Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync #47

Merged
merged 15 commits into from
Nov 23, 2023
Merged

Sync #47

merged 15 commits into from
Nov 23, 2023

Conversation

spolti
Copy link
Member

@spolti spolti commented Nov 23, 2023

Motivation

Modifications

Result

ckadner and others added 14 commits October 10, 2023 14:43
#### Motivation

It can be challenging to figure out how to get a development environment
setup especially for folks who have not worked with Maven before.

#### Modifications

Adding some information of development workflow and project setup for
working with an IDE.

#### Result

Hopefully a less frustrating on-boarding experience.

/cc @rafvasq

---------

Signed-off-by: Christian Kadner <[email protected]>
Signed-off-by: Christian Kadner <[email protected]>
- Create /docs directory
- Add new docs on:
  - VModels
  - Configuration/Tuning
  - Scaling
  - Metrics
- Move existing docs into /docs directory:
  - Payload processing
  - Getting started, build, deployment

---

Signed-off-by: Rafael Vasquez <[email protected]>
grpc, protobuf, guava, jackson-databind, thrift, log4j2, junit

---------

Signed-off-by: Nick Hill <[email protected]>
Configure CodeQL vulnerability scans

---------

Signed-off-by: Christian Kadner <[email protected]>
- Execute external commands using an array of strings
  rather than a single string
- Make the regular expression pattern a bit more efficient

---------

Signed-off-by: Rafael Vasquez <[email protected]>
chore: Update bouncy castle depdendency to address the following
vulnerability:
- [CVE-2023-33201](https://nvd.nist.gov/vuln/detail/CVE-2023-33201):
Bouncy Castle For Java LDAP injection vulnerability

Signed-off-by: Spolti <[email protected]>
Functionality added in kserve#90 

---------

Signed-off-by: Nick Hill <[email protected]>
PR kserve#90 introduced support for per-model prometheus metrics with the
intention to not change the default behavior but require this as a feature
to be enabled explicitly via configuration. However, it was inadvertently
made the default.

This commit restores the original behavior by changing the default configuration
to not include modelId/vModelId prometheus metric labels because model-mesh
was designed primarily for use cases where there is a very large and changing
number of individual models and those scenarios would result in a much greater
number of individual metrics than prometheus can handle.

------

Signed-off-by: Nick Hill <[email protected]>
…ve#127)

This won't change current behaviour since the default is to use netty's
openssl-based TLS implementation anyhow. But it will allow overriding to
use the native jdk TLS impl when needed.

Signed-off-by: Nick Hill <[email protected]>
protobuf 3.25.0, jackson-databind 2.16.0, junit 5.10.1, etcd-java 0.0.24

Includes important etcd-java update to support authentication when using
etcd server versions >= 3.5

Unfortunately latest netty 4.1.101.Final is incompatible with grpc-java.
We'll need to wait for a grpc patch for that.

Signed-off-by: Nick Hill <[email protected]>
Vulnerabities fixed:
- [RHSA-2023:7165] cups security and bug fix update (Moderate)
- [RHSA-2023:7151] python3 security update (Moderate)
- [RHSA-2023:7176] python-pip security update (Moderate)
- [RHSA-2023:7151] python3 security update (Moderate)
- [RHSA-2023:7190] avahi security update (Moderate)
- [RHSA-2023:7112] shadow-utils security and bug fix update (Low)

-----

Signed-off-by: Spolti <[email protected]>
Copy link

@israel-hdez israel-hdez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything here is already in upstream. In upstream reviews I trust.
Approving, given CI is green.

Copy link

openshift-ci bot commented Nov 23, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: israel-hdez, spolti

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit c3d4fb8 into opendatahub-io:main Nov 23, 2023
7 checks passed
@spolti spolti deleted the sync branch November 23, 2023 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants