Skip to content

fix: fix main vulnerabilities#1967

Open
bwplotka wants to merge 3 commits into
mainfrom
bwplotka/main-gmpctl-vulnfix
Open

fix: fix main vulnerabilities#1967
bwplotka wants to merge 3 commits into
mainfrom
bwplotka/main-gmpctl-vulnfix

Conversation

@bwplotka

@bwplotka bwplotka commented Jun 23, 2026

Copy link
Copy Markdown
Collaborator

Updating Go and image vulnerabilities using

./gmpctl.sh vulnfix

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 23, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the gke-distroless base image tags and digests across several Dockerfiles and the global Helm values. The review feedback recommends wrapping the updated tag in charts/values.global.yaml in double quotes to prevent YAML parsers from treating it as a number, adhering to the file's documented guidelines.

Comment thread charts/values.global.yaml
@bwplotka
fix: fix main vulnerabilities
ed36e4d 
Signed-off-by: bwplotka <bwplotka@gmail.com>
@bwplotka bwplotka force-pushed the bwplotka/main-gmpctl-vulnfix branch 2 times, most recently from c7bb2d2 to ed36e4d Compare June 23, 2026 13:52
@bwplotka
fix: go version on check image
0ff5caf 
Signed-off-by: bwplotka <bwplotka@google.com>
bernot-dev
bernot-dev reviewed Jun 24, 2026
View reviewed changes
Comment thread .github/workflows/check-images.yml Outdated
persist-credentials: false
- uses: actions/setup-go@v6
with:
go-version: '1.25'

@bernot-dev bernot-dev Jun 24, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would we want to do this?

@bwplotka bwplotka Jun 24, 2026

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/GoogleCloudPlatform/prometheus-engine/actions/runs/28031355288/job/82972613566 - there might be better way to do this

@bernot-dev bernot-dev Jun 24, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think go-version: stable should use the latest stable release.

https://github.com/actions/setup-go#supported-version-syntax

@bwplotka
changed to stable
158c54a 
Signed-off-by: bwplotka <bwplotka@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bernot-dev bernot-dev bernot-dev left review comments
+1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bwplotka @bernot-dev