/main/docs/quickstart.md#prerequisites #### Result The prerequisites list has the link detailed below. --------- Signed-off-by: medinad96 <[email protected]>
#### Motivation Triton introduced [support for more model frameworks last year](https://developer.nvidia.com/blog/real-time-serving-for-xgboost-scikit-learn-randomforest-lightgbm-and-more/) and can support xgboost, lightgbm, and more. This PR adds examples and docs to advertise this. #### Modifications - Add newly supported models to Triton runtime config, setting `autoSelect: false`. - Add an example ISVC config for Triton-served XGBoost model. - Update example-models doc to reflect example models added in kserve/modelmesh-minio-examples#7 - Update model-formats README to reflect framework support and framework-specific docs to show example ISVC using Triton. - Add FVTs for lightgbm and xgboost deployment on Triton runtime #### Result Closes opendatahub-io#185 --------- Signed-off-by: Rafael Vasquez <[email protected]> Signed-off-by: Rafael Vasquez <[email protected]>
This is to move away from CVE-20204-24786: infinite loop vulnerability. Signed-off-by: Edgar Hernández <[email protected]>
#### Motivation I'm very happy to quickly install `kserve modelmesh` by following [quickstart](https://github.com/kserve/modelmesh-serving/blob/main/docs/quickstart.md), but I encountered the problem when I want to write a python-based custom `ServingRuntime` for model `mnist-svm.joblib` which is also used in many guides and docs, and I also opened an [issue ](kserve#494) for it. However, I can hardly find the complete process which is available online, including the community. So I pieced together some information to make it's easier for user to do it. #### Modifications 1. Add a REAMD for describing the complete process 2. Add a folder for custom ServingRuntime, including the python code, Dockerfile and required library configuration file. #### Result The process for writing a python-based custom `ServingRuntime` is completed, hope it can be a easy start for fresh user. --------- Signed-off-by: zhlsunshine <[email protected]>
chore: opendatahub folder have
- quickstart
- docs
- manifests/scripts to support fvt
After transition manifests are merged, the way to deploy modelmesh-serving is changed so we should update all related one.
Signed-off-by: Spolti <[email protected]>
Updating packages used in recently introduced custom runtime example. - https://github.com/kserve/modelmesh-serving/security/dependabot/14 - https://github.com/kserve/modelmesh-serving/security/dependabot/15 Signed-off-by: Rafael Vasquez <[email protected]>
Latest uses go1.22 while we use 1.20 Signed-off-by: Spolti <[email protected]>
[RHOAIENG-1051] - update opendatahub folder to kustomize
…mits or Throttling chore: Fixes [CVE-2023-45288](https://www.cve.org/CVERecord?id=CVE-2023-45288) Signed-off-by: Spolti <[email protected]>
[RHOAIENG-5305] - golang.org/x/net Allocation of Resources Without Li…
* Update kserve/kserve dependency to v0.12.0 * Update KServe CRDs to the ones in KServe v0.12.0 * Code adaptations for controller-runtime upgrade. --------- Signed-off-by: Edgar Hernández <[email protected]>
[RHOAIENG-5305] - golang.org/x/net Allocation of Resources Without Limits or Throttling chore: Fixes [CVE-2023-45288](https://www.cve.org/CVERecord?id=CVE-2023-45288) --------- Signed-off-by: Spolti <[email protected]>
Signed-off-by: Vedant Mahabaleshwarkar <[email protected]>
increase etcd resources
Signed-off-by: Edgar Hernández <[email protected]>
…c-20240429 Code sync with upstream - April 29th, 2024
Signed-off-by: rpancham <[email protected]>
Signed-off-by: rpancham <[email protected]>
This prepares the branch for running the release workflow. Signed-off-by: Edgar Hernández <[email protected]>
…auto-release Prepare v0.12.0-rc0 branch for release
Signed-off-by: GitHub Actions <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
Bump odh 0.12.rc0 to rhoai main branch