[prometheus] Fix CVEs vulnerabilities alerts receiver #13740

scaps1 · 2025-06-02T13:24:59Z

Description

Fix of image vulnerabilities

Why do we need it, and what problem does it solve?

To improve security of deckhouse

What is the expected result?

Fixed CVEs

Checklist

The code is covered by unit tests.
e2e tests passed.
Documentation updated according to the changes.
Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: prometheus
type: fix
summary: Fix CVEs vulnerabilities  alerts receiver
impact_level: default

Signed-off-by: alexey.komyakov <alexey.komyakov@flant.com>

deckhouse-BOaTswain · 2025-06-04T13:50:57Z

🟢 e2e: Yandex.Cloud for deckhouse:fix_cve_alerts_receiver succeeded in 42m43s.

Workflow details

Yandex.Cloud-WithoutNAT-Containerd-1.30 - Connection string: ssh redos@158.160.53.245

🟢 e2e: Yandex.Cloud, Containerd, Kubernetes 1.30 succeeded in 37m23s.

deckhouse-BOaTswain · 2025-06-06T12:15:00Z

🟢 e2e: Yandex.Cloud for deckhouse:fix_cve_alerts_receiver succeeded in 37m39s.

Workflow details

Yandex.Cloud-WithoutNAT-Containerd-1.30 - Connection string: ssh redos@158.160.121.220

🟢 e2e: Yandex.Cloud, Containerd, Kubernetes 1.30 succeeded in 36m35s.

deckhouse-BOaTswain · 2025-06-23T12:55:13Z

Backport failed. See Job for details.

[prometheus] Fix CVEs vulnerabilities alerts receiver

8cb9e77

Signed-off-by: alexey.komyakov <alexey.komyakov@flant.com>

scaps1 added this to the v1.70.1 milestone Jun 2, 2025

scaps1 self-assigned this Jun 2, 2025

github-actions bot added area/monitoring Pull requests that update monitoring modules type/dependencies Pull requests that update a dependency file labels Jun 2, 2025

scaps1 added e2e/run/yandex-cloud Run e2e tests in Yandex Cloud status/ok-to-test Available for testing labels Jun 4, 2025

github-actions bot removed the e2e/run/yandex-cloud Run e2e tests in Yandex Cloud label Jun 4, 2025

scaps1 added 2 commits June 4, 2025 17:24

Merge remote-tracking branch 'origin/main' into fix_cve_alerts_receiver

3ddbecb

Merge remote-tracking branch 'origin/main' into fix_cve_alerts_receiver

4232483

scaps1 added the e2e/run/yandex-cloud Run e2e tests in Yandex Cloud label Jun 6, 2025

github-actions bot removed the e2e/run/yandex-cloud Run e2e tests in Yandex Cloud label Jun 6, 2025

Steamvis modified the milestones: v1.70.1, v1.70.2 Jun 9, 2025

Steamvis added the status/backport Cherry-pick PR to the release branch from the Milestone label Jun 9, 2025

Steamvis modified the milestones: v1.70.2, v1.70.3 Jun 10, 2025

scaps1 modified the milestones: v1.70.3, v1.71.0 Jun 10, 2025

scaps1 marked this pull request as ready for review June 10, 2025 15:07

scaps1 requested review from vladimirGuryanov and lazovskiy as code owners June 10, 2025 15:07

vladimirGuryanov approved these changes Jun 23, 2025

View reviewed changes

vladimirGuryanov merged commit e24539c into main Jun 23, 2025
119 of 128 checks passed

vladimirGuryanov deleted the fix_cve_alerts_receiver branch June 23, 2025 12:54

deckhouse-BOaTswain mentioned this pull request Jun 23, 2025

Changelog v1.71.0 #13483

Open

deckhouse-BOaTswain removed the status/backport Cherry-pick PR to the release branch from the Milestone label Jun 23, 2025

deckhouse-BOaTswain added the status/backport/failed label Jun 23, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[prometheus] Fix CVEs vulnerabilities alerts receiver #13740

[prometheus] Fix CVEs vulnerabilities alerts receiver #13740

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

[prometheus] Fix CVEs vulnerabilities alerts receiver #13740

[prometheus] Fix CVEs vulnerabilities alerts receiver #13740

Uh oh!

Conversation

Description

Why do we need it, and what problem does it solve?

What is the expected result?

Checklist

Changelog entries

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!