Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update go and telegraf #1244

Closed
wants to merge 11 commits into from
Closed

update go and telegraf #1244

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
5c39906
update trivyignore
May 7, 2024
5cb2ec8
update go version
May 7, 2024
c897150
update telegraf too
May 8, 2024
5e3f889
update trivyignore
May 8, 2024
5c5094d
update trivyignore
May 8, 2024
b650dec
set correct go version in github codeql action
May 9, 2024
ca1c4e5
update path
May 9, 2024
ef8a7c7
add go version needed
May 9, 2024
28fb7ca
update go version on windows as well
May 9, 2024
025ac8a
check if go version persists
May 9, 2024
5a0b77e
update go modules
May 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/run_unit_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
Golang-Tests:
runs-on: ubuntu-latest
steps:
- name: Setup Go 1.19.x
- name: Setup Go 1.22.x
uses: actions/setup-go@v4
with:
go-version: '1.19.x'
go-version: '1.22.x'
- name: Check out repository code
uses: actions/checkout@v2
- name: Run unit tests
Expand Down
47 changes: 7 additions & 40 deletions .trivyignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,52 +1,19 @@
#telegraf MEDIUM
CVE-2023-39325 #same as CVE-2023-44487
CVE-2023-3978
CVE-2023-44487 #false positive according to Mariner team
GHSA-jq35-85cj-fj4p
GHSA-7ww5-4wqc-m92c
GHSA-mhpq-9638-x6pw
CVE-2023-48795
CVE-2023-50658
CVE-2024-28110
CVE-2024-24557
CVE-2024-29018
CVE-2024-27304
GHSA-7jwh-3vrq-q3m8
CVE-2024-27289
CVE-2024-27304
GHSA-7jwh-3vrq-q3m8
CVE-2024-24786
CVE-2024-24557
CVE-2023-45288

#telegraf HIGH
GHSA-m425-mq94-257g
CVE-2023-46129
CVE-2023-47090
CVE-2024-21626
CVE-2023-50658
CVE-2024-3154

# ruby HIGH
CVE-2017-10784

#ruby MEDIUM
CVE-2024-27281

#mariner MEDIUM
CVE-2023-5678

#golang MEDIUM
CVE-2023-48795
CVE-2024-24786
CVE-2023-45288

#stdlib
CVE-2023-45283
CVE-2023-29406
CVE-2023-29409
CVE-2023-39318
CVE-2023-39319
CVE-2023-39326
CVE-2023-45284
CVE-2023-45289
CVE-2023-45290
CVE-2024-24783
CVE-2024-24784
CVE-2024-24785

#ruby MEDIUM
CVE-2024-27281
2 changes: 1 addition & 1 deletion kubernetes/linux/setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ sudo tdnf install jq-1.6-1.cm2 -y
#used to setcaps for ruby process to read /proc/env
sudo tdnf install libcap -y

sudo tdnf install telegraf-1.28.5 -y
sudo tdnf install telegraf-1.29.4 -y
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please validate the perf and functional tests for this update, and also review any issues on this telegraf version related to promethus, disk, diskio plugins.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lot of work to individually test all this. I was hoping to use CI/CD clusters for this. WDYT?

Copy link
Contributor

@ganga1980 ganga1980 May 11, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lot of work to individually test all this. I was hoping to use CI/CD clusters for this. WDYT?

Can you please run some basic tests on both Linux and Windows to ensure this doesnt have any breaking change before we validate on CI/CD clusters. Primarily for windows, we have seen issues when we upgraded telegraf.

telegraf_version=$(sudo tdnf list installed | grep telegraf | awk '{print $2}')
echo "telegraf $telegraf_version" >> packages_version.txt
mv /usr/bin/telegraf /opt/telegraf
Expand Down
2 changes: 1 addition & 1 deletion kubernetes/windows/setup.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ Write-Host ('Finished Installing Fluentbit')
Write-Host ('Installing Telegraf');
try {
# For next telegraf update, make sure to update config changes in telegraf.conf, tomlparser-prom-customconfig.rb and tomlparser-osm-config.rb
$telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.24.2_windows_amd64.zip'
$telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.29.4_windows_amd64.zip'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this version working? in the past, we had issues with telegraf update on windows hence we didnt upgrade the version.

Invoke-WebRequest -Uri $telegrafUri -OutFile /installation/telegraf.zip
Expand-Archive -Path /installation/telegraf.zip -Destination /installation/telegraf
Move-Item -Path /installation/telegraf/*/* -Destination /opt/telegraf/ -ErrorAction SilentlyContinue
Expand Down
2 changes: 1 addition & 1 deletion source/plugins/go/input/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module Docker-Provider/source/plugins/go/input

go 1.19
go 1.22
pfrcks marked this conversation as resolved.
Show resolved Hide resolved

require github.com/calyptia/plugin v1.0.2

Expand Down
2 changes: 1 addition & 1 deletion source/plugins/go/src/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module Docker-Provider/source/plugins/go/src

go 1.19
go 1.22

require (
github.com/Azure/azure-kusto-go v0.15.1
Expand Down