The new Go release fixes the following security issues:
CVE-2020-28362, CVE-2020-28367, CVE-2020-28366
See https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM for more
detail.
The next step will be to re-build all our production Go binaries.
Change-Id: I97e4678a2e06a9559e66c0c0db008f0b6dfd81a2
These are codes defined in JPK_V7, ie. the control file submitted to
Polish tax authorities for all invoices created in a given month. We
need to now tag our invoices with the appropriate codes when submitting
them to our accountants, which will pass them on over to the tax
authoritiex in a JPK_V7M file.
This only adds the relevant enums and adds them to proto messages, but
does not actually implement any control/model logic.
Change-Id: I695d05b55143a248dab9346151da3c572c7665d4
These tests are broken as they depend on some test data that we
currently don't have in hscloud. They should be fixed ASAP.
Change-Id: I2571c2958cb84e145a7e3a44171685ecf43cf499
This forks bitnami/kubecfg into kartongips. The rationale is that we
want to implement hscloud-specific functionality that wouldn't really be
upstreamable into kubecfg (like secret support, mulit-cluster support).
We forked off from github.com/q3k/kubecfg at commit b6817a94492c561ed61a44eeea2d92dcf2e6b8c0.
Change-Id: If5ba513905e0a86f971576fe7061a471c1d8b398
This reverts commit 014c9cd018.
Reason for revert:
When applying app/matrix/matrix.hackerspace.pl.jsonnet:
ERROR Error in deployments matrix.oauth2-cas-proxy: ValidationError(v1.Deployment.spec.template.spec.containers[0].env[4].valueFrom): unknown field "secretkeyref" in io.k8s.api.core.v1.EnvVarSource
Change-Id: I833f8a7d7174632b2edffe2f6a9b3e9bb55eebb9
This combats this:
[126624.252775] Route cache is full: consider increasing sysctl net.ipv[4|6].route.max_size.
This used to be fixed manually on edge01.waw, but we forgot to actually
set this in configuration. Whoops
Change-Id: Ibd45f019a9f4d8d6c2bf1db27f438589acaffd77
This is in preparation for spinning up a staging/QA matrix instance,
where the MXID domain is under control by hscloud machinery (and not a
top-level organizational domain).
Change-Id: I10505615ebb407b3b2eac0c1b87ad5625e2009c0
This is in prepration for bringing up a Matrix server for hsp.sh.
Verified to cause no diff on prod.
Change-Id: Ied2de210692e3ddfdb1d3f37b12893b214c34b0b
This is an amalgamation of a handful of small changes to Go deps.
Notably:
- we remove our opencensus-proto fork, use upstream, use exclude=src to
fix the build
- unvendorify some deps
- bump io_rules_go to fix WKT resolution
Notably, we now do not have the 'protoc-gen-go' error when running
kubecfg/kubectl anymore.
Change-Id: I34fb9e78b2b12e4543142183d601d01987076f32
This can happen if a binary is built statically and fails to load
libgcc/nsd libraries at runtime.
Change-Id: Ia76645471b83a6cc75fe6552e70e6a251b50129c
q3k
Norbert Szulc