Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added managed identities for ACR container pulls #3463

Merged
merged 5 commits into from
Jun 20, 2024
Merged

Added managed identities for ACR container pulls #3463

merged 5 commits into from
Jun 20, 2024

Conversation

ericwolz
Copy link
Contributor

Checklist

  • I have read the contribution guidelines.
  • I added or modified the existing tests to cover the change (we do not allow our test coverage to go down).
  • This pull-request is submitted against the main branch.

Description of the changes

Reference/Link to the issue solved with this PR (if any)

@timtay-microsoft
Copy link
Member

FYI it looks like we lapsed on some security vulnerabilities and that is blocking your gate here.

/mnt/vss/_work/1/s/e2e/test/E2ETests.csproj : error NU1902: Warning As Error: Package 'Azure.Identity' 1.11.2 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m5vv-6r4h-3vj9 [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/iothub/service/samples/how to guides/RoleBasedAuthenticationSample/RoleBasedAuthenticationSample.csproj : error NU1902: Package 'Azure.Identity' 1.11.2 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m5vv-6r4h-3vj9 [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-8xfc-gm6g-vgpv [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m44j-cfrm-g8qc [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-v435-xc8x-wvr9 [/mnt/vss/_work/1/s/azureiot.sln]

You will probably need to bump those versions to unblock this PR

@timtay-microsoft
Copy link
Member

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@timtay-microsoft
Copy link
Member

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@ericwolz ericwolz merged commit 14a3512 into main Jun 20, 2024
8 checks passed
@ericwolz ericwolz deleted the azure-pipelines-aziotacr branch June 20, 2024 23:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timtay-microsoft timtay-microsoft timtay-microsoft approved these changes

@patilsnr patilsnr patilsnr approved these changes

@abhipsaMisra abhipsaMisra Awaiting requested review from abhipsaMisra

@andyk-ms andyk-ms Awaiting requested review from andyk-ms

@brycewang-microsoft brycewang-microsoft Awaiting requested review from brycewang-microsoft

@tmahmood-microsoft tmahmood-microsoft Awaiting requested review from tmahmood-microsoft

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ericwolz @timtay-microsoft @patilsnr