Update versions of components for base image

[iamNoah1]

Updating versions of components for our base image to the newest available versions.

Which issue/s this PR fixes

fixes #7320

How Has This Been Tested?

• On a Ubuntu 18.04
• Updated versions in images/nginx/rootfs/build.sh
• Set OUTPUT= -o type=docker inside of images/nginx/Makefile in order to build a docker image in local registry
• Set PLATFORMS?=linux/amd64 inside of images/nginx/Makefile to only build amd64 for the test run.
• make build inside of images/nginx
• Set BASE_IMAGE to newly created image inside of ingress-nginx/Makefile
• Run make kind-e2e-test

Checklist:

• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I've read the CONTRIBUTION guide
• I have added tests to cover my changes.
• All new and existing tests passed.

[k8s-ci-robot]

@iamNoah1: This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-ci-robot]

Hi @iamNoah1. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tao12345666333]

Thanks!
I'm not sure if they will have compatibility issues with each other

But let CI test it first 🚀

/ok-to-test

[iamNoah1]

/kind cleanup
/priority backlog
/triage accepted

[k8s-ci-robot]

@iamNoah1: The label triage/accepted cannot be applied. Only GitHub organization members can add the label.

In response to this:

/kind cleanup
/priority backlog
/triage accepted

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[rikatz]

ok, as there's no tag cut since 2018

[rikatz]

EDIT: openresty/set-misc-nginx-module@v0.32...master

I don't think here it's worth the effort to change, no bugfix since there :)

[rikatz]

ok, as there's no tag cut since 2017

[rikatz]

EDIT: same: openresty/headers-more-nginx-module@v0.33...master

No big changes since the last release

[rikatz]

👍

[rikatz]

@iamNoah1 let's use 0.19.0 here

[rikatz]

Let's use yaml-cpp-0.7.0

[rikatz]

I think here as Jaeger got a pretty "recent" release we can stick with 0.7.0

[rikatz]

(also the recent commits where to change their issue template

[rikatz]

For both of those, there has been some recent bugfixes, maybe we should move to the last commit

[rikatz]

This one got a recent bugfix about balancer weight, probably impacts on us

[rikatz]

We can use 0.11 here (as the difference between version bump and this commit is just the maintainer dropping travis-ci usage)

[rikatz]

Let's use 0.1.22 here

[rikatz]

We can keep 0.08 here (openresty/lua-resty-lock@v0.08...master) no changes :)

[rikatz]

We can keep 0.10 here -> openresty/lua-resty-upload@v0.10...master

[rikatz]

Let's use 0.16 here: openresty/lua-resty-memcached@v0.16...master

[rikatz]

Not necessary to change, no big change: openresty/lua-resty-redis@v0.29...master

[rikatz]

@iamNoah1 thanks, this is huge!

Left some comments, in three categories:

• Lines that does not needs changes (last releases were nothing big), with branch comparision
• Lines that we should stick with release version instead of going to a commit
• Lines that got a commit since you've sent the PR and I think it would be good to move to the latest commit

Also, as proposed in Slack, if you've got time/patience for this, let's add in front of things that got no recent release (like SETMISC_VERSION and MORE_HEADERS_VERSION) a comment saying that this got no recent release, and that it should be verified with branch comparision, for example:

# MORE_HEADERS_VERSION got no recent change, see: https://github.com/openresty/headers-more-nginx-module/compare/v0.33...master
export MORE_HEADERS_VERSION=0.33 

Once again, thanks for this!

[iamNoah1]

Next steps: Fix proposals, make e2e on a machine. Merge PR. Follow up with release.md process.

[rikatz]

Next steps: Fix proposals, make e2e on a machine. Merge PR. Follow up with release.md process.

Sounds good! Ping me when this is ready (on Slack) as I'm missing a lot of GH notifications :/

Want to get this merged before the (proposed) code freeze :)

[iamNoah1]

This one is somehow strange. Main Branch seems to be v3.4/dev. But when comparing with tag v3.3.2 the changes are way too big(coreruleset/coreruleset@v3.3.2...v3.4/dev). I don't get it. @rikatz can you maybe doubelcheck.

[rikatz]

yeah, and in this one I have some knowledge :)

So mod_security on dev branch renames a lot of stuff. This one is specifically the ruleset for modsec. I wouldn't use the dev branch, as rules may be unstable and break users

[iamNoah1]

Whats with this one @rikatz? openresty/luajit2@v2.1-20210510...v2.1-agentzh shows that has been a lot going on since the last release.

[rikatz]

Does not seem to be an official release :(

https://github.com/openresty/luajit2/releases

This is why I've pointed to the release

[iamNoah1]

Sure, I kept using the 2.1-20210510. But v2.1-agentzh seems to be the main branch. So after release 2.1-20210510 there was some commits going on. Or am I wrong?!.

[rikatz]

you are right :) I just wanted to stick with the releases specifically for luajit2 due to its critical role :D

[rikatz]

/label tide/merge-method-squash
/lgtm
/approve
@iamNoah1 thank you very much for this!! Let's wait until the cloudbuild finishes (~2 hours...), promote the image and change the base image on all the branches! :D

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: iamNoah1, rikatz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• images/OWNERS [rikatz]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[iamNoah1]

/label tide/merge-method-squash
/lgtm
/approve
@iamNoah1 thank you very much for this!! Let's wait until the cloudbuild finishes (~2 hours...), promote the image and change the base image on all the branches! :D

Updating the image on all branches will be fun ^^