CoreDNS 1.11.2 Release #6454
Comments
|
It looks like we have a bunch of golangci-lint issues to fix. |
|
Yes, they've been failing I think since November. |
|
I suspect perhaps a change in the linter? |
|
oh I think I know, why it fails, this should fix it #6456 |
|
Here's the current list of non-chore changes:
|
|
what about this : |
|
Hey, we have a few customers waiting on the UDP overflow fix. Is there an ETA for the release yet? |
|
Is there an estimated date on this? There are quite a few dependency vulnerabilities in 1.11.1 |
chrisohaver
changed the title
|
The docker build/publish has failed due to authentication failure (in 2 attempts). |
|
I do not have push access to the coredns docker hub repo, so I cannot resolve the docker push auth failure. |
|
Update: we tried replacing the docker creds with known working set, and we continue to see the same build failure - an authentication failure when attempting to push the images to dockerhub. |
|
Do you have considered using GitHub Container Registry? It would be a great addition in order to avoid Docker pull quota limitation |
|
missing image |
https://github.com/coredns/coredns/actions/runs/8084880918 the release CI failed. |
|
Aware |
|
I have deleted the 1.11.2 release so we don’t have a 1/2 completed release. Will re-release once docker login issue is resolved. |
|
The go1.21.8 / 1.22.1 CVE patches seem like something worth picking up https://groups.google.com/g/golang-dev/c/o1I1Vv8Rfgs/m/Wr8tD1RlAgAJ |
|
Docker login issue doesn't appear to have progressed. Is anyone with coredns docker write permissions quietly working on this? If not, perhaps we should consider moving away from dockerhub and publishing to gcr instead? |
|
hey @chrisohaver, if you're using Docker Desktop can you file a ticket here https://hub.docker.com/support/desktop ? If not, send an email to support@docker.com so we can help you get the hub credentials issue resolved? |
|
I suspect the original failure was due to a password change. Just suspicion since I don't know the actual passwords. |
|
Would it be possible to delete the tag for 1.11.2? It's flagging as a release in a few tools |
|
@chrisohaver, is there a release branch/tag we can check if all security patches are included in v1.11.2. |
It will be cut from whatever the latest commit of the master branch is when we release it. |
Thanks for the reply. Would you consider having a formal release branch(es) and schedule (monthly or quarterly release) for CoreDNS? There are quite a lot CVEs exploited recently, we'll need to address them ASAP. |
|
There's an open proposal in process to support release branches - one of the open PRs open currently. However, that doesn’t really relate to the unresolved build publishing issue. |
|
@chrisohaver do you know if the release will still be called 1.11.2 or will it skip to 1.11.3? (And will it be soon? Not trying to put pressure on you to get it done, but an ETA of when you think it could be done would be useful. If you're busy say "a month" it's fine!) |
What do you think would be least painful and confusing for everyone? I’m not sure.
maybe? Will try a release again later this week with recent build fix if no other maintainers do. |
|
Myself, I'd prefer 1.11.3. There seems to be a bit more going into this release than was in the original 1.11.2, so it does make sense to up-version. |
|
Ok. We can close this and open a 1.11.3 release tracking issue. |
|
I can retag the original 1.11.2 commit without a release if that helps people not be confused. Or maybe that would be more confusing? I don’t know. Let me know folks. What do you all want. |
|
I'm going to try to do a release the originally attempted commit 01bded8 And then try to the docker build with latest fixes on that tag. Will see how that goes. 🤞 |
|
well that didn't work. the release workflow failed when trying to create the tag. |
|
Symptoms the same as this issue: softprops/action-gh-release#411 |
|
still failing |
To clarify: The tag&release step of the release script is failing. The docker publish step is not executed because that process happens after a successful tag&release. The failures from a few weeks ago were in the docker publish step. The failure in the tag&release step is a new development. |
|
Try poking at your tag protection rules. Or, if you want to see if it's a permissions issue, maybe try |
|
Thanks - no tag protection rules in place, and per https://github.com/softprops/action-gh-release?tab=readme-ov-file#permissions, only "write" is required, which we have set. I'm wondering if it's something like dangling references to the old tag that GitHub fails to clean up after a tag deletion preventing a tag with the same name being created again. If so, then v1.11.2 may forever be cursed and we need to move on to v1.11.3. |
|
I managed to get the action-gh-release printing some debug information running from my fork: https://github.com/bikesheddev/coredns/actions/runs/8619349018/job/23623824499#step:6:17 I don't know the root cause of this error. But using the master commit or my tmp commit as workflow input works: https://github.com/bikesheddev/coredns/actions/runs/8619437305/job/23624118432 https://github.com/bikesheddev/coredns/actions/runs/8619449474/job/23624161952 I suggest to use another tag/commit for release. Edited: Set https://github.com/bikesheddev/coredns/actions/runs/8626020717/job/23643835286 |
|
Since this issue related to a broken tag, should a new release be made from 1.11.3? |
|
That's what's happening. |
|
[ connecting the dots ... 1.11.3 is tracked in #6638 ] P.S. thank you all, coreDNS is great :-) |
1.11.2 release was a mistake: coredns/coredns#6454
|
Any update on this? |
|
Not yet. The version bump PR was merged, now a new release has to be "cut". So, any time now, a new release should happen |
Let's do a release soon.
Any currently open PRs that we want to push to get into the next release?
The text was updated successfully, but these errors were encountered: