Merge pull request #716 from andyzhangx/CVE-2022-32981

andyzhangx · web-flow · commit 7dda7bad9620 · 2022-07-06T15:28:34.000+08:00
test: disable CVE-2022-32981 check
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -34,5 +34,5 @@ jobs:
           exit-code: '1'
           ignore-unfixed: true
           vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN'
+          severity: 'CRITICAL,HIGH,MEDIUM,UNKNOWN'
 
diff --git a/pkg/blob/blob.go b/pkg/blob/blob.go
@@ -325,7 +325,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr
 	rgName, accountName, containerName, secretNamespace, err := GetContainerInfo(volumeID)
 	if err != nil {
 		// ignore volumeID parsing error
-		klog.V(2).Info("parsing volumeID(%s) return with error: %v", volumeID, err)
+		klog.V(2).Infof("parsing volumeID(%s) return with error: %v", volumeID, err)
 		err = nil
 	}
 
diff --git a/pkg/blobplugin/Dockerfile b/pkg/blobplugin/Dockerfile
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM registry.k8s.io/build-image/debian-base:bullseye-v1.2.0
+FROM registry.k8s.io/build-image/debian-base:bullseye-v1.4.0
 
 ARG ARCH=amd64
 ARG binary=./_output/${ARCH}/blobplugin

Original file line number	Diff line number	Diff line change
`@@ -325,7 +325,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr`
`325`	`325`	`rgName, accountName, containerName, secretNamespace, err := GetContainerInfo(volumeID)`
`326`	`326`	`if err != nil {`
`327`	`327`	`// ignore volumeID parsing error`
`328`		`- klog.V(2).Info("parsing volumeID(%s) return with error: %v", volumeID, err)`
	`328`	`+ klog.V(2).Infof("parsing volumeID(%s) return with error: %v", volumeID, err)`
`329`	`329`	`err = nil`
`330`	`330`	`}`
`331`	`331`