coredns
coredns copied to clipboard
coredns
CoreDNS 1.11.2 Release
Let's do a release soon.
Any currently open PRs that we want to push to get into the next release?
oh I think I know, why it fails, this should fix it https://github.com/coredns/coredns/pull/6456
usually Dependabot pull requests failed due to conflict in cache of setup-go and golangci-lint action
Here's the current list of non-chore changes:
- plugin/rewrite: add rcode as a rewrite option by @pschou in https://github.com/coredns/coredns/pull/6204
- Handle UDP responses that overflow with TC bit by @SriHarsha001 in https://github.com/coredns/coredns/pull/6277
- Use the correct root domain name in the proxy plugin's TestHealthX tests by @tmthrgd in https://github.com/coredns/coredns/pull/6395
- plugin/cache: key cache on Checking Disabled (CD) bit by @gcs278 in https://github.com/coredns/coredns/pull/6354
- plugin/etcd: the etcd client adds the DialKeepAliveTime parameter by @journey-c in https://github.com/coredns/coredns/pull/6351
- plugin/auto: warn when auto is unable to read elements of the directory tree by @chrisohaver in https://github.com/c oredns/coredns/pull/6333
- plugin/tls: respect the path specified by root plugin by @mariuskimmina in https://github.com/coredns/coredns/pull/6138
- rewrite: fix multi request concurrency issue in cname rewrite by @Amila-Rukshan in https://github.com/coredns/coredns/pull/6407
Hey, we have a few customers waiting on the UDP overflow fix. Is there an ETA for the release yet?
Is there an estimated date on this? There are quite a few dependency vulnerabilities in 1.11.1
The docker build/publish has failed due to authentication failure (in 2 attempts).
I do not have push access to the coredns docker hub repo, so I cannot resolve the docker push auth failure.
Update: we tried replacing the docker creds with known working set, and we continue to see the same build failure - an authentication failure when attempting to push the images to dockerhub. Get "https://registry-1.docker.io/v2/": unauthorized: incorrect username or password
Do you have considered using GitHub Container Registry?
It would be a great addition in order to avoid Docker pull quota limitation
missing image
coredns/coredns:1.11.2
https://github.com/coredns/coredns/actions/runs/8084880918 the release CI failed. @chrisohaver
I have deleted the 1.11.2 release so we don’t have a 1/2 completed release. Will re-release once docker login issue is resolved.
The go1.21.8 / 1.22.1 CVE patches seem like something worth picking up https://groups.google.com/g/golang-dev/c/o1I1Vv8Rfgs/m/Wr8tD1RlAgAJ
Docker login issue doesn't appear to have progressed.
Is anyone with coredns docker write permissions quietly working on this?
If not, perhaps we should consider moving away from dockerhub and publishing to gcr instead?
hey @chrisohaver, if you're using Docker Desktop can you file a ticket here https://hub.docker.com/support/desktop ? If not, send an email to [email protected] so we can help you get the hub credentials issue resolved? It looks like the last user that pushed was one of the owners of the coredns organization in docker hub https://hub.docker.com/r/coredns/coredns/tags
I suspect the original failure was due to a password change. And the failures after moving to a new account I suspect due to special characters present in the password getting mangled by make.
Just suspicion since I don't know the actual passwords.
Would it be possible to delete the tag for 1.11.2?
It's flagging as a release in a few tools
@chrisohaver, is there a release branch/tag we can check if all security patches are included in v1.11.2.
@chrisohaver, is there a release branch/tag we can check if all security patches are included in v1.11.2.
It will be cut from whatever the latest commit of the master branch is when we release it.
@chrisohaver, is there a release branch/tag we can check if all security patches are included in v1.11.2.
It will be cut from whatever the latest commit of the master branch is when we release it.
Thanks for the reply. Would you consider having a formal release branch(es) and schedule (monthly or quarterly release) for CoreDNS? There are quite a lot CVEs exploited recently, we'll need to address them ASAP.
There's an open proposal in process to support release branches - one of the open PRs open currently. However, that doesn’t really relate to the unresolved build publishing issue.
@chrisohaver do you all need assistance working through the publishing/release issue? could we consider migrating to publish to GitHub container registry instead.
That would be something consumers would need to adapt to but would probably be less maintenance in terms of future releases and management of docker secrets.
Any help is appreciated! Thanks! I'm not opposed to moving to gcr.
Here is the documentation for publishing images to ghcr: https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages
Maybe the easiest way is to prepend ghcr.io/coredns/ to the image name, so the final name is: ghcr.io/coredns/coredns:tag, and login into GitHub Container Registry. That way docker push will push images to GitHub Container Registry.
However, if you want to still pushing images to Docker Hub, more work should be done.
@chrisohaver do you know if the release will still be called 1.11.2 or will it skip to 1.11.3?
(And will it be soon? Not trying to put pressure on you to get it done, but an ETA of when you think it could be done would be useful. If you're busy say "a month" it's fine!)
@chrisohaver do you know if the release will still be called 1.11.2 or will it skip to 1.11.3?
What do you think would be least painful and confusing for everyone? I’m not sure.
(And will it be soon?…
maybe? Will try a release again later this week with recent build fix if no other maintainers do.