Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: bump kube-webhook-certgen to 1.4.3 #2697

Merged
merged 4 commits into from
Oct 7, 2024
Merged

feat: bump kube-webhook-certgen to 1.4.3 #2697

merged 4 commits into from
Oct 7, 2024

Conversation

SandhyaRavi2403
Copy link
Contributor

What problem does this PR solve?:
bump kube-webhook-certgen to 1.4.3 with cve fix

`sandhya.ravi@GT9X7CVF5F kommander-applications % trivy i registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3
2024-10-03T00:20:37+05:30 INFO Vulnerability scanning is enabled
2024-10-03T00:20:37+05:30 INFO Secret scanning is enabled
2024-10-03T00:20:37+05:30 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-10-03T00:20:37+05:30 INFO Please see also https://aquasecurity.github.io/trivy/v0.53/docs/scanner/secret#recommendation for faster secret detection
2024-10-03T00:20:39+05:30 INFO Detected OS family="debian" version="12.6"
2024-10-03T00:20:39+05:30 INFO [debian] Detecting vulnerabilities... os_version="12" pkg_num=3
2024-10-03T00:20:39+05:30 INFO Number of language-specific files num=1
2024-10-03T00:20:39+05:30 INFO [gobinary] Detecting vulnerabilities...
2024-10-03T00:20:39+05:30 WARN Using severities from other vendors for some vulnerabilities. Read https://aquasecurity.github.io/trivy/v0.53/docs/scanner/vulnerability#severity-selection for details.

registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3 (debian 12.6)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)`

Which issue(s) does this PR fix?:
https://jira.nutanix.com/browse/NCN-102769

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

Checklist

  • If the PR adds a version bump, ensure there is no breaking change in Licensing model (or NA).
  • If a chart is changed or app configuration is significantly changed, the chart version is correctly incremented (so that apps are not automatically upgraded from a previous version of DKP).

@SandhyaRavi2403 SandhyaRavi2403 self-assigned this Oct 2, 2024
@github-actions github-actions bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. services/kube-prometheus-stack labels Oct 2, 2024
@mesosphere-ci mesosphere-ci added ok-to-test Signals mergebot that CI checks are ready to be kicked off do-not-merge/testing Do not merge because there is still on-going testing open-kommander-pr Automatically triggers the creation of a PR in Kommander repo update-licenses signals mergebot to update licenses.d2iq.yaml labels Oct 2, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 2, 2024

✅ Created Kommander branch to test kommander-applications changes: https://github.com/mesosphere/kommander/tree/kapps/main/sandy/cve-fix-kube-webhook-certgen

@coveralls
Copy link

coveralls commented Oct 2, 2024
edited
Loading

Pull Request Test Coverage Report for Build 11210849765

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 51.557%
Totals Coverage Status
Change from base Build 11185756974: 0.0%
Covered Lines: 149
Relevant Lines: 289
💛 - Coveralls

@SandhyaRavi2403 SandhyaRavi2403 removed the do-not-merge/testing Do not merge because there is still on-going testing label Oct 3, 2024
mhrabovcin
mhrabovcin reviewed Oct 3, 2024
View reviewed changes
licenses.d2iq.yaml Outdated Show resolved Hide resolved
@github-actions github-actions bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 3, 2024
@SandhyaRavi2403 SandhyaRavi2403 force-pushed the sandy/cve-fix-kube-webhook-certgen branch from e683ee6 to fc897d1 Compare October 3, 2024 10:21
mhrabovcin
mhrabovcin reviewed Oct 3, 2024
View reviewed changes
licenses.d2iq.yaml Outdated Show resolved Hide resolved
@mesosphere-ci mesosphere-ci added the do-not-merge/testing Do not merge because there is still on-going testing label Oct 3, 2024
@SandhyaRavi2403 SandhyaRavi2403 removed the do-not-merge/testing Do not merge because there is still on-going testing label Oct 3, 2024
@SandhyaRavi2403 SandhyaRavi2403 force-pushed the sandy/cve-fix-kube-webhook-certgen branch from 1f5449d to 409757e Compare October 4, 2024 13:40
@mesosphere-ci mesosphere-ci added the do-not-merge/testing Do not merge because there is still on-going testing label Oct 4, 2024
@SandhyaRavi2403 SandhyaRavi2403 removed the do-not-merge/testing Do not merge because there is still on-going testing label Oct 4, 2024
@SandhyaRavi2403 SandhyaRavi2403 force-pushed the sandy/cve-fix-kube-webhook-certgen branch from 409757e to 7fdebb9 Compare October 7, 2024 07:38
@mesosphere-ci mesosphere-ci added the do-not-merge/testing Do not merge because there is still on-going testing label Oct 7, 2024
@SandhyaRavi2403 SandhyaRavi2403 merged commit cf9140d into main Oct 7, 2024
44 checks passed
@SandhyaRavi2403 SandhyaRavi2403 deleted the sandy/cve-fix-kube-webhook-certgen branch October 7, 2024 11:28
@SandhyaRavi2403 SandhyaRavi2403 removed the do-not-merge/testing Do not merge because there is still on-going testing label Oct 7, 2024
ArvinderPal09 pushed a commit that referenced this pull request Oct 8, 2024
@SandhyaRavi2403 @ArvinderPal09
feat: bump kube-webhook-certgen to 1.4.3 (#2697)
9121d23 
* feat: bump kube-webhook-certgen to 1.4.3

* fix: address review comments

* fix: address review comments

* fix: address review comments
ArvinderPal09 added a commit that referenced this pull request Oct 8, 2024
@ArvinderPal09
Revert "feat: bump kube-webhook-certgen to 1.4.3 (#2697)"
5c2714f 
This reverts commit 9121d23.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhrabovcin mhrabovcin mhrabovcin approved these changes

Assignees

@SandhyaRavi2403 SandhyaRavi2403

Labels
ok-to-test Signals mergebot that CI checks are ready to be kicked off open-kommander-pr Automatically triggers the creation of a PR in Kommander repo services/kube-prometheus-stack size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. update-licenses signals mergebot to update licenses.d2iq.yaml
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SandhyaRavi2403 @coveralls @mhrabovcin @mesosphere-ci