Skip to content

calico-3.29 - usrmerge usr/sbin #44671

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
smoser merged 3 commits into from
Mar 31, 2025
Merged

calico-3.29 - usrmerge usr/sbin #44671

smoser merged 3 commits into from
Mar 31, 2025

Conversation

@smoser
Copy link
Member

@smoser smoser commented Mar 5, 2025

No description provided.

@octo-sts octo-sts bot added the bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. label Mar 5, 2025
@a-crate a-crate force-pushed the usrmerge-usrsbin/calico branch from 9d874b8 to 8fb64a3 Compare March 24, 2025 23:51
@octo-sts
Copy link
Contributor

octo-sts bot commented Mar 24, 2025

⚠️ EXPERIMENTAL

Please use 👍 or 👎 on this comment to indicate if you agree or disagree with the recommendation.

To provide more detailed feedback please comment on the recommendation prefixed with /ai-verify:

e.g. /ai-verify partially helpful but I also added bash to the build environment

Gen AI suggestions to solve the build error:

Based on the error message, I'll provide a specific analysis and fix.

• Detected Error:

FAIL Expected commit c29210835f7a2795d0791974602c8e1c625c8ca1 for v3.29.2, found 05bdc34b298940af451748481cc03d85e428f13f

• Error Category: Version/Configuration

• Failure Point: git-checkout step in the pipeline

• Root Cause Analysis: The expected commit hash in the melange YAML doesn't match the actual commit hash for the v3.29.2 tag in the upstream repository. This is likely due to a mismatch between what was originally used to create the package definition and the current state of the upstream repository.

• Suggested Fix: Update the expected-commit hash in the git-checkout step to match the correct commit hash:

  - uses: git-checkout
    with:
      repository: https://github.com/projectcalico/calico
      tag: v${{package.version}}
      expected-commit: 05bdc34b298940af451748481cc03d85e428f13f  # Updated hash

• Explanation: The build system uses commit hash verification as a security measure to ensure the exact version of code being built. The current hash in the configuration doesn't match the actual commit that the v3.29.2 tag points to in the upstream repository. Updating to the correct hash will allow the build to proceed.

• Additional Notes:

  • This type of mismatch commonly occurs when tags are moved or when package definitions aren't updated after upstream changes
  • The new hash (05bdc34b) represents the actual commit that v3.29.2 points to in the Calico repository
  • This change maintains the security properties of the build while aligning with the correct upstream version

• References:

@octo-sts octo-sts bot added the ai/skip-comment Stop AI from commenting on PR label Mar 24, 2025
@a-crate a-crate force-pushed the usrmerge-usrsbin/calico branch 2 times, most recently from 3e28317 to b8111b0 Compare March 25, 2025 16:41
@smoser smoser force-pushed the usrmerge-usrsbin/calico branch from b8111b0 to af9e374 Compare March 31, 2025 14:57
@smoser smoser merged commit 139c6f6 into wolfi-dev:main Mar 31, 2025
15 checks passed
MickeyPvX pushed a commit to MickeyPvX/wolfi-dev-os that referenced this pull request Apr 1, 2025
@smoser @a-crate
@xnox @MickeyPvX
calico-3.29 - usrmerge usr/sbin (wolfi-dev#44671)
d1801ab 
Signed-off-by: Amelia Crate <amelia.crate@chainguard.dev>
Co-authored-by: Amelia Crate <amelia.crate@chainguard.dev>
Co-authored-by: Dimitri John Ledkov <dimitri.ledkov@chainguard.dev>
This was referenced Jun 18, 2025
Closed
Closed
This was referenced Jun 26, 2025
Merged
Merged
This was referenced Jul 7, 2025
Closed
Merged
This was referenced Jul 14, 2025
Merged
Closed
Merged
Merged
@octo-sts octo-sts bot mentioned this pull request Jul 24, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@justinvreeland justinvreeland justinvreeland approved these changes

@zmarano zmarano zmarano approved these changes

Assignees

No one assigned

Labels

ai/skip-comment Stop AI from commenting on PR bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@smoser @justinvreeland @zmarano @a-crate @xnox