Skip to content

chore(orchestrator): backport 1.9.6 CVE fixes#2642

Merged
JessicaJHee merged 1 commit into
redhat-developer:release-1.9from
JessicaJHee:orchestrator-1.9.6-cve
Jun 23, 2026
Merged

chore(orchestrator): backport 1.9.6 CVE fixes#2642
JessicaJHee merged 1 commit into
redhat-developer:release-1.9from
JessicaJHee:orchestrator-1.9.6-cve

Conversation

@JessicaJHee

Copy link
Copy Markdown
Member

Includes RHDH v1.9.6 CVE fixes, points to this PR: redhat-developer/rhdh-plugins#3524

@JessicaJHee

Copy link
Copy Markdown
Member Author

/publish

@github-actions

Copy link
Copy Markdown
Contributor

Publish workflow has completed with failure.

Publishing process

✅ Finished successfully.

✅ Published container images:

  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator:pr_2642__5.4.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend:pr_2642__8.6.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend-module-loki:pr_2642__1.0.7
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-form-widgets:pr_2642__1.6.10
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-scaffolder-backend-module-orchestrator:pr_2642__1.3.7

Backstage Compatibility Check

✅ All workspaces are compatible with the target Backstage version (1.45.3).

No action required.

Metadata Validation

❌ Found 5 validation error(s):

File Kind Message
redhat-backstage-plugin-orchestrator-backend-module-loki.yaml mismatch Version mismatch: expected "1.0.7" but got "1.0.6"
redhat-backstage-plugin-orchestrator-backend.yaml mismatch Version mismatch: expected "8.6.8" but got "8.6.7"
redhat-backstage-plugin-orchestrator-form-widgets.yaml mismatch Version mismatch: expected "1.6.10" but got "1.6.9"
redhat-backstage-plugin-orchestrator.yaml mismatch Version mismatch: expected "5.4.8" but got "5.4.7"
redhat-backstage-plugin-scaffolder-backend-module-orchestrator.yaml mismatch Version mismatch: expected "1.3.7" but got "1.3.6"

@github-actions github-actions Bot added release-branch-patch PR modifies workspace on a release branch workspace-update PR modifies files in an existing workspace labels Jun 22, 2026
@JessicaJHee JessicaJHee force-pushed the orchestrator-1.9.6-cve branch from b2d1440 to 066729c Compare June 22, 2026 18:01
@JessicaJHee

Copy link
Copy Markdown
Member Author

/publish

@github-actions

Copy link
Copy Markdown
Contributor

Publish workflow has completed with success.

Publishing process

✅ Finished successfully.

✅ Published container images:

  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator:pr_2642__5.4.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend:pr_2642__8.6.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend-module-loki:pr_2642__1.0.7
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-form-widgets:pr_2642__1.6.10
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-scaffolder-backend-module-orchestrator:pr_2642__1.3.7

Backstage Compatibility Check

✅ All workspaces are compatible with the target Backstage version (1.45.3).

No action required.

Metadata Validation

✅ All metadata files validated successfully.

No E2E tests available for this workspace.

@github-actions

Copy link
Copy Markdown
Contributor


Smoke tests workflow failed.

⚠️ Smoke tests failed. Check the workflow logs for details.

These plugins failed to load:
(startup-marker-missing)
(log-errors)

Error logs from container
�[2m2026-06-22T18:15:59.521Z�[22m �[34mbackstage�[39m �[32minfo�[39m Plugin initialization started: 'healthcheck', 'app', 'catalog', 'proxy', 'scaffolder', 'search', 'events', 'permission', 'auth', 'dynamic-plugins-info', 'scalprum', 'translations', 'licensed-users-info', 'orchestrator', 'user-settings' �[36mtype�[39m="initialization"
�[2m2026-06-22T18:15:59.693Z�[22m �[34morchestrator�[39m �[32minfo�[39m Initialize the Loki orchestrator backend module 
�[2m2026-06-22T18:15:59.694Z�[22m �[34mbackstage�[39m �[31merror�[39m Module loki in Plugin 'orchestrator' threw an error during startup, waiting for 14 other plugins to finish before shutting down the process. Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml' �[36mtype�[39m="initialization" �[36mcause�[39m={} �[36mname�[39m="Error" �[36mstack�[39m="Error: Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml'\n    at /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:285:27\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:284:19\n    at async processNode (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:181:22)\n    at async Promise.all (index 0)\n    at async processMoreNodes (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:176:7)\n    at async DependencyGraph.parallelTopologicalTraversal (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:195:5)\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:271:13\n    at async Promise.allSettled (index 13)\n    at async #doStart (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:242:21)\n    at async BackendInitializer.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:160:5)\n    at async BackstageBackend.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackstageBackend.cjs.js:19:5)"
�[2m2026-06-22T18:15:59.695Z�[22m �[34mbackstage�[39m �[31merror�[39m Plugin 'orchestrator' threw an error during startup, waiting for 13 other plugins to finish before shutting down the process. Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml' �[36mtype�[39m="initialization" �[36mcause�[39m={} �[36mname�[39m="Error" �[36mstack�[39m="Error: Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml'\n    at /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:285:27\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:284:19\n    at async processNode (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:181:22)\n    at async Promise.all (index 0)\n    at async processMoreNodes (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:176:7)\n    at async DependencyGraph.parallelTopologicalTraversal (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:195:5)\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:271:13\n    at async Promise.allSettled (index 13)\n    at async #doStart (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:242:21)\n    at async BackendInitializer.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:160:5)\n    at async BackstageBackend.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackstageBackend.cjs.js:19:5)"
�[2m2026-06-22T18:15:59.697Z�[22m �[34mauth�[39m �[32minfo�[39m Enabled Provider Factories : {} 
�[2m2026-06-22T18:15:59.697Z�[22m �[34msearch�[39m �[33mwarn�[39m Postgres search engine is not supported, skipping registration of search-backend-module-pg 
�[2m2026-06-22T18:16:01.440Z�[22m �[34mapp�[39m �[32minfo�[39m Storing 0 updated assets and 365 new assets 
�[2m2026-06-22T18:16:01.626Z�[22m �[34mbackstage�[39m �[32minfo�[39m Plugin initialization in progress, newly initialized: 'user-settings', 'scaffolder', 'catalog', 'permission', 'auth', still initializing: 'app' �[36mtype�[39m="initialization"
�[2m2026-06-22T18:16:01.629Z�[22m �[34mbackstage�[39m �[31merror�[39m Unhandled rejection Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml' �[36mtype�[39m="unhandledRejection" �[36mcause�[39m={} �[36mname�[39m="Error" �[36mstack�[39m="Error: Module 'loki' for plugin 'orchestrator' startup failed; caused by Error: Missing required config value at 'orchestrator.workflowLogProvider.loki.token' in 'app-config.dynamic-plugins.yaml'\n    at /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:285:27\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:284:19\n    at async processNode (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:181:22)\n    at async Promise.all (index 0)\n    at async processMoreNodes (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:176:7)\n    at async DependencyGraph.parallelTopologicalTraversal (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/lib/DependencyGraph.cjs.js:195:5)\n    at async /opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:271:13\n    at async Promise.allSettled (index 13)\n    at async #doStart (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:242:21)\n    at async BackendInitializer.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackendInitializer.cjs.js:160:5)\n    at async BackstageBackend.start (/opt/app-root/src/node_modules/@backstage/backend-app-api/dist/wiring/BackstageBackend.cjs.js:19:5)"
�[2m2026-06-22T18:16:03.625Z�[22m �[34mbackstage�[39m �[32minfo�[39m Plugin initialization in progress, newly initialized: 'app' �[36mtype�[39m="initialization"
�[2m2026-06-22T18:16:04.023Z�[22m �[34mrootHttpRouter�[39m �[32minfo�[39m [2026-06-22T18:16:04.023Z] "GET /health HTTP/1.1" 200 3453 "-" "curl/8.5.0" �[36mtype�[39m="incomingRequest" �[36mdate�[39m="2026-06-22T18:16:04.023Z" �[36mmethod�[39m="GET" �[36murl�[39m="/health" �[36mstatus�[39m=200 �[36mhttpVersion�[39m="1.1" �[36muserAgent�[39m="curl/8.5.0" �[36mcontentLength�[39m=3453

Signed-off-by: Jessica He <jhe@redhat.com>
@JessicaJHee JessicaJHee force-pushed the orchestrator-1.9.6-cve branch from 066729c to ea4b910 Compare June 23, 2026 13:08
@JessicaJHee

Copy link
Copy Markdown
Member Author

/publish

@github-actions

Copy link
Copy Markdown
Contributor

Publish workflow has completed with success.

Publishing process

✅ Finished successfully.

✅ Published container images:

  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator:pr_2642__5.4.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend:pr_2642__8.6.8
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-backend-module-loki:pr_2642__1.0.7
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-orchestrator-form-widgets:pr_2642__1.6.10
  • ghcr.io/redhat-developer/rhdh-plugin-export-overlays/red-hat-developer-hub-backstage-plugin-scaffolder-backend-module-orchestrator:pr_2642__1.3.7

Backstage Compatibility Check

✅ All workspaces are compatible with the target Backstage version (1.45.3).

No action required.

Metadata Validation

✅ All metadata files validated successfully.

No E2E tests available for this workspace.

@github-actions

Copy link
Copy Markdown
Contributor

Smoke tests workflow passed. All plugins loaded successfully.

@openshift-ci openshift-ci Bot added the lgtm label Jun 23, 2026
@JessicaJHee JessicaJHee merged commit 759cbbb into redhat-developer:release-1.9 Jun 23, 2026
4 checks passed
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

lgtm release-branch-patch PR modifies workspace on a release branch workspace-update PR modifies files in an existing workspace

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants