Bump requests from 2.31.0 to 2.32.0 in /python/aiffairness #360
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
**What this does / why we need it**:
This PR adds custom code to make KServe run on OpenShift without the need for anyuid SCC.
**More context**:
OpenShift uses istio-cni which causes an issue with init-containers when calling external services
like S3 or similar. Setting the uid for the storage-initializer to the same uid as the
uid of the istio-proxy resolves the issue. In OpenShift the istio-proxy always gets assigned
the first uid from the namespaces uid range + 1 (The range is defined in an annotation on the namespace).
**Release note**:
```release-note
The `storage-initializer` container will now run with the same `uid` as the `istio-proxy` which resolves an issue when istio-cni is used.
```
---
Squashed commit titles:
* add storage-initializer uid handling for OpenShift with istio-cni
* update storage_initializer_injector tests
* Also use annotation on pod to override uid
* Remove manager's rbac-proxy and add ODH requried network policies * Workaround for Kustomize bug about creationTimestamp See: kubernetes-sigs/kustomize#5031 Without this workaround, some Kustomize versions are generating `creationTimestamp: "null"` (null as a string). Signed-off-by: Edgar Hernández <[email protected]>
* Workflows are changed to push to Quay.io. * The go.yml workflow is changed to omit updating the coverage badge (we don't have one, for now). * The README.md file is updated to right ODH urls. Signed-off-by: Edgar Hernández <[email protected]>
Adapt GH-workflows to correctly push to ODH container repositories
Kustomize patches for OpenShift were cherry-picked from the release-v0.10 branch. The cherry-pick succeeded, but the resulting manifests were not working, because of the differences. This fixes the manifests and bring them back to a working state. Signed-off-by: Edgar Hernández <[email protected]>
Update OWNERS files
These are the needed changes to have openshift-ci running the E2E tests successfully. There are several groups of E2E tests that can be deduced from the .github/workflows/e2e-test.yaml file: fast, slow, explainer, transformer-mms, qpext, grpc, helm, raw and kourier. For ODH, the `fast`, `slow` and `grpc` groups are the ones that cover the features that are going to be supported in the initial adoption of ODH. This commit contains the needed adaptations to the E2E tests of the `fast` and `slow` groups to successfully run them in an openshift cluster. It also adds a few scripts on test/scripts/openshift-ci to run these E2Es in the openshift-ci operator. Some of these changes should be seen as provisional and should be rolled back: * test/e2e/common/utils.py: because of the networking/DNS expectations, that are currently not covered in ODH's installation. * test/e2e/predictor/*: * In general all changes under this path should be seen as provisional. However, since ODH won't support all ServingRuntimes, it is possible that some of the tests will stay out. * There are some GRPC-related tests marked as skipped. Since this work is not enabling the `grpc` group, a subsequent commit/PR for enabling GRPC E2Es should remove/revert those skip marks. * Also, there are some tests skipped with the `Not testable in ODH at the moment` reason. The root cause of the failure should be investigated to re-enable these tests. * python/kserve/kserve/models/v1beta1_inference_service.py: This is injecting an annotation that is required given the specifics of OSSM/Maistra and OpenShift-Serverless that are used in ODH. This annotation is, currently, user responsibility and this was the cleanest way to add it in the E2Es. Being platform-specific, it's been discussed that this (and some other) annotation should be injected by some controller to relief the user from this responsibility. If this happens, this change should be reverted. Also, ideally, changes to the following files should be contributed back to upstream. Those changes are not required in upstream and should have no effect, but in openshift-ci become required because a different builder image is being used: * Dockerfile * agent.Dockerfile Signed-off-by: Edgar Hernández <[email protected]>
Openshift-ci onboarding These are the needed changes to have openshift-ci running the E2E tests successfully. There are several groups of E2E tests that can be deduced from the .github/workflows/e2e-test.yaml file: fast, slow, explainer, transformer-mms, qpext, grpc, helm, raw and kourier. For ODH, the `fast`, `slow` and `grpc` groups are the ones that cover the features that are going to be supported in the initial adoption of ODH. This commit contains the needed adaptations to the E2E tests of the `fast` and `slow` groups to successfully run them in an openshift cluster. It also adds a few scripts on test/scripts/openshift-ci to run these E2Es in the openshift-ci operator. Some of these changes should be seen as provisional and should be rolled back: * test/e2e/common/utils.py: because of the networking/DNS expectations, that are currently not covered in ODH's installation. These changes should be rolled back once the following ticked is fixed: opendatahub-io/odh-model-controller#59 * test/e2e/predictor/*: * In general all changes under this path should be seen as provisional. However, since ODH won't support all ServingRuntimes, it is possible that some of the tests will stay out. * There are some GRPC-related tests marked as skipped. Since this work is not enabling the `grpc` group, a subsequent commit/PR for enabling GRPC E2Es should remove/revert those skip marks. * Also, there are some tests skipped with the `Not testable in ODH at the moment` reason. The root cause of the failure should be investigated to re-enable these tests. * python/kserve/kserve/models/v1beta1_inference_service.py: This is injecting an annotation that is required given the specifics of OSSM/Maistra and OpenShift-Serverless that are used in ODH. This annotation is, currently, user responsibility and this was the cleanest way to add it in the E2Es. Being platform-specific, it's been discussed that this (and some other) annotation should be injected by some controller to relief the user from this responsibility. If this happens, this change should be reverted. Also, ideally, changes to the following files should be contributed back to upstream. Those changes are not required in upstream and should have no effect, but in openshift-ci become required because a different builder image is being used: * Dockerfile * agent.Dockerfile
Augments the `default` profile with some changes expected by an ODH installation: * Removes the `Namespace` CR, because the ODH operator does not expect such resource. The Namespace is expected to be created in advance to later create a KfDef on it, where resources are going to be installed. * Adds cluster roles, to extend the cluster's default user-facing roles with KServe privileges. Signed-off-by: Edgar Hernández <[email protected]>
Signed-off-by: Vaibhav Jain <[email protected]>
[Sync] kserve/kserve-master to master branch
Signed-off-by: Edgar Hernández <[email protected]>
Signed-off-by: Edgar Hernández <[email protected]>
Signed-off-by: Edgar Hernández <[email protected]>
Upstream master sync
Signed-off-by: heyselbi <[email protected]>
automate addition of new isues into ODH board
Code sync up to upstream commit for v0.11.1
Signed-off-by: Spolti <[email protected]>
Signed-off-by: Spolti <[email protected]>
Open Data Hub operator v2 is going to be consuming Kustomize manifests from component repos, and `odh-manifests` repo is going to be archived. This is moving/copying artifacts from `odh-manifests` into an already existent odh overlay. With these changes, the overlay can be directly consumed by ODH-operator v2. Signed-off-by: Edgar Hernández <[email protected]>
add spoltin in the OWNERS file
[RHODS-12555] - CVE-2023-44487
Signed-off-by: Spolti <[email protected]>
[RHODS-12555] - CVE-2023-44487 - qpext
[master] Preparation for odh-opeartor v2
Partial revert of opendatahub-io/odh-manifests#916, because opendatahub-io/odh-model-controller#84 has been completed. Signed-off-by: Edgar Hernández <[email protected]>
Add capability to run RawDeployment E2Es in OpenShift-ci
…Mode Deployment Signed-off-by: Spolti <[email protected]>
Signed-off-by: Spolti <[email protected]>
[RHOAIENG-5073] - Routing and Headless Service Support in KServe Raw …
Signed-off-by: Spolti <[email protected]>
Signed-off-by: jooho <[email protected]>
remove unnecessary operators
#292) * [RHOAIENG-4617] - follow up - remove hardcoded fastapi from Dockerfile As the Ray Serve latest release removed the hard dependency of old fastapi version we can now remove the workaround from the Storage Initializer Container Image. Signed-off-by: Spolti <[email protected]>
There is an error in the storage-initializer-docker-publisher workflow where a string is being used, but should be a variable. On PR merges, this is causing an error when trying to push the docker image of the storage initializer. This is fixing the issue by properly using the variable. Signed-off-by: Edgar Hernández <[email protected]>
Fix storage-initializer-docker-publisher workflow
Signed-off-by: Spolti <[email protected]>
Sync kserve/master with odh/master
[pull] master from kserve:master
updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
Hi @dependabot[bot]. Thanks for your PR. I'm waiting for a opendatahub-io member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dependabot[bot] The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Jooho
pushed a commit
to Jooho/kserve
that referenced
this pull request
Jul 19, 2024
…tudio-kserve-storage-initializer-211 Red Hat Konflux update kserve-storage-initializer-211
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps requests from 2.31.0 to 2.32.0.
Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
Commits
d6ebc4av2.32.09a40d12Avoid reloading root certificates to improve concurrent performance (#6667)0c030f7Merge pull request #6702 from nateprewitt/no_char_detection555b870Allow character detection dependencies to be optional in post-packaging stepsd6dded3Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-testbf24b7dUse an invalid URI that will not cause httpbin to throw 5002d5f547Pin 3.8 and 3.9 runners back to macos-13 (#6688)f1bb07dMerge pull request #6687 from psf/dependabot/github_actions/github/codeql-act...60047adBump github/codeql-action from 3.24.0 to 3.25.031ebb81Merge pull request #6682 from frenzymadness/pytest8You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.