Accepting request 1199703 from server:monitoring

OBS-URL: https://build.opensuse.org/request/show/1199703 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/golang-github-prometheus-prometheus?expand=0&rev=47
2024-09-10 19:12:35 +00:00 · 2024-09-10 19:12:35 +00:00 · a7e7d17af4
commit a7e7d17af4
parent cf46897d64 242c581ea7
12 changed files with 118 additions and 88 deletions
--- a/0001-Do-not-force-the-pure-Go-name-resolver.patch
+++ b/0001-Do-not-force-the-pure-Go-name-resolver.patch
@ -1,4 +1,4 @@
-From e9458dc825ca19e306b1ded6433c5d25a1237c71 Mon Sep 17 00:00:00 2001
+From abe26292de2c69a14aa223d2ba866779e63d79cd Mon Sep 17 00:00:00 2001
 From: Jan Fajerski <jfajerski@suse.com>
 Date: Fri, 8 Feb 2019 09:17:06 +0100
 Subject: [PATCH] Do not force the pure Go name resolver
@ -16,7 +16,7 @@ Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/.promu.yml b/.promu.yml
-index e5e01181c..5fbce7825 100644
+index 0aa51d6d3..06c9c579d 100644
 --- a/.promu.yml
 +++ b/.promu.yml
@@ -12,12 +12,12 @@ build:
@ -33,6 +33,6 @@ index e5e01181c..5fbce7825 100644
     ldflags: |
         -X github.com/prometheus/common/version.Version={{.Version}}
         -X github.com/prometheus/common/version.Revision={{.Revision}}
--
+-- 
-2.43.0
+2.44.1
--- a/0002-Default-settings.patch
+++ b/0002-Default-settings.patch
@ -1,19 +1,19 @@
-From 06585754d2707a31fd4ab86b9b1ce82f7d55e78c Mon Sep 17 00:00:00 2001
+From 5d505396f2a4e1a9f5fd3ea57113fa58c968518e Mon Sep 17 00:00:00 2001
 From: Jan Fajerski <jfajerski@suse.com>
 Date: Fri, 8 Feb 2019 09:28:12 +0100
 Subject: [PATCH] Default settings
 Signed-off-by: Jan Fajerski <jfajerski@suse.com>
-Signed-off-by: Johannes Kastl <kastl@b1-systems.de>
+Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
 ---
 cmd/prometheus/main.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 diff --git a/cmd/prometheus/main.go b/cmd/prometheus/main.go
-index 9f4c50071..f7ec14c5f 100644
+index 1d844ddba..5580dfa57 100644
 --- a/cmd/prometheus/main.go
 +++ b/cmd/prometheus/main.go
-@@ -226,7 +226,7 @@ func main() {
+@@ -288,7 +288,7 @@ func main() {
 	a.HelpFlag.Short('h')
 	a.Flag("config.file", "Prometheus configuration file path.").
@ -22,8 +22,8 @@ index 9f4c50071..f7ec14c5f 100644
 	a.Flag("web.listen-address", "Address to listen on for UI, API, and telemetry.").
 		Default("0.0.0.0:9090").StringVar(&cfg.web.ListenAddress)
-@@ -261,10 +261,10 @@ func main() {
+@@ -335,10 +335,10 @@ func main() {
- 		Default("false").BoolVar(&cfg.web.EnableRemoteWriteReceiver)
+ 		Default(supportedRemoteWriteProtoMsgs.Strings()...).SetValue(rwProtoMsgFlagValue(&cfg.web.AcceptRemoteWriteProtoMsgs))
 	a.Flag("web.console.templates", "Path to the console template directory, available at /consoles.").
 -		Default("consoles").StringVar(&cfg.web.ConsoleTemplatesPath)
@ -35,7 +35,7 @@ index 9f4c50071..f7ec14c5f 100644
 	a.Flag("web.page-title", "Document title of Prometheus instance.").
 		Default("Prometheus Time Series Collection and Processing Server").StringVar(&cfg.web.PageTitle)
-@@ -273,7 +273,7 @@ func main() {
+@@ -347,7 +347,7 @@ func main() {
 		Default(".*").StringVar(&cfg.corsRegexString)
 	serverOnlyFlag(a, "storage.tsdb.path", "Base path for metrics storage.").
@ -45,5 +45,5 @@ index 9f4c50071..f7ec14c5f 100644
 	serverOnlyFlag(a, "storage.tsdb.min-block-duration", "Minimum duration of a data block before being persisted. For use in testing.").
 		Hidden().Default("2h").SetValue(&cfg.tsdb.MinBlockDuration)
 -- 
-2.39.0
+2.44.1
--- a/0003-Bump-go-retryablehttp.patch
+++ b/0003-Bump-go-retryablehttp.patch
@ -1,61 +0,0 @@
 From 4d25a94faa74e0a16e4bb7874c1d82faaf911d85 Mon Sep 17 00:00:00 2001
 From: Daniel Mellado <dmellado@redhat.com>
 Date: Tue, 25 Jun 2024 16:31:03 +0200
 Subject: [PATCH] Bump go-retryablehttp to fix basic auth creds leak
 This PR updates go-retryablehttp to version 0.7.7, even if it's used as
 an indirect import. Versions previous to that can didn't sanitize urls,
 discussed at HDCSEC-2024-12 [1]
 [1] https://discuss.hashicorp.com/t/hcsec-2024-12-go-retryablehttp-can-leak-basic-auth-credentials-to-log-files/68027
 Signed-off-by: Daniel Mellado <dmellado@redhat.com>
 ---
 go.mod | 4 ++--
 go.sum | 9 ++++-----
 2 files changed, 6 insertions(+), 7 deletions(-)
 diff --git a/go.mod b/go.mod
 index ac8b4f469d0..ce2f0714a0a 100644
 --- a/go.mod
 +++ b/go.mod
@@ -146,10 +146,10 @@ require (
 	github.com/hashicorp/cronexpr v1.1.2 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 -	github.com/hashicorp/go-hclog v1.5.0 // indirect
 +	github.com/hashicorp/go-hclog v1.6.3 // indirect
 	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 -	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
 +	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
 	github.com/hashicorp/golang-lru v0.6.0 // indirect
 	github.com/hashicorp/serf v0.10.1 // indirect
 diff --git a/go.sum b/go.sum
 index 06db002f55b..956b9d89492 100644
 --- a/go.sum
 +++ b/go.sum
@@ -369,9 +369,8 @@ github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng
 github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
 -github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
 -github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
 -github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
 +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
 +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
 github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
 github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
 github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
@@ -383,8 +382,8 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+
 github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
 github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
 github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
 -github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
 -github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
 +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
 +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
 github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
 github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
 github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
--- a/4
+++ b/4
@ -4,7 +4,7 @@
    <param name="scm">git</param>
    <param name="exclude">.git</param>
    <param name="versionformat">@PARENT_TAG@</param>
-    <param name="revision">v2.53.0</param>
+    <param name="revision">v2.54.0</param>
    <param name="versionrewrite-pattern">v(.*)</param>
    <param name="match-tag">v2*</param>
  </service>
@ -13,6 +13,6 @@
    <param name="compression">gz</param>
  </service>
  <service name="go_modules" mode="manual">
-    <param name="archive">prometheus-2.53.0.tar.gz</param>
+    <param name="archive">prometheus-2.54.0.tar.gz</param>
  </service>
 </services>
--- a/golang-github-prometheus-prometheus.changes
+++ b/golang-github-prometheus-prometheus.changes
@ -1,3 +1,96 @@
 -------------------------------------------------------------------
 Fri Aug 16 18:49:21 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
 - drop patch 0003-Bump-go-retryablehttp.patch
 - update to 2.54.0:
  Release 2.54 brings a release candidate of a major new version of
  Remote Write: 2.0.
  This is experimental at this time and may still change.
  Remote-write v2 is enabled by default, but can be disabled via
  feature-flag web.remote-write-receiver.accepted-protobuf-messages.
  * [CHANGE] Remote-Write: highest_timestamp_in_seconds and
    queue_highest_sent_timestamp_seconds metrics now initialized to
    0. #14437
  * [CHANGE] API: Split warnings from info annotations in API
    response. #14327
  * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
    in WAL via feature flag metadata-wal-records (defaults on).
    #14395,#14427,#14444
  * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
    operators. #12503
  * [ENHANCEMENT] PromQL: Accept underscores in literal numbers,
    e.g. 1_000_000 for 1 million. #12821
  * [ENHANCEMENT] PromQL: float literal numbers and durations are
    now interchangeable (experimental). Example: time() -
    my_timestamp > 10m. #9138
  * [ENHANCEMENT] PromQL: use Kahan summation for sum().
    #14074,#14362
  * [ENHANCEMENT] PromQL (experimental native histograms): Optimize
    histogram_count and histogram_sum functions. #14097
  * [ENHANCEMENT] TSDB: Better support for out-of-order
    experimental native histogram samples. #14438
  * [ENHANCEMENT] TSDB: Optimise seek within index. #14393
  * [ENHANCEMENT] TSDB: Optimise deletion of stale series. #14307
  * [ENHANCEMENT] TSDB: Reduce locking to optimise adding and
    removing series. #13286,#14286
  * [ENHANCEMENT] TSDB: Small optimisation: streamline special
    handling for out-of-order data. #14396,#14584
  * [ENHANCEMENT] Regexps: Optimize patterns with multiple
    prefixes. #13843,#14368
  * [ENHANCEMENT] Regexps: Optimize patterns containing multiple
    literal strings. #14173
  * [ENHANCEMENT] AWS SD: expose Primary IPv6 addresses as
    __meta_ec2_primary_ipv6_addresses. #14156
  * [ENHANCEMENT] Docker SD: add MatchFirstNetwork for containers
    with multiple networks. #10490
  * [ENHANCEMENT] OpenStack SD: Use flavor.original_name if
    available. #14312
  * [ENHANCEMENT] UI (experimental native histograms): more
    accurate representation. #13680,#14430
  * [ENHANCEMENT] Agent: out_of_order_time_window config option now
    applies to agent. #14094
  * [ENHANCEMENT] Notifier: Send any outstanding Alertmanager
    notifications when shutting down. #14290
  * [ENHANCEMENT] Rules: Add label-matcher support to Rules API.
    #10194
  * [ENHANCEMENT] HTTP API: Add url to message logged on error
    while sending response. #14209
  * [BUGFIX] CLI: escape | characters when generating docs. #14420
  * [BUGFIX] PromQL (experimental native histograms): Fix some
    binary operators between native histogram values. #14454
  * [BUGFIX] TSDB: LabelNames API could fail during compaction.
    #14279
  * [BUGFIX] TSDB: Fix rare issue where pending OOO read can be
    left dangling if creating querier fails. #14341
  * [BUGFIX] TSDB: fix check for context cancellation in
    LabelNamesFor. #14302
  * [BUGFIX] Rules: Fix rare panic on reload. #14366
  * [BUGFIX] Config: In YAML marshalling, do not output a regexp
    field if it was never set. #14004
  * [BUGFIX] Remote-Write: reject samples with future timestamps.
    #14304
  * [BUGFIX] Remote-Write: Fix data corruption in remote write if
    max_sample_age is applied. #14078
  * [BUGFIX] Notifier: Fix Alertmanager discovery not updating
    under heavy load. #14174
  * [BUGFIX] Regexes: some Unicode characters were not matched by
    case-insensitive comparison. #14170,#14299
  * [BUGFIX] Remote-Read: Resolve occasional segmentation fault on
    query. #14515
 -------------------------------------------------------------------
 Wed Jul 10 19:11:20 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
 - update to 2.53.1:
  This is a bug-fix release, reverting a change introduced in v2.51.0.
  * [BUGFIX] Remote-write: stop dropping samples in catch-up #14446
    The bug was that remote-write would drop samples if the sending
    flow stalled for longer than it takes to write one "WAL
    segment". How long this takes depends on the data rate of your
    Prometheus; as a rough guide with 10 million series scraping
    once per minute it could be about 5 minutes. The issue is
    #14087.
 -------------------------------------------------------------------
 Fri Jun 28 15:31:44 UTC 2024 - Witek Bedyk <witold.bedyk@suse.com>
--- a/golang-github-prometheus-prometheus.spec
+++ b/golang-github-prometheus-prometheus.spec
@ -27,7 +27,7 @@
 %endif
 Name:           golang-github-prometheus-prometheus
-Version:        2.53.0
+Version:        2.54.0
 Release:        0
 Summary:        The Prometheus monitoring system and time series database
 License:        Apache-2.0
@ -47,8 +47,6 @@ Source9:        PACKAGING_README.md
 Patch1:         0001-Do-not-force-the-pure-Go-name-resolver.patch
 # Lifted from Debian's prometheus package
 Patch2:         0002-Default-settings.patch
 # https://github.com/prometheus/prometheus/pull/14345 (CVE-2024-6104)
 Patch3:         0003-Bump-go-retryablehttp.patch
 BuildRequires:  fdupes
 %if 0%{?suse_version} == 1500 && 0%{?sle_version} < 150300
 BuildRequires:  firewall-macros
--- a/npm_licenses.tar.bz2
+++ b/npm_licenses.tar.bz2
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:4db00e4ca449d51771ac01b6e520832524c9af37a670da56ab2a3a267b023f08
+oid sha256:1253e3a02d6a6c774686cb414d69f17b52f6e1b8cd2ca47cd3690cf522061251
-size 168478
+size 168914
--- a/prometheus-2.53.0.tar.gz
+++ b/prometheus-2.53.0.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:2cf137bb8057c8634a5c25ac4b3717dfc9cbc6b81f3f0e5e6894dab797f256d7
 size 6317918
--- a/prometheus-2.54.0.tar.gz
+++ b/prometheus-2.54.0.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:3425b96304551b524854f9d08d4dbaa70df3e04343b772373040b7217c81b2c7
 size 6411184
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:e2b0c9f3ae8bc6f0bca709480472cc891f1537c218d4d4b9bbc9dbae2aefcf8f
+oid sha256:2d85b4fb98ec75410384d4d270de0f83554f41ecfe448c2f1c061f975161025c
-size 15117166
+size 14596283
--- a/web-ui-2.53.0.tar.gz
+++ b/web-ui-2.53.0.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:7a6f8def612ce4658afe2b7a0c78b388d19348e749f42b64e8e237795fc3a20a
 size 3603395
--- a/web-ui-2.54.0.tar.gz
+++ b/web-ui-2.54.0.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:986a7cd4b5ed99f051b5406e27b1e5d2262fcb3dfad2efa356a3ebaad3800351
 size 3679048