Bump odh 0.12.rc0 to rhoai main branch #17
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#### Motivation It can be challenging to figure out how to get a development environment setup especially for folks who have not worked with Maven before. #### Modifications Adding some information of development workflow and project setup for working with an IDE. #### Result Hopefully a less frustrating on-boarding experience. /cc @rafvasq --------- Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Spolti <[email protected]>
- Create /docs directory - Add new docs on: - VModels - Configuration/Tuning - Scaling - Metrics - Move existing docs into /docs directory: - Payload processing - Getting started, build, deployment --- Signed-off-by: Rafael Vasquez <[email protected]>
[RHODS-12555] - CVE-2023-44487
Signed-off-by: Spolti <[email protected]>
grpc, protobuf, guava, jackson-databind, thrift, log4j2, junit --------- Signed-off-by: Nick Hill <[email protected]>
Configure CodeQL vulnerability scans --------- Signed-off-by: Christian Kadner <[email protected]>
- Execute external commands using an array of strings rather than a single string - Make the regular expression pattern a bit more efficient --------- Signed-off-by: Rafael Vasquez <[email protected]>
chore: update ubi8-minimal to latest version, 8.8. Vulnerabities fixed: - [RHSA-2023:7165]( https://access.redhat.com/errata/RHSA-2023:7151): cups security and bug fix update (Moderate) - [RHSA-2023:7151](https://access.redhat.com/errata/RHSA-2023:7151): python3 security update (Moderate) - [RHSA-2023:7176](https://access.redhat.com/errata/RHSA-2023:7176): python-pip security update (Moderate) - [RHSA-2023:7176](https://access.redhat.com/errata/RHSA-2023:7176): python-pip security update (Moderate) - [RHSA-2023:7151](https://access.redhat.com/errata/RHSA-2023:7151): python3 security update (Moderate) - [RHSA-2023:7190](https://access.redhat.com/errata/RHSA-2023:7190): avahi security update (Moderate) - [RHSA-2023:7112](https://access.redhat.com/errata/RHSA-2023:7112): shadow-utils security and bug fix update (Low) Signed-off-by: Spolti <[email protected]>
chore: Update bouncy castle depdendency to address the following vulnerability: - [CVE-2023-33201](https://nvd.nist.gov/vuln/detail/CVE-2023-33201): Bouncy Castle For Java LDAP injection vulnerability Signed-off-by: Spolti <[email protected]>
chore: Update bouncy castle depdendency to address the following vulnerability: - [CVE-2023-33201](https://nvd.nist.gov/vuln/detail/CVE-2023-33201): Bouncy Castle For Java LDAP injection vulnerability Signed-off-by: Spolti <[email protected]>
Functionality added in kserve#90 --------- Signed-off-by: Nick Hill <[email protected]>
Address bounce castle cve alert
Bump ubi8 tag to 8.8
PR kserve#90 introduced support for per-model prometheus metrics with the intention to not change the default behavior but require this as a feature to be enabled explicitly via configuration. However, it was inadvertently made the default. This commit restores the original behavior by changing the default configuration to not include modelId/vModelId prometheus metric labels because model-mesh was designed primarily for use cases where there is a very large and changing number of individual models and those scenarios would result in a much greater number of individual metrics than prometheus can handle. ------ Signed-off-by: Nick Hill <[email protected]>
…ve#127) This won't change current behaviour since the default is to use netty's openssl-based TLS implementation anyhow. But it will allow overriding to use the native jdk TLS impl when needed. Signed-off-by: Nick Hill <[email protected]>
protobuf 3.25.0, jackson-databind 2.16.0, junit 5.10.1, etcd-java 0.0.24 Includes important etcd-java update to support authentication when using etcd server versions >= 3.5 Unfortunately latest netty 4.1.101.Final is incompatible with grpc-java. We'll need to wait for a grpc patch for that. Signed-off-by: Nick Hill <[email protected]>
Vulnerabities fixed: - [RHSA-2023:7165] cups security and bug fix update (Moderate) - [RHSA-2023:7151] python3 security update (Moderate) - [RHSA-2023:7176] python-pip security update (Moderate) - [RHSA-2023:7151] python3 security update (Moderate) - [RHSA-2023:7190] avahi security update (Moderate) - [RHSA-2023:7112] shadow-utils security and bug fix update (Low) ----- Signed-off-by: Spolti <[email protected]>
Signed-off-by: Nick Hill <[email protected]>
Signed-off-by: Spolti <[email protected]>
Prevent incorrectly empty logged payloads: - Do not attempt to avoid slicing the response bytebuf in the case that a PayloadProcessor is configured - Do not attempt to avoid some additional refcount updates in the case status != OK Resolves kserve#111 ----- Signed-off-by: Nick Hill <[email protected]>
Add a vModelId field to the Payload class and correspondingly update built-in PayloadProcessor implementations where applicable. It may be null if the request was directed at a concrete modelId rather than a vModelId. ----- Signed-off-by: Nick Hill <[email protected]>
[pull] main from kserve:main
Signed-off-by: Selbi Nuryyeva <[email protected]>
Update OWNERS in main branch
…ilures (kserve#132) To help debugging unready condition in case of model loading failures. The logged message helps to pinpoint the root cause of unready condition. Fixes kserve#100 ----- Signed-off-by: Leon Kiefer <[email protected]>
This is to move away from CVE-2024-23944: information disclosure. Signed-off-by: Edgar Hernández <[email protected]>
Motivation Update dependencies to keep them up-to-date. In particular want to update netty ito resolve [CVE](https://www.cve.org/CVERecord?id=CVE-2024-29025) with `io.netty_netty-codec-http` picked up by twistlock Modifications grpc 1.60.2, netty 4.1.108, protobuf 3.25.3, annotations 9.0.87, guava 33.1.0-jre, jackson-databind 2.16.2, thrift 0.20.0, log4j2 2.23.1, bouncycastle 1.77, junit 5.10.2 Note that grpc-java v1.59.1 [resolved issue](grpc/grpc-java#10665 (comment)) with supporting netty 4.1.101.Final --------- Signed-off-by: Anh-Uong <[email protected]>
Signed-off-by: rpancham <[email protected]>
Create Workflow for release and tag with Changelog
chore: Fix [CVE-2024-30172](https://www.cve.org/CVERecord?id=CVE-2024-30172) Signed-off-by: Spolti <[email protected]>
#### Modifications Added linux/s390x ( platform ) in the build github workflow #### Result https://github.com/modassarrana89/modelmesh/actions/runs/8688245342/job/23823937204 // Build operation run in local workflow is a success. Attached archieve log for refernece [logs_22763759557.zip](https://github.com/kserve/modelmesh/files/14978607/logs_22763759557.zip) --------- Signed-off-by: Modassar Rana <[email protected]>
[pull] main from kserve:main
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
Bump odh 0.12.rc0 to rhoai main branch